diff options
Diffstat (limited to 'tools')
| -rw-r--r-- | tools/logwatch.html | 61 |
1 files changed, 59 insertions, 2 deletions
diff --git a/tools/logwatch.html b/tools/logwatch.html index ea4f933..e47a517 100644 --- a/tools/logwatch.html +++ b/tools/logwatch.html @@ -18,6 +18,58 @@ <h2 id="conf">1.1. Configure</h2> + <p>Logwatch apply configuration state using layers of configuration files, last in the list is most important;</p> + + <ul> + <li>/usr/share/logwatch/default.conf/*</li> + <li>/etc/logwatch/conf/*</li> + <li>command line arguments</li> + </ul> + + <p>From logwatch documentation;</p> + + <pre> + The contents of the three directories /usr/share/logwatch/default.conf, + /usr/share/logwatch/dist.conf, and /etc/logwatch/conf, all have the + same structure: + + services: This subdirectory contains the configuration + files specific to each service. Logwatch + determines which services are available by + examining the contents of this directory. + Each service configuration file is named by + its service name with the ".conf" suffix. + + logfiles: This subdirectory contains the logfile group + configuration files. Each logfile group + configuration file contains information about + one or more log files with the same format. + Several services may use the same logfile + group configuration file. Each of these + configuration files are named by the group + name with the ".conf" suffix. Many + of the group names are taken from the name + of a system log file (such as messages, + maillog, secure, etc.), but not always. + + logwatch.conf: This file contains the defaults for the + overall execution of Logwatch, and affect all + of its services. Many of its parameters can + be overridden by command-line switches when + invoking the Logwatch executable, as described + in the man page for Logwatch. + + ignore.conf: This file specifies regular expressions that, + when matched by the output of logwatch, will + suppress the matching line, regardless of which + service is being executed. + + The /etc/logwatch/conf directory may also contain the file 'override.conf', + which is described in section 4, "Customizing the Configuration." + </pre> + + <p>Copy default configuration to use as a template;</p> + <pre> $ sudo cp /usr/share/logwatch/default.conf/logwatch.conf /etc/logwatch/conf/ </pre> @@ -25,16 +77,21 @@ <p>Example configuration;</p> <pre> - MailTo = admin@box + MailTo = admin@machine MailFrom = logwatch Range = Today Detail = Med </pre> - <p>Activate all or per service;</p> + <p>Default activate all services, to enable per service edit /usr/share/logwatch/default.conf/logwatch.conf;</p> <pre> #Service = All + </pre> + + <p>Then add the services to /etc/logwatch/conf/logwatch.conf;</p> + + <pre> Service = http Service = exim Service = dhcpd |