Skip to Content

Issue with Log Retain Duration

473  Krishnaja August 14, 2024  Common Errors & Troubleshooting

Log Retain Duration is not working

Overview: This article outlines the steps to address issues with log retention duration not functioning correctly.

If the log retain duration is not working as expected, follow these steps:

1. Check and Set Up a Cron Job:

  1. Verify if a cron job is configured for the root user to run daily or weekly. This job should truncate log files in the directory /var/log/ezlogin/ when they exceed the specified age.
  2. Check if you have set a cronjob for the root user to run daily or once a week so that log files stored on the server in the directory ( /var/log/ezlogin/ ) are truncated when older than the specified number of days. 

The path to the command that needs to be set in cron is,

0 6 * * * php /usr/local/ezlogin/house_keeping.php 

This script handles truncation based on the specified retention period.

2. Increase the PHP limit

To increase the PHP limit, you need to increase the memory limit in the /etc/php.ini file ( Increase the memory limit up to 1Gb or more.)

:~# vi /etc/php.ini

memory_limit=1024M

3. Delete logs via GUI.

You can manually delete the ssh log from the GUI by selecting the ssh log session and by clicking on the trash icon.

Note: Logs are stored in directories such as /var/log/ezlogin/full (entire SSH sessions), /var/log/ezlogin/input (STDIN recordings), /var/log/ezlogin/output (STDOUT recordings), and /var/log/ezlogin/rdp (RDP sessions).

Ensure the housekeeping script is set to run in cron ( 0 6 * * * php /usr/local/ezlogin/house_keeping.php ) so that the ssh sessions recorded which are stored in files are deleted from the backend server. You may also run the command manually to ensure that files are deleted from the backend almost instantly. You may wonder why the ssh log recorded stored in the directory /var/log/ezlogin is not deleted when the ssh recording is deleted from the gui, this is because the webserver user does not have the privileges to delete the ssh log recording in the ownership of the ssh gateway user.

Related Articles:

Truncate the recorded logs.

Error log files and configuration files need to be troubleshoot.
Rating: 5 (1 Votes)