While Nginx itself doesn't provide built-in log rotation functionality, most Linux distributions include logrotate as part of their core utilities. The main Nginx access logs (/var/log/nginx/access.log) are typically managed by this system service, while virtual host logs often require manual configuration.
Create or modify your logrotate configuration file, typically located at /etc/logrotate.d/nginx. Here's a comprehensive example:
/var/log/nginx/*.log {
daily
missingok
rotate 14
compress
delaycompress
notifempty
create 0640 www-data adm
sharedscripts
postrotate
if [ -f /var/run/nginx.pid ]; then
kill -USR1 cat /var/run/nginx.pid
fi
endscript
}
Key parameters explained:
daily: Rotate logs every dayrotate 14: Keep 14 days of logs before deletioncompress: Enable gzip compression on rotated logsdelaycompress: Compress previous day's log onlycreate 0640 www-data adm: Set proper permissions on new log files
Verify your setup with this command:
sudo logrotate -vf /etc/logrotate.d/nginx
The -v flag enables verbose output, while -f forces rotation even if not scheduled.
For granular control, you can configure logging directly in Nginx server blocks:
server {
access_log /var/log/nginx/example.com.access.log combined buffer=32k flush=5m;
error_log /var/log/nginx/example.com.error.log warn;
# Additional server configuration...
}
The buffer and flush parameters help optimize I/O operations.
If logs aren't rotating as expected:
- Check logrotate status:
sudo systemctl status logrotate - Verify cron is running:
sudo systemctl status cron - Inspect last rotation:
sudo grep logrotate /var/log/syslog
Managing Nginx access logs effectively is crucial for server maintenance and performance optimization. While Nginx handles core log rotation automatically, custom access logs require manual configuration. Here's how to implement proper log rotation with compression.
Nginx itself doesn't handle log rotation - this is typically managed by the Linux logrotate utility. The default Nginx installation often includes a preconfigured logrotate file at /etc/logrotate.d/nginx that handles the main access and error logs.
For custom access logs (like those for individual virtual hosts), you'll need to create or modify the logrotate configuration. Here's a robust example:
/var/log/nginx/*.log {
daily
missingok
rotate 14
compress
delaycompress
notifempty
create 0640 www-data adm
sharedscripts
postrotate
if [ -f /var/run/nginx.pid ]; then
kill -USR1 cat /var/run/nginx.pid
fi
endscript
}- daily: Rotate logs daily
- rotate 14: Keep 14 days of logs
- compress: Use gzip compression on rotated logs
- delaycompress: Compress logs one rotation cycle later
- create: Set proper permissions when recreating log files
After setting up your configuration, test it with:
sudo logrotate -d /etc/logrotate.d/nginxThe -d flag performs a dry run. For immediate rotation (without waiting for the daily cron job):
sudo logrotate -vf /etc/logrotate.d/nginxFor high-traffic sites, consider these optimizations:
/var/log/nginx/*.log {
size 100M
dateext
dateformat -%Y%m%d-%s
extension .log
...
}This configuration rotates logs when they reach 100MB and uses timestamp-based naming for easier management.
If logs aren't rotating properly, check:
- Logrotate cron job is active (
/etc/cron.daily/logrotate) - Proper permissions on log files and directories
- Nginx process has permission to reopen log files
Verify rotation is working by checking the logrotate status file:
cat /var/lib/logrotate/statusThis shows when each log was last rotated and helps identify any that aren't rotating as expected.