introduce pigz to logrotate

pigz will now handle compression of t-pot logfiles logrotate will only rotate archives instead of packing them again should improve #501 #494 #489 #482 and others with regard to a volume of logs
2025-05-12 11:19:07 +00:00 · 2019-12-24 10:55:39 +00:00 · 2019-12-24 10:55:39 +00:00 · a370e2b414
commit a370e2b414
parent f4a078c443
1 changed files with 18 additions and 7 deletions
--- a/etc/logrotate/logrotate.conf
+++ b/etc/logrotate/logrotate.conf
@ -1,18 +1,13 @@
 /data/adbhoney/log/*.json
 /data/adbhoney/log/*.log
-/data/adbhoney/downloads.tgz
 /data/ciscoasa/log/ciscoasa.log
 /data/conpot/log/conpot*.json
 /data/conpot/log/conpot*.log
 /data/cowrie/log/cowrie.json
 /data/cowrie/log/cowrie-textlog.log
 /data/cowrie/log/lastlog.txt
-/data/cowrie/log/ttylogs.tgz
-/data/cowrie/downloads.tgz
 /data/dionaea/log/dionaea.json
 /data/dionaea/log/dionaea.sqlite
-/data/dionaea/bistreams.tgz
-/data/dionaea/binaries.tgz
 /data/dionaea/dionaea-errors.log
 /data/elasticpot/log/elasticpot.log
 /data/elk/log/*.log
@ -25,8 +20,6 @@
 /data/honeypy/log/*.log
 /data/honeytrap/log/*.log
 /data/honeytrap/log/*.json
-/data/honeytrap/attacks.tgz
-/data/honeytrap/downloads.tgz
 /data/mailoney/log/commands.log
 /data/medpot/log/*.log
 /data/nginx/log/*.log
@ -44,4 +37,22 @@
        notifempty
 	rotate 30
 	compress
+        compresscmd /usr/bin/pigz
+}
+
+/data/adbhoney/downloads.tgz
+/data/cowrie/log/ttylogs.tgz
+/data/cowrie/downloads.tgz
+/data/dionaea/bistreams.tgz
+/data/dionaea/binaries.tgz
+/data/honeytrap/attacks.tgz
+/data/honeytrap/downloads.tgz
+{
+	su tpot tpot
+        copytruncate
+        create 770 tpot tpot
+	daily
+        missingok
+        notifempty
+	rotate 30
 }