Apache日志分割——rotatelogs分割工具

日志分割

1.随着网站的访问量增加，默认情况下Apache的单个日志文件也会越来越大
（1）日志文件占用磁盘空间很大查看相关信息不方便
2.对日志文件进行分割
（1）Apache自带rotatelogs分割工具实现
（2）第三方工具cronolog分割

rotatelogs分割工具

1.配置网站的日志文件转交给rotatelogs分割处理
2.配置格式为
（1）错误日志
ErrorLog“| rotatelogs命令的绝对路径 -l 日志文件路径/网站名-error_%Y%m%d.log 86400%
（2）日常日志
CustomLog "| rotatelogs命令路径 -l 日志文件路径/网站名-access%Y%m%d.log 86400" combined

具体操作：

[root@localhost ~]# cd /usr/bin/
[root@localhost bin]# ls rotat*
ls: 无法访问rotat*: 没有那个文件或目录
[root@localhost bin]# cd /usr/sbin/
[root@localhost sbin]# ls rotat*
ls: 无法访问rotat*: 没有那个文件或目录

安装httpd服务
[root@localhost sbin]# yum install httpd -y

再进行查看
[root@localhost sbin]# ls rotat*
rotatelogs
[root@localhost sbin]# pwd
/usr/sbin
[root@localhost sbin]# cd /usr/bin/
[root@localhost bin]# ls rotat*
ls: 无法访问rotat*: 没有那个文件或目录

HTTP配置文件
[root@localhost bin]# cd /var/log/httpd/
[root@localhost httpd]# ls
[root@localhost httpd]# vim /etc/httpd/conf/httpd.conf 
Listen 192.168.35.130:80
#Listen 80
ServerName www.kgc.com:80

关闭防火墙，开启HTTP服务
[root@localhost httpd]# systemctl stop firewalld.service 
[root@localhost httpd]# setenforce 0
[root@localhost httpd]# systemctl start httpd

查看日志
[root@localhost httpd]# ls /var/log/httpd/
access_log  error_log
[root@localhost httpd]# cd /var/log/httpd/
[root@localhost httpd]# ls
access_log  error_log
[root@localhost httpd]# cat access_log       #没有日志文件
[root@localhost httpd]# cat error_log 
[Fri Oct 25 10:05:23.786581 2019] [core:notice] [pid 3134] SELinux policy enabled; httpd running as context system_u:system_r:httpd_t:s0
[Fri Oct 25 10:05:23.787204 2019] [suexec:notice] [pid 3134] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Fri Oct 25 10:05:23.794184 2019] [lbmethod_heartbeat:notice] [pid 3134] AH02282: No slotmem from mod_heartmonitor
[Fri Oct 25 10:05:23.796334 2019] [mpm_prefork:notice] [pid 3134] AH00163: Apache/2.4.6 (CentOS) configured -- resuming normal operations
[Fri Oct 25 10:05:23.796346 2019] [core:notice] [pid 3134] AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND'

