In Linux system operation, logwatch can analyze the system log report for Linux log processing. The following small series will introduce the method of using Linux logwatch in detail. Interested friends may wish to come. Understand.
main purpose
logwatch is to generate a log digest easier to use, is not used to log real-time processing and monitoring. Because of this, logwatch is usually scheduled to run automatically with scheduled time and frequency auto-scheduled tasks or manually from the command line when log processing is required. Once the log report is generated, logwatch can email this report to you, and you can save it as a file or display it directly on the screen.
The level of detail and reporting coverage of Logwatch reports is fully customizable. Logwatch's log processing engine is also extensible. In a sense, if you want to use the logwatch feature in a new application, you only need to write a log processing script for the application's log files (using the Perl language). ), and then hooked up to the logwatch.
One of the bad things about logwatch is that there is no detailed timestamp information in the report it generates, and the original log file exists. You only know the specific events that have been recorded for a certain period of time. If you want to know the exact point in time, you have to check the original log file.
Installing Logwatch
On a Debian system or its derived system:
# aptitude install logwatch
On a Red Hat-based publishing system: Br>
# yum install logwatch
Configuring Logwatch
When installing, the main configuration file (logwatch.conf) is placed in the /etc/logwatch/conf directory. The setting options defined by this file (which is empty by default) override the system-level settings defined in the /usr/share/logwatch/default.conf/logwatch.conf file.
On the command line, start logwatch, if there are no parameters, the options defined in the /etc/logwatch/conf/logwatch.conf file will be used. However, as long as a parameter is specified, they override any default/custom settings in the /etc/logwatch/conf/logwatch.conf file.
In this article, we will edit the /etc/logwatch/conf/logwatch.conf file to personalize some of the default settings.
Detail=“Low, Med, High, or Number”
“Detail" The configuration directive controls the level of detail in the logwatch report. It can be a positive integer or a number of options for High, Med, and Low that represent the 10, 5, and 0 numbers, respectively.
MailTo= [email protected]
If you want to send a logwatch report to you, use the “MailTo” configuration directive. To send a report to multiple users, simply open their email address with a space and configure it. However, you need to configure the local mail transfer agent (MTA) such as sendmail, postfix, etc. on the server where logwatch is running. This configuration command item will work.
Range=“Yesterday|
Today|
All"
“Range The configuration directive defines the time period for generating the logwatch report. The usual optional values for this directive are Yesterday, Today, All. When "Rang = All" is applied, "Archive = yes" should also be configured for all the archived log files (for example, /var/log/maillog, /var/log/maillog. The X or /var/log/maillog.X.gz file will be processed.
In addition to these common range values, you can also use the selection values for complex points as follows:
Range = “2 hours ago for that hour&<<>
Range = “-5 days”
Range = “between -7 days and -3 days”
Range = “since September 15, 2014”
Range = “first Friday in October
Range = “2014/10/15 12:50:15 for that second”
To use the free-form range in the example above, you need Download and install Perl's Date::Manip module from CPAN (Note: Comprehensive Perl Archive Network). For installation instructions for the CPAN module, please refer to this article http://www.linuxidc.com/Linux/2014-12/110704.htm.
Service=“service-name-1”
Service=“service-name-2”
. . .
The “Service” option specifies one or more services that you want to monitor. The services listed in the /usr/share/logwatch/scripts/services directory can be monitored. They already cover important system services (eg pam, secure, iptables, syslogd, etc.), as well as some like sudo, sshd. , http, fail2ban, samba and other mainstream application services. If you want to add a new service to the list, you have to write a corresponding log processing Perl script and put it in this directory.
If this option is to be used to select a specific service, you need to comment out the line “Service = All ” in the /usr/share/logwatch/default.conf/logwatch.conf file.
Previous12Next Total 2 Pages
Linux can check out branches under git, but many users dont know that git can check out a single bra
Linux system for the MariaDB database this open source free small database is not unfamiliar, althou
Use the chgrp command on Linux to modify the group of files or directories. What ar
We all know that one computer can follow two different systems at the same time, that is, we call th
How to set Linux commands as keyboard shortcuts
How to make Live USB under Linux?
Modify Linux password prompt it is based on a dictionary word What to do?
Linux rename command file renaming usage summary
Linux svn automatic update error report post-commit hook failed?
What are the ways to clean up Linux disk space?
Linux yum prompts Loaded plugins error?
Ubuntu install vim plugin steps
How to solve the problem that Linux does not limit the Limit value after opening SSH
Fedora through l2tp vpn networking method
Two practical ways to install Win7 operating system fonts
Custom personality Win8 user avatar
How to set the notification after lock screen under Windows 8?
0xc000000e error failure under win7
How to open a file in CR2 format
Windows 7 hard disk installation method tutorial
Quickly save the file automatically to delete the record
QQ computer housekeeper Win10 upgrade related questions and answers
Windows7 various installation methods big competition
Want to restore the files that have not been lost, open Windows 7 system protection.