Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
branch: master
Fetching contributors…

Cannot retrieve contributors at this time

71 lines (45 sloc) 2.642 kB
deprecated author description keywords license alias modified modified_by published title
true
name email
Amanda Folson
docs@linode.com
Use logwatch to monitor system logs and generate reports.
logwatch,security,logging,audit
server-monitoring/logwatch/fedora-13/
Monday, October 8th, 2012
name
Linode
Monday, October 25th, 2010
Monitor System Logs with Logwatch on Fedora 13

Logwatch is a utility used to monitor system logs and create reports. These reports include failed login attempts, successful login attempts, and storage space used/available.

Before installing Logwatch, it is assumed that you have followed our getting started guide. If you are new to Linux server administration, you may be interested in our introduction to Linux concepts guide, beginner's guide and administration basics guide.

Update System Packages

You will need to make sure that your system and installed packages are up to date by issuing the following command:

yum update

Once this has completed, you are ready to install Logwatch.

Install Logwatch

Issue the following command to install Logwatch:

yum install logwatch

Configure Logwatch

Once you have installed Logwatch, you will need to configure it to email you the reports it generates. You are encouraged to look through the entire configuration, but you may safely use Logwatch after editing the lines below.

{: .file } /usr/share/logwatch/default.conf/logwatch.conf : ~~~ ini MailTo = myemail@mydomain.com MailFrom = logwatch@mydomain.com ~~~

The MailTo and MailFrom directives should be valid email addresses.

Issue the following command to test your logwatch installation:

logwatch

Once you have issued this command, you will need to check your email to make sure that logwatch is working. Be sure to check your spam folder as these emails may be seen as spam.

Adding a Cron Job for Logwatch

You can add a cron job for Logwatch in order to receive daily emails of new reports. You can add a new entry to your crontab by running crontab -e. The following example cron job runs Logwatch at 1 AM each day, issuing you an email report of the daily activity:

# m h dom mon dow   command
0 1  * * *          /usr/sbin/logwatch

Congratulations! You can now monitor system logs with Logwatch!

Jump to Line
Something went wrong with that request. Please try again.