To me, it is very unintuitive for a sysadmin to be expected to move away a file which is normally under logrotate control.
At a minimum, I would suggest that the alert email contain a reference to README.Debian.html section 2.5.1, so that sysadmins seeing this can more quickly understand what's going on. However, I'd also suggest that many people would prefer to review the logs in place, but leave them under logrotate control, so it would be much nicer if the alert email system did stash the log timestamp and not re-alert if no additional panic messages had been written. Max.
signature.asc
Description: OpenPGP digital signature
