Forum Discussion
AltostratusWrong logrotate configuration for /var/log/monitors generating an excess of cron email messages
We have a BIG-IP device that was generating a large amount cron email messages related to logrotation execution errors. The messages were the following:
error: /etc/monitors/monitors_logrotate.conf:6 unknown unit 'B'
error: found error in /var/log/monitors/*.log , skipping
Opening the configuration file /etc/monitors/monitors_logrotate.conf I noted the following:
/var/log/monitors/*.log {
compress
missingok
notifempty
rotate 7
size=5MB
olddir=/var/log/monitors
}
The size parameter in this configuration was wrong as it is using 5MB instead of 5M. The logrotate supports only k, M and G. I've already changed this parameter, but I'm not sure if there is any other impact as the /var/log/monitors directory was empty.
Have someone ever had this experience before?
Is there any good way to change the default destination for cron email messages? The default destination postmaster@domain was filling up the mail exchanger queue with those messages.
7 Replies
Vitaliy_SavransNacreous
Hi,
replace strings in your conf file:
size=5MB with size 5Molddir=/var/log/monitors with olddir /var/log/monitors
RenatoThank-you, but I was able to fix the configuration file alone. The point here is if this is a 11.5.1 bug or not. And to discuss the severity of having a massive number of email messages being generated by cron errors.
- boneyard
MVP
my 11.5.0 shows the same:
/var/log/monitors/*.log { compress missingok notifempty rotate 7 size=5MB olddir=/var/log/monitors }as for the email address in general you can change it in linux via /etc/crontab and then the MAILTO= field.
- nitass
Employee
it is fixed in 11.6.0
ID441642 - /etc/monitors/monitors_logrotate.conf contains an error and this is noted every 30 minutes
root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) show sys version Sys::Version Main Package Product BIG-IP Version 11.6.0 Build 0.0.401 Edition Final Date Mon Aug 11 21:08:03 PDT 2014 root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) run util bash -c "cat /etc/monitors/monitors_logrotate.conf" /var/log/monitors/DBDaemon*.log { compress missingok ifempty rotate 7 size 0 } /var/log/monitors/*.log { compress missingok notifempty rotate 7 size 5M } - Brian_Kenworthy
Nimbostratus
I ran into this issue after upgrading to 11.5 over the weekend. Does anyone know where the cron email messages are logged? I can't find them in the usual places /var/log/cron, /var/log/email, /var/log/messages
I want to confrim that the config changes to /etc/monitors/monitors_logrotate.conf had the desired effect.
Thanks!
- Renato
Brian, cron does not use log files for its erros, instead it uses mail messages. I suppose you will see them in /var/mail.
lkchenI had run into this problem early on when I was setting new F5's with 11.5.1, and had gone in and edited this file...hadn't thought to check devcentral or search ask.f5.com. Where I see that recently (02/09/2015) SOL16107 was published on this problem.
Problem is that after we applied a hotfix to our systems (the TLS one, not the recent glibc one), this problem came back. And, now that our systems are in appliance mode, the workaround of using root / command line isn't available.
Don't think ignoring the emails is correct solution, but there'll be somebody that is subscribed to our root mail list that wouldn't accept that....
