Hi,
Because each environment, disk sizes and policies for customers are different, best and safest approach is to add task to system cron at /etc/crontab
Here are sets of rules, you can use:
0 6 * * * find /var/ossec/logs/ -name "*.gz" -o -name "*.log" -type f -mtime +10 -exec rm -f {} \;
0 5 * * * find /var/log/elasticsearch -type f -mtime +5 | xargs rm
0 4 * * * find /var/log/logstash -type f -mtime +5 | xargs rm
0 4 * * * find /root/backup-Energy-Logserver-*.tar.gz -type f -mtime +30 | xargs rm
mtime
parameter defines lifecycle of each files in days, so if -mtime +10
is set - then it will remove files older than 10 days.
Each task is executed daily with second digit pointing at hour, so 0 6 * * * *
means each day at 6am
and 0 4 * * *
means each day at 4am
Hope it helps!