[Letsencrypt-devel] Bug#873581: certbot: Excessive logging

Henrik Ahlgren pablo at seestieto.com
Tue Aug 29 08:11:28 UTC 2017

Package: certbot
Version: 0.10.2-1~bpo8+1
Severity: normal

Certbog logs to /var/log/letsencrypt.log using DEBUG as the default
log level. It rotates the log on each invocation, i.e. (at least)
daily. If I understand correctly (main.py:setup_log_file_handler),
1000 log files are retained.

On my server, I have hundreds of small log files:

# ls /var/log/letsencrypt|wc -l

Most of the debug information contained in the logs are not very
useful for sysadmins and it is quite difficult to find any relevant
information about certificate renewals etc.

Please consider making the log level configurable and make the default
"info". Also it would be nice, if logrotate would handle log rotation,
so the sysadmin could easily modify the rotation behaviour. Better
yet, the possibility of logging directly into systemd journal would be

-- System Information:
Debian Release: 8.9
  APT prefers oldstable-updates
  APT policy: (500, 'oldstable-updates'), (500, 'oldstable')
Architecture: i386 (i686)

Kernel: Linux 3.16.0-4-686-pae (SMP w/2 CPU cores)
Locale: LANG=fi_FI.UTF-8, LC_CTYPE=fi_FI.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages certbot depends on:
ii  init-system-helpers  1.22
ii  python               2.7.9-1
ii  python-certbot       0.10.2-1~bpo8+1
pn  python:any           <none>

certbot recommends no packages.

Versions of packages certbot suggests:
ii  python-certbot-apache  0.10.2-1~bpo8+1
pn  python-certbot-doc     <none>

-- debconf-show failed

More information about the Letsencrypt-devel mailing list