[CentOS] Year in log files
Denniston, Todd A CIV NAVSURFWARCENDIV Crane
todd.denniston at navy.mil
Thu Jun 23 12:26:50 UTC 2011
> -----Original Message-----
> From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On
> Behalf Of Fajar Priyanto
> Sent: Wednesday, June 22, 2011 22:23
> To: CentOS mailing list
> Subject: Re: [CentOS] Year in log files
>
> On Thu, Jun 23, 2011 at 10:18 AM, lists-centos
> <replies-lists-b3z2-centos at listmail.innovate.net> wrote:
> > You should set that log to rotate annually. That should address your
> > issue, in addition to keeping logwatch from picking up year-old
> > entries.
>
> Yes it's rotated annually.
> That's why I can argue based on common sense, by comparing the CESA
> date and the occurance in the log file.
> But if there is year, I don't have to argue at all with the auditor.
Two suggestions,
1) look for 'yum: Updated:' in the messages log, which should be rotated
a bit more often (and the auditor was probably fine with the time stamps
there), and if syslog is being directed to a log collector the log
collector may have different settings.
2) look at `rpm -qa --last` for at least the currently installed
versions, it does include the full year stamp.
If needed the auditor could link timestamps from the rpm database to
the yum log.
More information about the CentOS
mailing list