After mod security logrotate new log is empty

[josie3333]

Plesk 12 on Centos 6.5

I added the following to my /etc/logrotate.conf

/var/log/modsec_audit.log {
missingok
daily
rotate 4
compress
}

I'm not exactly sure if the above is the correct syntax, but the result was that two days later my current modsec_audit.log was Gzipped and a new modsec_audit.log was created.
The problem is that nothing was logged to this new file.

From the Plesk 12 control panel I turned off mod security and then turned it back on again and hey presto, the new logfile started to log events.

This leaves the problem of why nothing was recorded when the file was created.

Can anyone advise

 

[tech01]

You can try restarting apache

service httpd restart

Don't worry I'm having lots of issues with the mod security myself. Trying to test and ensure it is actually working and keeping it from logging TOO many events

 

[UFHH01]

Depending on your system, please add this lines to your logrotate definition for mod_security:

...
    postrotate
       /etc/init.d/apache2 reload > /dev/null 2>&1 || true
    endscript

Please adjust the reload - command to YOUR needs on your system, because some operating systems have different names for the apache2 and it's init - scripts.