Hi,
I am running OpenHab 3.3.0 and I would like to know if there is a way to do not compress with gzip the logs, but simply rename it.
Thanks in advance
Logging and rotation is defined in /var/lib/openhab/etc/log4j2.xml.
E.g.:
<RollingFile fileName="${sys:openhab.logdir}/openhab.log" filePattern="${sys:openhab.logdir}/openhab.log.%i.gz" name="LOGFILE">
<PatternLayout pattern="%d{yyyy-MM-dd HH:mm:ss.SSS} [%-5.5p] [%-36.36c] - %m%n"/>
<Policies>
<OnStartupTriggeringPolicy/>
<SizeBasedTriggeringPolicy size="16 MB"/>
</Policies>
<DefaultRolloverStrategy max="7"/>
</RollingFile>
Try to remove the .gz of filePattern. A restart of OH service might be required.
Why do you want to not compress the log files ?
gzipped files of this type take only about 1/10th … 1/3rd disk space of unzipped files.
Hi,
thanks for answers. I use this web tool to view log remotely:
https://hub.docker.com/r/therek/logsniffer/
and it does not support gzip files. I have enough disk space, my OH box is a docker container into a ESXi Virtual Machine
1 Like
Then that was an XY type of question.
You better use a different viewer which can handle gzip and preferrably even interpret OH output (such as Frontail)
Hi,
thanks for suggestion. logsniffer is lightwave and I am just skilled to use it, it read the logfile on the disk and run in docker container. It is for me a quick solution during this holyday period.
As told before I have 80GB of disk on VMbox where OH runs, so disk space is not an issue for now.
I also would like to thank you for your suggestion, I will give a look to Frontail, and in case I will restore the gzip compression and start to use it.
Thanks
I would recommend looking into other tools. That Docker image hasn’t been updated in five years and the github repo says it’s no longer maintained with the last commit in Nov. 2017. This is abandonware. also, it’s a Java program but I can’t tell if it uses log4j2. If it does, your system is at a pretty big risk for attack with the log4shell attack.
Hi @rlkoshak
I just know what you said. It is a temporary solution for this vacation period, now I have no time to setup a new log viewer.
Afer holyday I will move to a new software.
Marco
It uses log4j 1.2.14 which has 5 known direct vulnerabilites as listed on https://mvnrepository.com/artifact/log4j/log4j/1.2.14
1 Like
And one of them is rated the same severity as log4shell. Yikes.
my setup in intended to run only in LAN, logviewer will be not exposed to Internet. I found frontail for openhab: GitHub - welteki/docker_frontail_openhab: openHAB log viewer
but it only show openhab.log and events.log, I tried to recompile docker image with additional file, but some file missing from openhab repository so it fail
The problem with the log4j vulnerabilities is that they don’t need to be accessible from the internet to be attacked and compromised. If a specially formatted string gets processed by the logger, it will reach out to the internet and download and install stuff. People were able to get to Tesla and Apple internal servers by simply renaming their cars/phones to the special string. That’s why it’s so severe. Even if the software is completely inaccessible from the internet, if it processes anything from the Internet (e.g. a cloud service API) it’s vulnerable.
This was about as bad as it gets.
If you have additional logs to watch, you should start with the original Frontail image.
Hi,
I did a try to frontail, but as I undesrtood it permit me to view realtime logs, is there an application that show all logs contained into logs directory, like the old one I use?
I don’t know logsniffer. Just googling for “logsniffer alternatives” results in several hits which list different alternatives. One of these pages is logsniffer Alternatives - Top Monitoring Tools