93 lines
2.4 KiB
Bash
Executable File
93 lines
2.4 KiB
Bash
Executable File
#! /usr/bin/env bash
|
|
#
|
|
# Delete logs older than ${logexpireminutes} minutes, and remove entries in
|
|
# stats.log older than ${statslogexpireinterval} days.
|
|
|
|
. `dirname $0`/zeekctl-config.sh
|
|
|
|
expire_statslog()
|
|
{
|
|
if [ ${statslogexpireinterval} -eq 0 ]; then
|
|
return 0
|
|
fi
|
|
|
|
if [ ! -d "${statsdir}" ]; then
|
|
echo "expire-logs: directory not found: ${statsdir}"
|
|
return 1
|
|
fi
|
|
|
|
slfile=${statsdir}/stats.log
|
|
|
|
# Make sure the file exists and has nonzero size before continuing.
|
|
if [ ! -s "$slfile" ]; then
|
|
return 0
|
|
fi
|
|
|
|
now=`date +%s`
|
|
|
|
# Convert to seconds and subtract this from the current time
|
|
exptime=$(( now - 86400*statslogexpireinterval ))
|
|
|
|
# Determine how many lines to remove from the beginning of stats.log
|
|
# (no output means all lines are older than the expire time).
|
|
nl=`awk -v expiretime=$exptime '{ if ( $1 > expiretime ) { print NR-1; exit } }' "$slfile"`
|
|
|
|
if [ -z "$nl" ]; then
|
|
> "$slfile"
|
|
elif [ $nl -gt 0 ]; then
|
|
sed "1,${nl}d" "$slfile" > "$slfile.new"
|
|
if [ $? -ne 0 ]; then
|
|
return 1
|
|
fi
|
|
mv "$slfile.new" "$slfile"
|
|
fi
|
|
}
|
|
|
|
expire_log()
|
|
{
|
|
if [ ${logexpireminutes} -eq 0 ]; then
|
|
return 0
|
|
fi
|
|
|
|
find_cmd=find
|
|
if [ "${os}" = "OpenBSD" ]; then
|
|
# OpenBSD find command doesn't have "-regex" or "-delete" options.
|
|
find_cmd=gfind
|
|
fi
|
|
|
|
# Note: these patterns assume we're using the default make-archive-name
|
|
# script. A custom script might use a different naming convention.
|
|
file_pattern='.*/[0-9][0-9][0-9][0-9]-[0-9][0-9]-[0-9][0-9]/.*$'
|
|
dir_pattern='.*/[0-9][0-9][0-9][0-9]-[0-9][0-9]-[0-9][0-9]$'
|
|
|
|
exclude=""
|
|
if [ -n "${keeplogs}" ]; then
|
|
for name in ${keeplogs}; do
|
|
exclude="$exclude ! -name $name"
|
|
done
|
|
fi
|
|
|
|
if [ ! -d "${logdir}" ]; then
|
|
echo "expire-logs: directory not found: ${logdir}"
|
|
return 1
|
|
fi
|
|
|
|
# Remove old files.
|
|
$find_cmd "${logdir}" -type f -regex $file_pattern -mmin +${logexpireminutes} $exclude -delete
|
|
rc=$?
|
|
|
|
# Remove now empty directories (this will not remove non-empty dirs, so we
|
|
# ignore errors here).
|
|
$find_cmd "${logdir}" -type d -regex $dir_pattern -exec rmdir '{}' ';' 2>/dev/null
|
|
|
|
return $rc
|
|
}
|
|
|
|
if [ -n "${logexpireminutes}" ]; then
|
|
expire_log || exit 1
|
|
fi
|
|
|
|
if [ -n "${statslogexpireinterval}" ]; then
|
|
expire_statslog || exit 1
|
|
fi
|