Rotation of audit logs

Thu May 19 12:45:05 UTC 2005

On Wednesday 18 May 2005 19:24, Kris Wilson wrote:
> Can you explain the rotation order to me?

Suppose we have 3 logs and need to rotate. log.2 is deleted, .1 becomes .2, 
log becomes .1, and a new log is opened. Analysis from oldest to newest is 
done from .2 -> log. Individual log files are appended to - so more recent 
stuff is at the end and older stuff at the beginning.

-Steve