在Windows10中进行IP访问，再查看日志
[root@localhost httpd]# cat access_log 
192.168.35.128 - - [25/Oct/2019:10:11:14 +0800] "GET / HTTP/1.1" 403 4897 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.10240"
192.168.35.128 - - [25/Oct/2019:10:11:14 +0800] "GET /noindex/css/bootstrap.min.css HTTP/1.1" 200 19341 "http://192.168.35.130/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.10240"
192.168.35.128 - - [25/Oct/2019:10:11:14 +0800] "GET /noindex/css/open-sans.css HTTP/1.1" 200 5081 "http://192.168.35.130/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.10240"
192.168.35.128 - - [25/Oct/2019:10:11:14 +0800] "GET /images/apache_pb.gif HTTP/1.1" 200 2326 "http://192.168.35.130/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.10240"
192.168.35.128 - - [25/Oct/2019:10:11:14 +0800] "GET /images/poweredby.png HTTP/1.1" 200 3956 "http://192.168.35.130/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.10240"
192.168.35.128 - - [25/Oct/2019:10:11:15 +0800] "GET /noindex/css/fonts/Light/OpenSans-Light.woff HTTP/1.1" 404 241 "http://192.168.35.130/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.10240"
192.168.35.128 - - [25/Oct/2019:10:11:15 +0800] "GET /noindex/css/fonts/Italic/OpenSans-Italic.woff HTTP/1.1" 404 243 "http://192.168.35.130/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.10240"
192.168.35.128 - - [25/Oct/2019:10:11:15 +0800] "GET /noindex/css/fonts/Regular/OpenSans-Regular.woff HTTP/1.1" 404 245 "http://192.168.35.130/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.10240"
192.168.35.128 - - [25/Oct/2019:10:11:15 +0800] "GET /noindex/css/fonts/Semibold/OpenSans-Semibold.woff HTTP/1.1" 404 247 "http://192.168.35.130/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.10240"
192.168.35.128 - - [25/Oct/2019:10:11:15 +0800] "GET /noindex/css/fonts/LightItalic/OpenSans-LightItalic.woff HTTP/1.1" 404 253 "http://192.168.35.130/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.10240"
192.168.35.128 - - [25/Oct/2019:10:11:15 +0800] "GET /noindex/css/fonts/SemiboldItalic/OpenSans-SemiboldItalic.woff HTTP/1.1" 404 259 "http://192.168.35.130/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.10240"
192.168.35.128 - - [25/Oct/2019:10:11:15 +0800] "GET /noindex/css/fonts/ExtraBoldItalic/OpenSans-ExtraBoldItalic.woff HTTP/1.1" 404 261 "http://192.168.35.130/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.10240"
192.168.35.128 - - [25/Oct/2019:10:11:15 +0800] "GET /noindex/css/fonts/ExtraBold/OpenSans-ExtraBold.woff HTTP/1.1" 404 249 "http://192.168.35.130/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.10240"
192.168.35.128 - - [25/Oct/2019:10:11:15 +0800] "GET /noindex/css/fonts/Bold/OpenSans-Bold.woff HTTP/1.1" 404 239 "http://192.168.35.130/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.10240"
192.168.35.128 - - [25/Oct/2019:10:11:15 +0800] "GET /noindex/css/fonts/BoldItalic/OpenSans-BoldItalic.woff HTTP/1.1" 404 251 "http://192.168.35.130/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.10240"
192.168.35.128 - - [25/Oct/2019:10:11:15 +0800] "GET /noindex/css/fonts/Light/OpenSans-Light.ttf HTTP/1.1" 404 240 "http://192.168.35.130/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.10240"
192.168.35.128 - - [25/Oct/2019:10:11:15 +0800] "GET /noindex/css/fonts/LightItalic/OpenSans-LightItalic.ttf HTTP/1.1" 404 252 "http://192.168.35.130/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.10240"
192.168.35.128 - - [25/Oct/2019:10:11:15 +0800] "GET /noindex/css/fonts/Semibold/OpenSans-Semibold.ttf HTTP/1.1" 404 246 "http://192.168.35.130/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.10240"
192.168.35.128 - - [25/Oct/2019:10:11:15 +0800] "GET /noindex/css/fonts/BoldItalic/OpenSans-BoldItalic.ttf HTTP/1.1" 404 250 "http://192.168.35.130/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.10240"
192.168.35.128 - - [25/Oct/2019:10:11:15 +0800] "GET /noindex/css/fonts/Regular/OpenSans-Regular.ttf HTTP/1.1" 404 244 "http://192.168.35.130/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.10240"
192.168.35.128 - - [25/Oct/2019:10:11:15 +0800] "GET /noindex/css/fonts/Bold/OpenSans-Bold.ttf HTTP/1.1" 404 238 "http://192.168.35.130/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.10240"
192.168.35.128 - - [25/Oct/2019:10:11:15 +0800] "GET /noindex/css/fonts/SemiboldItalic/OpenSans-SemiboldItalic.ttf HTTP/1.1" 404 258 "http://192.168.35.130/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.10240"
192.168.35.128 - - [25/Oct/2019:10:11:15 +0800] "GET /noindex/css/fonts/ExtraBold/OpenSans-ExtraBold.ttf HTTP/1.1" 404 248 "http://192.168.35.130/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.10240"
192.168.35.128 - - [25/Oct/2019:10:11:15 +0800] "GET /noindex/css/fonts/Italic/OpenSans-Italic.ttf HTTP/1.1" 404 242 "http://192.168.35.130/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.10240"
192.168.35.128 - - [25/Oct/2019:10:11:15 +0800] "GET /noindex/css/fonts/ExtraBoldItalic/OpenSans-ExtraBoldItalic.ttf HTTP/1.1" 404 260 "http://192.168.35.130/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.10240"
192.168.35.128 - - [25/Oct/2019:10:11:15 +0800] "GET /favicon.ico HTTP/1.1" 404 209 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.10240"
192.168.35.130 - - [25/Oct/2019:10:11:22 +0800] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.6 (CentOS) (internal dummy connection)"
192.168.35.130 - - [25/Oct/2019:10:11:23 +0800] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.4.6 (CentOS) (internal dummy connection)"
192.168.35.128 - - [25/Oct/2019:10:12:06 +0800] "-" 408 - "-" "-"

日志分割
[root@localhost httpd]# cd /etc/httpd/
[root@localhost httpd]# ls
conf  conf.d  conf.modules.d  logs  modules  run
[root@localhost httpd]# ls -l
总用量 0
drwxr-xr-x. 2 root root  37 10月 25 10:04 conf
drwxr-xr-x. 2 root root  82 10月 25 09:40 conf.d
drwxr-xr-x. 2 root root 146 10月 25 09:40 conf.modules.d
lrwxrwxrwx. 1 root root  19 10月 25 09:40 logs -> ../../var/log/httpd
lrwxrwxrwx. 1 root root  29 10月 25 09:40 modules -> ../../usr/lib64/httpd/modules
lrwxrwxrwx. 1 root root  10 10月 25 09:40 run -> /run/httpd
[root@localhost httpd]# cd conf
[root@localhost conf]# ls
httpd.conf  magic

[root@localhost conf]# vim httpd.conf 
182 #ErrorLog "logs/error_log"
183 ErrorLog "| /usr/sbin/rotatelogs -l logs/www.kgc.com.error_%Y%m%dlog 86400"
218     CustomLog "| /usr/sbin/rotatelogs -l logs/www.kgc.com.error_%Y%m%dlog 86400" combined

关闭服务在开启服务，再查看
[root@localhost conf]# systemctl stop httpd
[root@localhost conf]# systemctl start httpd
[root@localhost conf]# cd /var/log/httpd/
[root@localhost httpd]# ls
access_log  error_log  www.kgc.com.error_20191025log

把时间往后推一天，在进行查看
[root@localhost httpd]# date
2019年 10月 25日 星期五 10:29:30 CST
[root@localhost httpd]# date -s 10/26/2019
2019年 10月 26日 星期六 00:00:00 CST
[root@localhost httpd]# systemctl stop httpd
[root@localhost httpd]# systemctl start httpd
[root@localhost httpd]# ls
access_log  error_log  www.kgc.com.error_20191025log  www.kgc.com.error_20191026log