Extend the life of your logs. Use the Log Archiver to compress backups to an archive.
The archive that is used is determined based on the log name that is about to be archived. There are several known system logs that will be archived in a system.zip archive. Other log files use the beginning part of the file name to determine the archive name. tasker.log and tasker-tasks.log will go to the tasker.zip archive.
Each archive will grow to a maximum size. The archiver will try to remove an entry once the maximum size is reached. The entry to be removed is determined by trying to find the oldest entry for a file that has more than one copy. If the oldest entry is the only entry of its kind then it will not be removed.
Applications must use a .log.bak file naming convention for this application to archive the backup log files. JANOS uses this concept but the Java applications have been using a rolling file concept for quite some time. The logging concept in the applications will change as the applications are updated. This application will initially start archiving the system log files.
The maximum size is configurable. It is 128 KB by default. It can be change to a value between 32 KB and 512 KB. To configure this setting you will edit the
AppData/LogArchiver/MaxArchiveSizeInKB registry key.
The application must be set to run on boot. You will use the Applications section in the Configuration tab in the DCP to ensure that the Log Archiver application is set to run on boot.
Here is a good example of how the oldest entry is not always removed.
This is the honeypot unit. Its our publicly accessible unit that we use to map source locations for failed login attempts to the telnet port. Here you can see that the jniorboot-202004080118.log file is by far the oldest entry. It should have been removed many times but because it is the only jniorboot*.log, it is saved. The jniorsys-202005110533.log file also should have been removed but since it is the only jniorsys*.log, it hasn’t. The failed login attempts are quite numerous, thus filling up the access.log and causing it to be archived many times. The other thing we notice here is that we have 14 files in this archive and the archive size is only 120 KB!