1. Overview

Both Console and Defender call log-rotate every 30 minutes. The options passed to log-rotate are described below.

2. Defender

The default path for Defender’s log file is /var/lib/twistlock/log/defender.log.

It is configured as follows:

  • Truncate the original log file in place after creating a copy, instead of moving the old log file. (copytruncate)

  • Have 10 backup files rotated. If rotation exceeds 10 files, the oldest rotated file is deleted. (rotate 10)

  • Don’t generate an error in case a log file doesn’t exist. (missingok)

  • Don’t rotate the log in case it’s empty. (notifempty)

  • Rotate the log only if its size is 100M or more. (size 100M)

  • Compress the rotated logs. (compress)

3. Console

The default path for Console’s log file is /var/lib/twistlock/log/console.log.

It is configured as follows:

  • Truncate the original log file in place after creating a copy, instead of moving the old log file. (copytruncate)

  • Have 10 backup files rotated. If rotation exceeds 10 files, the oldest rotated file is deleted. (rotate 10)

  • Don’t generate an error in case a log file doesn’t exist. (missingok)

  • Don’t rotate the log in case it’s empty. (notifempty)

  • Rotate the log only if its size is 100M or more. (size 100M)

  • Compress the rotated logs. (compress)

4. DB logs

We log CRITICAL/ERROR messages to enable critical DB diagnostics.

This is automatically done by Prisma Cloud and is non-configurable.