dcsimg

Scripting Clinic: Nagging Logs Make for Safe Networks - Page 2

 By Carla Schroder | Posted Oct 20, 2004
Page 2 of 2   |  Back to Page 1
Print Article

WEBINAR:
On-Demand

EUC with HCI: Why It Matters


Continued From Page 1

Email Notifications With Logwatch

Logwatch is a slick Perl script that bundles up logfile reports and emails them to you. Debian users can install it by running apt-get install logwatch. Debian puts the configuration files in /etc/logwatch. The RPM puts them in /etc/log.d. Of course you may also install from sources. Be sure to consult the README for installation.

To make it go, first find logwatch.conf. You'll need to make a few tweaks. Set the "MailTo" directive to your desired email address, or local account. For local mail, most Linux systems still come with venerable old "mail", which works just fine:

MailTo = carla
mailer = /usr/bin/mail

Of course you may use any mailer you wish.

To make Logwatch send you daily reports, set the time range to "Today":

Range = Today

Other choices are "All" and "Yesterday." Now set your desired detail level for your reports:

Detail = High

Save your changes, and run Logwatch to send you a report:

# logwatch

The whole idea is to have Logwatch work without you having to exert yourself, so now you have to edit /etc/crontab to run Logwatch at your desired intervals. This runs it daily at 1am:

# m h dom mon dow user	command
   0 1	* * *	root       /usr/sbin/logwatch

Logging Strategy

There are a lot of different ways to tweak log output. Logwatch and syslog both have a large number of configurable options. I like to configure syslog.conf for more detailed output, then trim it back in Logwatch. That way I get a nice summary from Logwatch, and if there is anything scary that needs investigation, the regular system logs will tell all.

Resources

  • See the man pages for tail, syslog, and syslog.conf.
  • Logwatch resides at Logwatch.org.
  • See the man page for mail. If you have mailx on your system, look for /usr/share/doc/mailx.
  • Linux in a Nutshell, by Ellen Siever, is my #1 indispensible Linux command reference

Comment and Contribute
(Maximum characters: 1200). You have
characters left.
Get the Latest Scoop with Enterprise Networking Planet Newsletter

By submitting your information, you agree that enterprisenetworkingplanet.com may send you ENTERPRISENetworkingPLANET offers via email, phone and text message, as well as email offers about other products and services that ENTERPRISENetworkingPLANET believes may be of interest to you. ENTERPRISENetworkingPLANET will process your information in accordance with the Quinstreet Privacy Policy.