Logwatch is the classic log file email utility that emails a daily status of activity from Linux logs. On CentOS, the default install of logwatch does not have many fancy features enabled. I’ll show you how to configure logwatch!
First, install logwatch:
$ sudo yum install logwatch
Next, navigate to the logwatch services directory which is located as follows:
$ cd /usr/share/logwatch/defaults.conf/services
Here edit the following files:
$ sudo nano zz-disk_space.conf
Uncomment the lines as shown:
#New disk report options #Uncomment this to show the home directory sizes $show_home_dir_sizes = 1 $home_dir = "/home" #Uncomment this to show the mail spool size $show_mail_dir_sizes = 1 $mail_dir = "/var/spool/mail" #Uncomment this to show the system directory sizes /opt /usr/ /var/log $show_disk_usage = 1
Next, edit the following file:
$ sudo nano http.conf
Set the following to 1
# Set flag to 1 to enable ignore # or set to 0 to disable $HTTP_IGNORE_ERROR_HACKS = 1
Next, you may want to edit the email address that logwatch emails the report.
$ cd /usr/share/logwatch/defaults.conf/
$ sudo nano logwatch.conf
Change MailTo = to an email address as desired:
# Default person to mail reports to. Can be a local account or a # complete email address. Variable Print should be set to No to # enable mail feature. #MailTo = root MailTo = linuxadmins@mycompany.com
It is common practice to send root mail from all servers to a mailing list that all admins subscribe to.
Once complete, you may run logwatch manually at the command line with no options to test:
$ sudo logwatch
Logwatch by default runs with daily cron jobs in /etc/cron.daily.
No comments:
Post a Comment