Depends on how you have it configured. Output to flat files? Output to MySQL server?
I have a couple Syslog-NG instances in my NM Lab and I have it set to put all Syslogs in a daily file and also in a device-daily file. So to retain 90 days, I just don't rotate logs any more than 90 days.
Here's a sample syslog-ng.conf file. Your specific implementation will vary depending on file drop or database insert methods...
No, since my files are daily generated, in order to keep more than 90 days of logs, I just don't delete the dailies. I actually do take the dailies that are more than 60 days and zip them. Since syslogs are text, they squish very nicely.
Since you're using a single, large flat file, you'll need to use some utility to trim that file. You might be better served using the same method I am - putting messages into daily files.
I agree that a daily file is much more friendly. Although it adds a level of complexity to a script we're currently using to scan the file. Once you have a daily file it would be really easy to cron a script to delete files in the appropriate directory that have a creation date of > then 90 days.
Hi everyone, I would like to thank you in advance for any help you can provide a newcomer like myself!
Im studying the 100-105 book by Odom and am currently on the topic of Port security. I purchased a used 2960 and I'm trying to follow a...
While deploying a number of 18xx/2802/3802 model access points (APs), which run AP-COS as their operating platform. It can be observed on some occasions that while many of their access points were able to join the fabric WLC withou...
I am going to design and build an LAN network under a tunnel underground with long distance between the switches.
I will have 2 Catalyst switches and 8 Industrial IE3000, and they will be connected with fiber.
For now I am planning on use Layer-2 s...