Nagios Support Forum

Hello,

the log rotation is not working on the nagiosxi server. last rotation happening on last year. When checking other os logs its rotating, only nagios logs are not rotating this log systat.log is around 53GB

[root@in-nagios-a logrotate.d]# cat /var/lib/logrotate/logrotate.status | grep sysstat.log
"/usr/local/nagiosxi/var/sysstat.log" 2020-9-9-3:0:0

Hello @mejokj

Thanks for reaching out about logrotation issues that you are experiencing.

Let's force a run-through on the logrotation so we can see the output results and here is the command. The command will log to /tmp/logrotate_results.txt. Please zip this and send this to me via Private Message.
Also, we would like to see the Nagios System Profile so we can see what is going on. To send us your system profile:

• Login to the Nagios XI GUI using a web browser.
• Click the "Admin" > "System Profile" Menu
• Click the "Download Profile" button
• Save profile.zip file and share

Thanks,
Perry

Hello @mejokj

To follow up on my previous response, I would like to also take a look at the log rotation configuration set:
Thanks,
Perry

Below is the result after running the command for rotating logs.

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++==
Allocating hash table for state file, size 15360 B

Handling 3 logs

rotating pattern: /usr/local/nagiosxi/var/*log forced from command line (no old logs will be kept)
empty log files are not rotated, old logs are removed
considering log /usr/local/nagiosxi/var/cleaner.log
error: skipping "/usr/local/nagiosxi/var/cleaner.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
considering log /usr/local/nagiosxi/var/cmdsubsys.log
error: skipping "/usr/local/nagiosxi/var/cmdsubsys.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
considering log /usr/local/nagiosxi/var/dbmaint.log
error: skipping "/usr/local/nagiosxi/var/dbmaint.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
considering log /usr/local/nagiosxi/var/deadpool.log
error: skipping "/usr/local/nagiosxi/var/deadpool.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
considering log /usr/local/nagiosxi/var/event_handler.log
error: skipping "/usr/local/nagiosxi/var/event_handler.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
considering log /usr/local/nagiosxi/var/eventman.log
error: skipping "/usr/local/nagiosxi/var/eventman.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
considering log /usr/local/nagiosxi/var/feedproc.log
error: skipping "/usr/local/nagiosxi/var/feedproc.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
considering log /usr/local/nagiosxi/var/load_url.log
error: skipping "/usr/local/nagiosxi/var/load_url.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
considering log /usr/local/nagiosxi/var/nom.log
error: skipping "/usr/local/nagiosxi/var/nom.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
considering log /usr/local/nagiosxi/var/perfdataproc.log
error: skipping "/usr/local/nagiosxi/var/perfdataproc.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
considering log /usr/local/nagiosxi/var/recurringdowntime.log
error: skipping "/usr/local/nagiosxi/var/recurringdowntime.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
considering log /usr/local/nagiosxi/var/reportengine.log
error: skipping "/usr/local/nagiosxi/var/reportengine.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
considering log /usr/local/nagiosxi/var/scheduledreporting.log
error: skipping "/usr/local/nagiosxi/var/scheduledreporting.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
considering log /usr/local/nagiosxi/var/snmptt_service_results.log
error: skipping "/usr/local/nagiosxi/var/snmptt_service_results.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.
considering log /usr/local/nagiosxi/var/sysstat.log
error: skipping "/usr/local/nagiosxi/var/sysstat.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.

rotating pattern: /usr/local/nagiosxi/var/xidebug.log forced from command line (1 rotations)
empty log files are not rotated, old logs are removed
considering log /usr/local/nagiosxi/var/xidebug.log
error: skipping "/usr/local/nagiosxi/var/xidebug.log" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.

rotating pattern: /usr/local/nagiosxi/var/xidebug.log.backtrace forced from command line (1 rotations)
empty log files are not rotated, old logs are removed
considering log /usr/local/nagiosxi/var/xidebug.log.backtrace
error: skipping "/usr/local/nagiosxi/var/xidebug.log.backtrace" because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation.

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++==




[root@in-nagios-a log]# cat /tmp/logrotate.txt
/usr/local/nagiosxi/var/*log {
missingok
notifempty
}

/usr/local/nagiosxi/var/xidebug.log {
missingok
notifempty
size 100M
create 0660 apache nagios
rotate 1
compress
}

/usr/local/nagiosxi/var/xidebug.log.backtrace {
missingok
notifempty
size 100M
create 0660 apache nagios
rotate 1
compress
}[root@in-nagi



++++++++++++++++


I will send the system profile separately

Hello @mejokj

Thanks for following up and providing the results. We see that we are receiving insecure permissions error messages during the logrotate process.

because parent directory has insecure permissions (It's world writable or writable by group which is not "root") Set "su" directive in config file to tell logrotate which user/group should be used for rotation

Appears that the '/etc/logrotate.d/nagiosxi' are missing the su directive in the logrotation for each configuration. Please see the example that I pulled from my test environment:

/usr/local/nagiosxi/var/*log {
missingok
notifempty
size 5M
copytruncate
su nagios nagios
rotate 1
compress
}

/usr/local/nagiosxi/var/xidebug.log {
missingok
notifempty
size 100M
copytruncate
create 0660 apache nagios
su apache nagios
rotate 1
compress
}

/usr/local/nagiosxi/var/xidebug.log.backtrace {
missingok
notifempty
size 100M
copytruncate
create 0660 apache nagios
su apache nagios
rotate 1
compress
}

/usr/local/nagiosxi/var/components/auditlog.log {
missingok
notifempty
size 100M
copytruncate
create 0660 apache nagios
su apache nagios
rotate 1
compress
}

Please make add the su [theuser] [group] from the examples and re-run the logrotation.
Please follow up with the results,
Perry