What is Logwatch?
Logwatch is a customizable log analysis system. Logwatch collects the system’s logs and create a good format of report, We can get the log reports in our mail from any Linux distribution based Server’s.
Server Setup:
IP Address : 192.168.1.6 (Requires a static IP to work this)
Hostname : log.ami.net
ifconfig | grep inet
hostnamectl
sudo apt-get install logwatch -y Type log.ami.net
sudo dpkg -l | grep logwatch
Step 2: Make changes to the configuration:
After installation we need to make changes to the conf file under
vim /usr/share/logwatch/default.conf/logwatch.conf
Output = mail Format = html MailTo = *****@live.in (Your mail id)
Range = Today
Step 3: E-mail Setup to Receive Emails
Then edit the file 00logwatch to append the mail were we need to get the Logs, Logwatch logs will get delivered to the below Email.
vim /etc/cron.daily/00logwatch
Add the following line with email ID. By default there will be /us/sbin/logwatcg –mailto comment it using # And add the below content.
/usr/sbin/logwatch --mailto ***@live.in /usr/sbin/logwatch --mailto webmaster@ami.net
Step 4: Test the Logwatch:
To test the Logwatch just simple run the logwatch command:
logwatch
Step 5: Schedule Cron Jobs
If we need get log in specific time add cronjob as below, Create a Cronjob using
crontab -e
Append the Below Content or add the own scheduler.
# m h dom mon dow command 0 10 * * * /usr/sbin/logwatch Note: It won`t work in local IP . for checking the smtp connection telnet 127.0.0.1 25 for closing Ctrl + ] telnet>quit
TECH INFO 