logrotate: Rotate Suricata logs daily

This patch also cleans up what happens. Logrotate will automatically
delete any old log files and does not require any extra commands.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

diff --git a/config/etc/logrotate.conf b/config/etc/logrotate.conf
index c5f9883c7f1e0f665e3f31a330d146b19652ca85..2f79de9334d57d0b52717473b4325a099bd14d77 100644 (file)
--- a/config/etc/logrotate.conf
+++ b/config/etc/logrotate.conf
@@ -29,14 +29,12 @@ include /etc/logrotate.d
 }
 
 /var/log/suricata/*.log {
-    weekly
+    daily
     copytruncate
-    compress
-    ifempty
+    notifempty
     missingok
+    sharedscripts
     postrotate
-       /bin/find /var/log/suricata -path '/var/log/suricata/[0-9]*' -prune -exec /bin/rm -rf {} \;
-       /bin/find /var/log/suricata -name 'fast.log.*' -mtime +28 -exec /bin/rm -rf {} \;
        /bin/kill -HUP `cat /var/run/suricata.pid 2> /dev/null` 2> /dev/null || true
     endscript
 }

diff --git a/config/rootfiles/core/202/filelists/files b/config/rootfiles/core/202/filelists/files
index ebaef17171c63aa3de21238e9f3e6f79ca3b2c88..50fe9d2c2808468f856bfad0be0edee5c6340e65 100644 (file)
--- a/config/rootfiles/core/202/filelists/files
+++ b/config/rootfiles/core/202/filelists/files
@@ -1,3 +1,4 @@
+etc/logrotate.conf
 etc/rc.d/init.d/firewall
 etc/rc.d/init.d/sysklogd
 etc/rc.d/init.d/unbound