Table of Contents

4.3 Ensure logrotate is configured (Not Scored)

Profile Applicability

Level 1 - Server 
Level 1 - Workstation

Description

The system includes the capability of rotating log files regularly to avoid filling up the system with logs or making the logs unmanageable large. The file /etc/logrotate.d/syslog is the configuration file used to rotate log files created by syslog or rsyslog.

Rationale

By keeping the log files smaller and more manageable, a system administrator can easily archive these files to another system and spend less time looking through inordinately large log files.

Audit

Review /etc/logrotate.conf and /etc/logrotate.d/* and verify logs are rotated according to site policy.

Remediation

Edit /etc/logrotate.conf and /etc/logrotate.d/* to ensure logs are rotated according to site policy.