Skip to main content

Archive logs older than 10 days

This shell command would archive log files that modification times are older than ten days. Find command takes arguments like -maxdepth 1 for maximum level of directories to dig , -type -f for identifying files, -name '*.log' for filtering log files, -mtime +10 for filtering modification time and -exec mv for executing commands for every file that found.

find /ftp/logs/ -maxdepth 1 -type f -name '*.log' -mtime +10 -exec mv {} /ftp/logs/archive/ \;

Comments

Popular posts from this blog

Find and replace with sed command in Linux

Find and replace feature is always handy. It can turn into a torture when it comes to change or delete a simple constant string in a text file. There is a handy tool in linux for doing these kind of tihngs. Actually sed is not a text editor but it is used outside of the text file to make changes.

Sending Jboss Server Logs to Logstash Using Filebeat with Multiline Support

In addition to sending system logs to logstash, it is possible to add a prospector section to the filebeat.yml for jboss server logs. Sometimes jboss server.log has single events made up from several lines of messages. In such cases Filebeat should be configured for a multiline prospector.
Filebeat takes lines do not start with a date pattern (look at pattern in the multiline section "^[[:digit:]]{4}-[[:digit:]]{2}-[[:digit:]]{2}" and negate section is set to true) and combines them with the previous line that starts with a date pattern.

server.log file excerpt where DatePattern: yyyy-MM-dd-HH and ConversionPattern: %d %-5p [%c] %m%n
Logstash filter: