From: Balázs Bárány (balazs~AT~tud.at)
Date: Sun Jan 11 2004 - 07:34:47 CET
Hello,
> trimming fwanalog.all.log every once in awhile to keep it's growth under
> control?
That can be a good idea if you are running out of disk space or the
fwanalog run times are too high. If not, it's nicer not to throw away
historic information.
> I guess. If I tell it to just report against all the log files I
> collect in a directory, then it will do day 1 one day, then day one AND
fwanalog keeps its old data in fwanalog.all.log. You need only the current
logfiles from your firewall to add to it. So as long as you have the one
week old data in your fwanalog.all.log, fwanalog will be able to generate
weekly logs.
> Lots of duplicate lines will be created. Is this where I need to use
that happens if `find` doesn't list the files in the right order.
Normally, the files are listed like this:
/var/log/messages /var/log/messages.0 /var/log/messages.1.gz
etc.
Of course, here messages.1.gz is the oldest file, messages.0 newer, and messages is current.
If you use logfile-20040110, logfile-2004011 etc., the file with the higher date is newer.
Regards
-- _________________________________________________________________________ Balázs Bárány balazs~AT~tud.at http://tud.at ICQ 10747763 A good engineer will make considerable effort to avoid additional effort.
This archive was generated by hypermail 2.1.5 : Wed Jan 28 2004 - 06:02:03 CET