====== Organize Log Files ======
===== OS: FreeBSD =====
vim /etc/syslog.conf
*.notice;authpriv.none;kern.debug;lpr.info;mail.crit;news.err /var/log/messages.log
security.* /var/log/security.log
auth.info;authpriv.info /var/log/auth.log
mail.info /var/log/mail.log
cron.* /var/log/cron.log
!-devd
*.=debug /var/log/debug.log
daemon.info /var/log/daemon.log
console.info /var/log/console.log
*.* /var/log/all.log
Basically edit syslog.conf and add a .log to all files.
vim /etc/newsyslog.conf
/var/log/all.log 600 7 * @T00 JC
/var/log/auth.log 600 7 1000 @0101T JC
/var/log/console.log 600 5 1000 * JC
/var/log/cron.log 600 3 1000 * JC
/var/log/daily.log 640 7 * @T00 JNC
/var/log/debug.log 600 7 1000 * JC
/var/log/init.log 644 3 1000 * JC
/var/log/kerberos.log 600 7 1000 * JC
/var/log/mail.log 640 7 * @T00 JC
/var/log/messages.log 644 5 1000 @0101T JC
/var/log/monthly.log 640 12 * $M1D0 JNC
/var/log/devd.log 644 3 1000 * JC
/var/log/security.log 600 10 1000 * JC
/var/log/utx.log 644 3 * @01T05 B
/var/log/weekly.log 640 5 * $W6D0 JNC
/var/log/daemon.log 644 5 1000 @0101T JC
The files you edited in /etc/syslog.conf change them to the same here. Add in a C to all lines which dont have one except the line with B which is for binary.
vim /etc/crontab
0 * * * * root newsyslog -a /var/log/backups
append a -a /var/log/backups
== Why? ==
Why I do this and why I waste my time doing it?
I like my log files to be concise and organized, I may never look at them but when I do I would like them all named x.log not cron, if for whatever reason I need to treuncate the logs to get some fresh log entries a simple truncate -s0 *.log is how I do it.
I do this with all my servers, even desktop.