Потребител Парола | Регистрация | Забравена парола
· Начало
· Файлове
· Форум
· Връзки
· Категории на уроците
· За контакти
· Фото галерия
· Търсене
Кажи на приятел

Вашия email:
email на приятел:
Копие за вас?

Logwatch инсталиране и конфигурация на Debian 7

Unix & LinuxLogwatch е модулен лог анализатор, който работи всяка нощ и праща писма с резултатите. Освен автоматичен режим програма може да се пуска и ръчно от конзола

Да започнем с инсталацията:

#apt-get install logwatch
инсталацията е автоматична и не се налага да правите абсолютно нищо

Сега трябва да се конфигурира програмата.

конфигурационния файл на logwatch се намира в /etc/logwatch/conf/logwatch.conf

Default Logwatch configuration file as below and you need to change this file options

nano /etc/logwatch/conf/logwatch.conf

#   All these options are the defaults if you run logwatch with no
#   command-line arguments.  You can override all of these on the
#   command-line.
# You can put comments anywhere you want to.  They are effective for the
# rest of the line.
# this is in the format of <name> = <value>.  Whitespace at the beginning
# and end of the lines is removed.  Whitespace before and after the = sign
# is removed.  Everything is case *insensitive*.
# Yes = True  = On  = 1
# No  = False = Off = 0
# Default Log Directory
# All log-files are assumed to be given relative to this directory.

LogDir = /var/log

# You can override the default temp directory (/tmp) here

TmpDir = /tmp

# Default person to mail reports to.  Can be a local account or a
# complete email address.

MailTo = root

# If set to 'Yes', the report will be sent to stdout instead of being
# mailed to above person.

Print = No

# Leave this to 'Yes' if you have the mktemp program and it supports
# the '-d' option.  Some older version of mktemp on pre-RH7.X did not
# support this option, so set this to no in that case and Logwatch will
# use internal temp directory creation that is (hopefully) just as secure

UseMkTemp = Yes

#       Some systems have mktemp in a different place

MkTemp = /bin/mktemp

# if set, the results will be saved in <filename> instead of mailed
# or displayed.
#Save = /tmp/logwatch
# Use archives?  If set to 'Yes', the archives of logfiles
# (i.e. /var/log/messages.1 or /var/log/messages.1.gz) will
# be searched in addition to the /var/log/messages file.
# This usually will not do much if your range is set to just
# 'Yesterday' or 'Today'... it is probably best used with
# Archives = Yes
# Range = All
# The default time range for the report...
# The current choices are All, Today, Yesterday
Range = yesterday
# The default detail level for the report.
# This can either be Low, Med, High or a number.
# Low = 0
# Med = 5
# High = 10

Detail = Med

# The 'Service' option expects either the name of a filter
# (in /etc/log.d/scripts/services/*) or 'All'.
# The default service(s) to report on.  This should be left as All for
# most people.

Service = All

# You can also disable certain services (when specifying all)
#Service = -zz-fortune
# If you only cared about FTP messages, you could use these 2 lines
# instead of the above:
#Service = ftpd-messages   # Processes ftpd messages in /var/log/messages
#Service = ftpd-xferlog    # Processes ftpd messages in /var/log/xferlog
# Maybe you only wanted reports on PAM messages, then you would use:
#Service = pam_pwdb     # PAM_pwdb messages - usually quite a bit
#Service = pam          # General PAM messages... usually not many
# You can also choose to use the 'LogFile' option.  This will cause
# logwatch to only analyze that one logfile.. for example:
#LogFile = messages
# will process /var/log/messages.  This will run all the filters that
# process that logfile.  This option is probably not too useful to
# most people.  Setting 'Service' to 'All' above analyizes all LogFiles
# anyways...
# some systems have different locations for mailers

mailer = /usr/bin/mail

# With this option set to 'Yes', only log entries for this particular host
# (as returned by 'hostname' command) will be processed.  The hostname
# can also be overridden on the commandline (with --hostname option).  This
# can allow a log host to process only its own logs, or Logwatch can be
# run once per host included in the logfiles.
# The default is to report on all log entries, regardless of its source host.
# Note that some logfiles do not include host information and will not be
# influenced by this setting.


#HostLimit = Yes

С командата
# logwatch    -   проверяваме дали всичко работи

Се га е време да го добавиме да се изпълнява автоматично което става по следния начин.
#crontab -e
и добавяме следния ред

0 1  * * *    /usr/sbin/logwatch

Вече сте готови
ако ви трябва повече инфо прочетете man-a
· smilev на March 01 2014 20:04:56 · 0 Коментари · 4138 Прочитания · Отпечатай
Няма добавени коментари.
Напиши коментар
Моля влезте, за да коментирате.
Рейтингите са достъпни само за регистрирани.

Моля влезте или се регистрирайте за да гласувате.

Няма оценки.


Не сте регистрирани?
Натиснете тук за регистрация.

Забравена парола?
Натиснете тук за нова.
С каква операционна система работите

Трябва да влезете за да гласувате.
Трябва да влезате за да пуснете съобщение.

Няма съобщения.