1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
|
<!DOCTYPE html>
<html dir="ltr" lang="en">
<head>
<meta charset='utf-8'>
<title>Logwatch</title>
</head>
<body>
<a href="index.html">Tools Index</a>
<h1>Logwatch</h1>
<p>Install logwatch, ports collection contains <a href="https://crux.nu/portdb/index.php?a=getup&q=deepthought">deepthought.httpup</a> port;</p>
<pre>
$ prt-get depinst logwatch
</pre>
<h2 id="conf">1.1. Configure</h2>
<p>Logwatch apply configuration state using layers of configuration files, last in the list is most important;</p>
<ul>
<li>/usr/share/logwatch/default.conf/*</li>
<li>/etc/logwatch/conf/*</li>
<li>command line arguments</li>
</ul>
<p>From logwatch documentation;</p>
<pre>
The contents of the three directories /usr/share/logwatch/default.conf,
/usr/share/logwatch/dist.conf, and /etc/logwatch/conf, all have the
same structure:
services: This subdirectory contains the configuration
files specific to each service. Logwatch
determines which services are available by
examining the contents of this directory.
Each service configuration file is named by
its service name with the ".conf" suffix.
logfiles: This subdirectory contains the logfile group
configuration files. Each logfile group
configuration file contains information about
one or more log files with the same format.
Several services may use the same logfile
group configuration file. Each of these
configuration files are named by the group
name with the ".conf" suffix. Many
of the group names are taken from the name
of a system log file (such as messages,
maillog, secure, etc.), but not always.
logwatch.conf: This file contains the defaults for the
overall execution of Logwatch, and affect all
of its services. Many of its parameters can
be overridden by command-line switches when
invoking the Logwatch executable, as described
in the man page for Logwatch.
ignore.conf: This file specifies regular expressions that,
when matched by the output of logwatch, will
suppress the matching line, regardless of which
service is being executed.
The /etc/logwatch/conf directory may also contain the file 'override.conf',
which is described in section 4, "Customizing the Configuration."
</pre>
<p>Copy default configuration to use as a template;</p>
<pre>
$ sudo cp /usr/share/logwatch/default.conf/logwatch.conf /etc/logwatch/conf/
</pre>
<p>Example configuration;</p>
<pre>
MailTo = admin@machine
MailFrom = logwatch
Range = Today
Detail = Med
</pre>
<p>Default activate all services, to enable per service edit /usr/share/logwatch/default.conf/logwatch.conf;</p>
<pre>
#Service = All
</pre>
<p>Then add the services to /etc/logwatch/conf/logwatch.conf;</p>
<pre>
Service = http
Service = exim
Service = dhcpd
</pre>
<pre>
$ sudo /usr/share/logwatch/scripts/logwatch.pl
</pre>
<h2 id="cron">1.2. Set cron task</h2>
<p>First make sure that email gets deliver;</p>
<pre>
$ sudo /usr/share/logwatch/scripts/logwatch.pl --output mail
</pre>
<p>Create file /etc/cron/daily/logwatch;</p>
<pre>
#!/bin/sh
#
# /etc/cron/daily/logwatch: run logwatch and mail output
#
/usr/share/logwatch/scripts/logwatch.pl --output mail
# End of file
</pre>
<pre>
$ sudo chmod +x /etc/cron/daily/logwatch
</pre>
<a href="index.html">Tools Index</a>
<p>
This is part of the Hive System Documentation.
Copyright (C) 2019
Hive Team.
See the file <a href="../fdl-1.3-standalone.html">Gnu Free Documentation License</a> for copying conditions.</p>
</body>
</html>
|