Logwatch - Watch the logs with ease

T

his tutorial works for CentOS only. For your specific OS tutorial use the tags or serach function in the sidebar area.

 

Reading logfiles is a daily basis for all sysadmins. Sometimes it could be exhausting for a newbie admin to even read them - therefore Logwatch comes in handy - it gives you all important info, summarized and sent to your mailbox daily and in a much more readable view.

Installation is simple.

$ yum install logwatch

Now tune few values in a configuration file:

$ nano /usr/share/logwatch/default.conf/logwatch.conf

Find line:

MailTo = root
 

and change it to the user or complete mail address

Next:

Range = yesterday
Detail = Med
 

You may change/experiment with the values as described in the config file.

Now we need to disable some unneeded service monitoring – we can do this only if we have the Service setting set to All like so:

Service = All
 

To disable the monitoring of some services simply add this below that line to disable postfix:

Service = "-postfix"
 

Save and exit.

for manual run, type:

$ logwatch

and check your e-mail.

That's it.

There isn't much for you to configure at this point. You'll get that e-mail every day - so you may focus on reading it now as a main matter of security check.


Simple and efficient.