Benutzer-Werkzeuge

Webseiten-Werkzeuge


linux:security:logwatch

Inhaltsverzeichnis

Logwatch

Logwatch is a tool that will monitor your server's logs and email the administrator a digest on a daily basis.

Prerequisites

* Ensure email is working. Instructions for doing so may be found in MailServer

Installation

Update your package list and install logwatch:

apt-get update && apt-get install logwatch

Notes:
Create a directory the Logwatch package in the repositories currently does not create, but is required for proper operation: mkdir /var/cache/logwatch Configuration shouldn't be edited in the install directory (/usr/share/logwatch). Copy logwatch.conf to /etc/logwatch before editing:

cp /usr/share/logwatch/default.conf/logwatch.conf /etc/logwatch/conf/

Edit logwatch.conf to put in the e-mail where you want the report sent:

MailTo = me@example.com

Detail level of the logwatch report can be Low, Med or High. Default level is Low. To change that, edit the newly copied logwatch.conf:

Detail = High

For Ubuntu systems with apache server:

cp /usr/share/logwatch/default.conf/logfiles/http.conf /etc/logwatch/conf/logfiles/

Then add *combined.log files to the list

Aus https://help.ubuntu.com/community/Logwatch

linux/security/logwatch.txt · Zuletzt geändert: 2014/03/10 22:07 von Madic