Setup Logwatch
Linux, Server, Sysadmin
This article refers to Logwatch on Ubuntu 14.04 LTS.
Logwatch needs a mail transfer agent. Typically we use Exim4 in send-only mode.
To install Logwatch, run sudo apt-get update
then install Logwatch with:
Move config files - don’t edit the originals:
The
/etc/logwatch/conf
directory is first searched for files with the same name and relative location as the/usr/share/logwatch/default.conf
directory. Variables declared in these files override the defaults.From: http://www.stellarcore.net/logwatch/tabs/docs/HOWTO-Customize-LogWatch.html
If using Apache server:
Then add *combined.log files to the list
Configure Logwatch
Edit config:
Set email address, logs to be checked/ignored etc.
Cache
This may need to be manualy created, if Logwatch throws an error:
…then run logwatch as sudo.
Set up a Custom Cronjob for Logwatch
Amend /etc/cron.daily/00logwatch
to include the admin email:
The run time is tied in to the time of the daily cron job. To change, remove /etc/cron.daily/00logwatch
and add a new cronjob. Not tested:
Resources
- https://help.ubuntu.com/community/Logwatch
- http://www.unixmen.com/installing-configuring-logwatch-ubuntu-14-04/
- https://www.digitalocean.com/community/tutorials/how-to-install-and-use-logwatch-log-analyzer-and-reporter-on-a-vps
- Definitive Guide on Customising Logwatch
- Even More Definitive, though focused on Gentoo
comments powered by Disqus