If you’re one of those that likes planting shrubbery but ignores maintenance thereafter, then today’s column is for you. Linux servers and Asterisk® PBXs need some regular attention. If you don’t invest a little time in the backup and log purging tasks, sooner or later you’ll regret it when disaster strikes.
With Incredible PBX® 2020 and 2021 servers, you only have yourself to blame if you don’t make regular backups and move them off site. Simply run /root/incrediblebackup2020 and move the image from /backup to a safe place. For Incredible PBX 16 servers, use the /root/incrediblebackup16 script. If you’re considering a move of your on premise Incredible PBX 2020 or 2021 server to the cloud, then we recommend making a full FreePBX® backup. Simply use the FileStore module in FreePBX in conjunction with the FreePBX Backup module to backup to S3, FTP, SCP, or DropBox. For those using cloud platforms for your PBXs, we strongly recommend investing the few cents more to activate automatic backups or snapshots. See the Incredible PBX Wiki for provider suggestions.
Next, let’s turn to logs. On Linux-based systems running Asterisk, there are literally dozens of logs. If you don’t monitor them carefully, you run the risk of a system failure once your storage device fills up. For PUBLIC implementations of Incredible PBX, you also need to monitor /var/log/secure (CentOS) and /var/log/auth.log (Debian/Ubuntu) for SSH break-in attempts. Monitoring the logs for most other system problems is less necessary because these issues typically will rear their ugly heads in a way that you will instantly know there’s a problem.
That leaves us with taming log creep. Even though many of the logs rotate and manage their own total size, this isn’t true for all of them. The easiest way to identify where your problem areas are is to do full listings of the files in both the /var/log and /var/log/asterisk directories:
ls -al /var/log && ls -al /var/log/asterisk. When you see the size of logs creeping into 7 digits or more, it’s time to take corrective action. The simplest way is to build yourself a bash script that runs as a cron job every week or so. Here’s what we typically put in the script. The first few lines clean out the rotated logs, and the other lines initialize all of the current log files except the SSH log. You would obviously want to examine any extremely large logs for issues and security breaches before running this script! We typically create a backup before running the script. This preserves a historical record in case of any problems.
#!/bin/bash rm -rf /tmp/* rm -f /var/log/*-2* rm -f /var/log/asterisk/*-2* rm -f /var/log/httpd/*-2* rm -f /var/log/*.gz rm -f /var/log/asterisk/*.gz rm -f /var/log/apache2/*.gz rm -f /var/log/apache2/*.1 rm -f /var/log/*.1 rm -f /var/log/asterisk/*.1 truncate -s 0 /root/.mysql_history truncate -s 0 /root/.asterisk_history truncate -s 0 /root/.bash_history truncate -s 0 /var/log/wtmp truncate -s 0 /var/log/lastlog truncate -s 0 /var/log/mysql/error.log truncate -s 0 /var/log/auth.log truncate -s 0 /var/log/boot.log truncate -s 0 /var/log/cron truncate -s 0 /var/log/cron.log truncate -s 0 /var/log/daemon.log truncate -s 0 /var/log/debug truncate -s 0 /var/log/dmesg truncate -s 0 /var/log/dmesg.old truncate -s 0 /var/log/dracut.log truncate -s 0 /var/log/fail2ban.log truncate -s 0 /var/log/ipchecker.log truncate -s 0 /var/log/kern truncate -s 0 /var/log/kern.log truncate -s 0 /var/log/knockd.log truncate -s 0 /var/log/mail.err truncate -s 0 /var/log/mail.info truncate -s 0 /var/log/maillog truncate -s 0 /var/log/mail.warn truncate -s 0 /var/log/messages truncate -s 0 /var/log/mysqld.log truncate -s 0 /var/log/slpd.log truncate -s 0 /var/log/syslog truncate -s 0 /var/log/alternatives.log truncate -s 0 /var/log/bootstrap.log truncate -s 0 /var/log/dpkg.log truncate -s 0 /var/log/tallylog truncate -s 0 /var/log/yum.log truncate -s 0 /var/log/faillog truncate -s 0 /var/log/fontconfig.log truncate -s 0 /var/log/regen_ssh_keys.log truncate -s 0 /var/log/apache2/access.log truncate -s 0 /var/log/apache2/error.log truncate -s 0 /var/log/apache2/other_vhosts_access.log truncate -s 0 /var/log/asterisk/freepbx_dbug truncate -s 0 /var/log/asterisk/freepbx_debug truncate -s 0 /var/log/asterisk/freepbx.log truncate -s 0 /var/log/asterisk/freepbx_security.log truncate -s 0 /var/log/asterisk/full truncate -s 0 /var/log/asterisk/h323_log truncate -s 0 /var/log/asterisk/messages truncate -s 0 /var/log/asterisk/queue_log truncate -s 0 /var/log/asterisk/ucp_out.log truncate -s 0 /var/log/asterisk/clearlydevices_out.log truncate -s 0 /var/log/asterisk/clearlysp_out.log truncate -s 0 /var/log/asterisk/core*.log
To automate this process, create a truncate-logs script in /root with the entries above. Make the script executable:
chmod +x /root/truncate-logs. Then add this entry to the bottom of /etc/crontab:
35 4 * * 6 root /root/truncate-logs >/dev/null 2>&1. This would run the script every Saturday morning at 4:35 a.m.
Originally published: Monday, April 26, 2021
Need help with Asterisk? Visit the VoIP-info Forum.
Special Thanks to Our Generous Sponsors
FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.
BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.
The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.
VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.