about summary refs log tree commit diff stats
path: root/tools/logwatch.html
blob: e47a517d0f83241ca7628adff4976178a5b838bb (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
<!DOCTYPE html>
<html dir="ltr" lang="en">
    <head>
        <meta charset='utf-8'>
        <title>Logwatch</title>
    </head>
    <body>

        <a href="index.html">Tools Index</a>

        <h1>Logwatch</h1>

        <p>Install logwatch, ports collection contains <a href="https://crux.nu/portdb/index.php?a=getup&q=deepthought">deepthought.httpup</a> port;</p>

        <pre>
        $ prt-get depinst logwatch
        </pre>

        <h2 id="conf">1.1. Configure</h2>

        <p>Logwatch apply configuration state using layers of configuration files, last in the list is most important;</p>

        <ul>
            <li>/usr/share/logwatch/default.conf/*</li>
            <li>/etc/logwatch/conf/*</li>
            <li>command line arguments</li>
        </ul>

	<p>From logwatch documentation;</p>

	<pre>
	The contents of the three directories /usr/share/logwatch/default.conf,
	/usr/share/logwatch/dist.conf, and /etc/logwatch/conf, all have the
	same structure:

		services:	This subdirectory contains the configuration
				files specific to each service.  Logwatch
				determines which services are available by
				examining the contents of this directory.
				Each service configuration file is named by
				its service name with the ".conf" suffix.

		logfiles:	This subdirectory contains the logfile group
				configuration files.  Each logfile group
				configuration file contains information about
				one or more log files with the same format.
				Several services may use the same logfile
				group configuration file.  Each of these
				configuration files are named by the group
				name with the ".conf" suffix.  Many
				of the group names are taken from the name
				of a system log file (such as messages,
				maillog, secure, etc.), but not always.

		logwatch.conf:	This file contains the defaults for the
				overall execution of Logwatch, and affect all
				of its services.  Many of its parameters can
				be overridden by command-line switches when
				invoking the Logwatch executable, as described
				in the man page for Logwatch.

		ignore.conf:	This file specifies regular expressions that,
				when matched by the output of logwatch, will
				suppress the matching line, regardless of which
				service is being executed.

	The /etc/logwatch/conf directory may also contain the file 'override.conf',
	which is described in section 4, "Customizing the Configuration."
	</pre>

        <p>Copy default configuration to use as a template;</p>

        <pre>
        $ sudo cp /usr/share/logwatch/default.conf/logwatch.conf /etc/logwatch/conf/
        </pre>

        <p>Example configuration;</p>

        <pre>
        MailTo = admin@machine
        MailFrom = logwatch
        Range = Today
        Detail = Med
        </pre>

        <p>Default activate all services, to enable per service edit  /usr/share/logwatch/default.conf/logwatch.conf;</p>

        <pre>
        #Service = All
        </pre>

        <p>Then add the services to /etc/logwatch/conf/logwatch.conf;</p>

        <pre>
        Service = http
        Service = exim
        Service = dhcpd
        </pre>

        <pre>
        $ sudo /usr/share/logwatch/scripts/logwatch.pl
        </pre>

        <h2 id="cron">1.2. Set cron task</h2>

        <p>First make sure that email gets deliver;</p>

        <pre>
        $ sudo /usr/share/logwatch/scripts/logwatch.pl --output mail
        </pre>

        <p>Create file /etc/cron/daily/logwatch;</p>

        <pre>
        #!/bin/sh
        #
        # /etc/cron/daily/logwatch: run logwatch and mail output
        #

        /usr/share/logwatch/scripts/logwatch.pl --output mail

        # End of file
        </pre>

        <pre>
        $ sudo chmod +x /etc/cron/daily/logwatch
        </pre>

        <a href="index.html">Tools Index</a>

        <p>
        This is part of the Hive System Documentation.
        Copyright (C) 2019
        Hive Team.
        See the file <a href="../fdl-1.3-standalone.html">Gnu Free Documentation License</a> for copying conditions.</p>
    </body>
</html>