Site domlogs will not rotate

[celiac101]

I am having issue where the individual site domlogs will not auto rotate, which are located in:
/usr/local/apache/domlogs/

I've checked all the various settings that I can think of, and all log rotation settings seem to be set correctly, however they will not rotate.

Any help with resolving this would be highly appreciated...thank you!

 

[cPanelWilliam]

Hi!

The main setting you can enable/disable to control domlog rotation would be in WHM > Tweak Settings > Stats and Logs > "Delete each domain’s access logs after statistics are gathered". If this setting is turned off, the domlogs would just grow forever until something else that isn't WHM/cPanel rotates them.

Since the domlog rotation is done by the cPanel Statistics system, you can check the stats_log ( /usr/local/cpanel/logs/stats_log ) or WHM > Statistics Software Configuration to see if the server is having issues with processing statistics, which would impact the domain logs. If you need additional control of this, I would recommend configuring logrotate to rotate the domlogs:

How to modify logrotate configurations

 

[celiac101]

Thank you for the reply.

This is ON: WHM > Tweak Settings > Stats and Logs > "Delete each domain’s access logs after statistics are gathered"

Under WHM > Statistics Software Configuration the log rogations is set to the defaults, however I have unchecked all of these to speed up the server (doesn't everyone use Google Analytics now to track this stuff?):

Generators Configuration

• Analog - OFF
• Awstats - OFF
• Webalizer - OFF

Will the logs not rotate at all if I don't have one of these turned on?

 

[cPRex]

Even with those set to "off" i would still expect the rotation to happen. The process will just run and then note that no logging software is enabled, and then moves on with the rotation.

It might be best to create a ticket for this issue so we can see the problem in action on your machine.

 

[celiac101]

So I tried turning on Awstats and it still would not rotate any user logs. I finally found an old post here that told me I needed to create this file:
/etc/logrotate.d/apache

with this content
/usr/local/apache/domlogs/mysite.com-ssl_log {
rotate 9
daily
compress
}

and finally the site log is rotating. I don't know if I will create a ticket at this point, but it does seem like something isn't right in WHM if you can't make this happen without doing what I had to do.

 

[cPRex]

I'd definitely make a ticket. It will be much easier for us to reproduce it on your machine where it's already happening than to try and setup an exact test environment for this issue.

 

[celiac101]

The script I added seemed to do the trick, however, I get an email each day when it runs. Is there something I could add to this script that would stop this email from sending?

 

[cPRex]

The logrotate script is sending you emails? You might need to check the header of the message to determine exactly what is sending that, but if it is a cronjob you would add "> /dev/null 2>&1" to the end of the cron to stop that notification.

 

[celiac101]

Thank you for the reply!

I did try adding /dev/null 2>&1 to various areas in that script, but the emails still come. Here is what I tried:

/usr/local/apache/domlogs/mysite.com-ssl_log /dev/null 2>&1 {
rotate 9
daily
compress
}



/usr/local/apache/domlogs/mysite.com-ssl_log {
rotate 9
daily
compress /dev/null 2>&1
}


/usr/local/apache/domlogs/mysite.com-ssl_log {
rotate 9
daily
compress
} /dev/null 2>&1

 

[cPRex]

Can you confirm the emails are coming directly from logrotate?

 

[celiac101]

Yes, they started as soon as I added this file /etc/logrotate.d/apache

with this content:
/usr/local/apache/domlogs/mysite.com-ssl_log {
rotate 9
daily
compress
}

 

[cPRex]

That's interesting, as I don't see how adding that configuration could start generating an email. Could you submit a support ticket to our team so we can check this out directly on the system?

 

[celiac101]

I'm not sure I'll do a ticket for this, but perhaps this helps. Here is today's email:

Subject: Anacron job 'cron.daily' on mydomain.com
Date: Wed, 12 Oct 2022 03:16:40 -0700


/etc/cron.daily/logrotate:


gzip: stdin: file size changed while zipping

 

[cPRex]

That definitely confirms it's logrotate, and that the file is still being used when the process is happening.

Is there a reason you're hesitant to submit a ticket?

 

[celiac101]

The less people in my server the better. Only critical stuff for me, but thanks. Also, having to update passwords across devices and FTP programs, etc. is a real pain.

 

[cPRex]

That makes sense, and I completely understand.