| 1 |
On Tue, 2006-08-22 at 21:04 -0500, Troy Curtis Jr wrote: |
| 2 |
> Logwatch is really designed to be run as a cronjob which sends you an |
| 3 |
> email after it has parsed through your logs. The configuration for |
| 4 |
> logwatch is located in the /etc/log.d/ directory. In that directory |
| 5 |
> you will find many scripts and configuration options for a wide range |
| 6 |
> of different log files. You will want to start with |
| 7 |
> /etc/log.d/conf/logwatch.conf. By default it send the email message |
| 8 |
> with the log analysis to root (you can set it to whatever you like if |
| 9 |
> you have your mailer configured correctly). |
| 10 |
> |
| 11 |
> You should probably get a meaningful analysis with all the defaults, |
| 12 |
> just check your root accounts mail. |
| 13 |
> |
| 14 |
> I have been using logwatch for many months now and have been very |
| 15 |
> happy with it. Hope this helps point you in the right direction. |
| 16 |
> (Also check /etc/cron.daily/logwatch for the default cronjob). |
| 17 |
> |
| 18 |
> Troy |
| 19 |
> |
| 20 |
I've been having a little trouble with the logwatch script on my server |
| 21 |
box; particularly the FTP section. If there is nothing for FTP in the |
| 22 |
logs for the current day, and there was in the same date a year ago, it |
| 23 |
shows the activity from a year ago. I use logrotate and have logs going |
| 24 |
back quite awhile - I guess that's where it's getting the informationf |
| 25 |
from. It's just been doing that for about a month now. I haven't |
| 26 |
gotten around to looking at the logwatch config yet. It kinda freaked |
| 27 |
me out the first time it happened, until I looked at the dates. Just |
| 28 |
this morning, my logwatch was dated August 22, 2006, but it had records |
| 29 |
of files uploaded with my account from Aug 22, 2005... |
| 30 |
> BTW the obfuscated perl email address that gentux uses has to be the |
| 31 |
> coolest sig ever! |
| 32 |
> |
| 33 |
> |
| 34 |
> On 8/22/06, Grant <emailgrant@×××××.com> wrote: |
| 35 |
> > > > Does anyone know of a practical way to review all the various logs on |
| 36 |
> > > > the system each day? Does it just come down to a brisk scroll through |
| 37 |
> > > > the previous day's rotated logs? |
| 38 |
> > > > |
| 39 |
> > > |
| 40 |
> > > Isn't that why logwatch was created? |
| 41 |
> > |
| 42 |
> > I emerged logwatch, but even though the man pages reference the |
| 43 |
> > command 'logwatch' it is a 'command not found'. I ran 'logwatch.pl' |
| 44 |
> > which I spotted from the emerge's output, but there was no ouput from |
| 45 |
> > that script at all. |
| 46 |
> > |
| 47 |
> > - Grant |
| 48 |
> > -- |
| 49 |
> > gentoo-user@g.o mailing list |
| 50 |
> > |
| 51 |
> > |
| 52 |
> |
| 53 |
> |
| 54 |
> -- |
| 55 |
> "Beware of spyware. If you can, use the Firefox browser." - USA Today |
| 56 |
> Download now at http://getfirefox.com |
| 57 |
> Registered Linux User #354814 ( http://counter.li.org/) |
| 58 |
|
| 59 |
-- |
| 60 |
gentoo-user@g.o mailing list |
Archives