Skip to content

Ensure the maximum log file lifetime is set correctly

Description

When logging_collector is enabled, the log_rotation_age parameter determines the maximum lifetime of an individual log file (depending on the value of log_filename). After this many minutes have elapsed, a new log file will be created via automatic log file rotation.

Rationale

Log rotation is a standard best practice for log management.

Current best practices advise log rotation at least daily, but your organization's logging policy should dictate your rotation schedule.

Applies To

  • Databases

Tags

This rule is applied when the following tags are present:

Tag With Value
secureclouddb/provider aws
secureclouddb/service rds
secureclouddb/engine postgres

Default Rule

const { checkServerSetting, getServerSetting, isEmpty } = module

/**
 * @param {Object} databaseSettings - database settings object
 * @returns {boolean} true if the log_rotation_age is greater than 0
 */

function validate(databaseSettings, parameters) {
    const settingName = 'log_rotation_age'
    const expectedValue = parameters && parameters.log_rotation_age

    var success = false;

    if (isEmpty(expectedValue)) {
      const actualValue = getServerSetting(databaseSettings, settingName) 
      success = parseInt(actualValue) > 0;
    } else {
      success = checkServerSetting(databaseSettings, settingName, expectedValue);
    } 

    return {
        success,
    }
}

// invoke
// TODO: add parameters support: organization must provide the expected rotation schedule
validate(databaseSettings);