webcp.hostinghacks.net/slackware | logwatch
LogWatch is a customizable, pluggable log-monitoring system. It will go through your logs for a given period of time and make a report in the areas that you wish with the detail that you wish. Easy to use - works right out of the package on almost all systems.
PREREQUISITES: Perl 5.8
download and install logwatch:
cd /usr/src wget ftp://ftp.kaybee.org/pub/linux/logwatch-5.2.2.tar.gz # wget http://hostinghacks.net/dist/logwatch-5.2.2.tar.gz tar -zxf logwatch-5.2.2.tar.gz cd logwatch-5.2.2
Simply make a directory (such as the default of /etc/log.d) and copy the scripts, conf, and lib directories into that directory.
mkdir -p /etc/log.d cp scripts conf lib /etc/log.d -R
Edit logwatch.pl and set the directory at the top of the script. Edit conf/logwatch.conf and modify any settings as needed. Add a cron entry to run on a daily basis (/usr/sbin/logwatch, for example).
Edit /etc/log.d/conf/logwatch.conf file:
cat /etc/log.d/conf/logwatch.conf << EOF LogDir = /var/log TmpDir = /tmp MailTo = servadmin Print = No UseMkTemp = Yes MkTemp = /bin/mktemp Range = yesterday # The default detail level for the report. # This can either be Low, Med, High or a number. # Low = 0 # Med = 5 # High = 10 Detail = Med Service = All mailer = /bin/mail EOF
cp /etc/log.d/scripts/logwatch.pl /etc/cron.daily/00-logwatch chmod +x /etc/cron.daily/00-logwatch /etc/cron.daily/00-logwatch chmod +x /etc/log.d/scripts/services/imapd chmod +x /etc/log.d/scripts/services/pop3
SYNOPSIS
logwatch [--detail level ] [--logfile log-file-group ] [--service ser-
vice-name ] [--print] [--mailto address ] [--archives] [--range range ]
[--debug level ] [--save file-name ] [--logdir directory ] [--hostname
hostname ] [--help|--usage]
FILES
/etc/log.d/logwatch.conf
Really a symlink to /etc/log.d/conf/logwatch.conf. This file
sets the default values of all the above options. These
defaults are used when LogWatch is called without any parameters
(i.e. from cron.daily). The file is well-documented, but the
explanations above also apply to this config file.
/etc/log.d/conf/services/*
Configuration files for the various services whose log entries
LogWatch can process.
/etc/log.d/conf/logfiles/*
Configuration files for the various logfiles that the above ser-
vice's log entries are stored in.
/etc/log.d/scripts/shared/*
Filters common to many services and/or logfiles.
/etc/log.d/scripts/logfiles/*
Filters specific to just particular logfiles.
/etc/log.d/scripts/services/*
Actual filter programs for the various services.
EXAMPLES
logwatch --service ftpd-xferlog --range all --detail high --print
--archives
This will print out all FTP transfers that are stored in all
current and archived xferlogs.
logwatch --service pam_pwdb --range yesterday --detail high --print
This will print out login information for the previous day...
Adding a logwatch filter: www2.logwatch.org:81/tabs/docs/HOWTO-Make-Filter.html
Mailing lists available! Logwatch List: For general discussion and questions about Logwatch. To Subscribe: echo "subscribe" | mail logwatch-request@kaybee.org Send Mail To: logwatch@kaybee.org Logwatch Announcements List: For important announcements about Logwatch. To Subscribe: echo "subscribe" | mail logwatch-announce-request@kaybee.org Logwatch Development List: For discussion about Logwatch development. To Subscribe: echo "subscribe" | mail logwatch-devel-request@kaybee.org Send Mail To: logwatch-devel@kaybee.org