Skip to content

6.1.3.8 Ensure logrotate is configured

Audit#

Run the following script to analyze the logrotate configuration: 

1
2
3
4
5
6
7
8
#!/usr/bin/env bash
{
l_analyze_cmd="$(readlink -f /bin/systemd-analyze)"
l_config_file="/etc/logrotate.conf"
l_include="$(awk '$1~/^\s*include$/{print$2}' "$l_config_file" 2>/dev/null)"
[ -d "$l_include" ] && l_include="$l_include/*"
$l_analyze_cmd cat-config "$l_config_file" $l_include
}

Note: The last occurrence of a argument is the one used for the logrotate configuration

Remediation#

Edit /etc/logrotate.conf, or the appropriate configuration file provided by the script in the Audit Procedure, as necessary to ensure logs are rotated according to site policy.