You know how important it is to do a daily log review. But you also know how much of a drag it is, and that you’d rather take a severe beating. Fortunately, there are various utilities that can make the job easier. Of the various choices in the normal Linux distro repositories, Logwatch is a perfect tool that we can use for this task.
To deliver its messages, Logwatch requires that the machine also has a running mail server daemon. Depending on the options you chose when installing the operating system, you might or might not already have the Postfix mail server installed. When Postfix is set up as a local server, it will deliver system messages to the root user’s local account.
To view the Logwatch summaries on the local machine, you’ll also need to install a text- mode mail reader, such as mutt.
1. Install Logwatch, mutt and Postfix with the following command
#apt install postfix mutt logwatch
2. Create a mail spool file for your user account
3. Forward the root user’s mail to your own normal account
Open the /etc/aliases file in your favorite text editor. Configure it to forward the root user’s mail to your own normal account by adding the following line at the bottom of the file:
4. Save the file, and then copy the information from it to a binary file that the system can read. Do that with this:
At this point, you have a fully operational implementation of Logwatch that will deliver daily log summaries with a low level of detail.
5. To see the default configuration, look at the default configuration file:
6. To change the configuration, edit the /etc/logwatch/conf/logwatch.conf file. Change to a medium level of logging detail by adding this line
Detail = Med
7. Perform some actions that will generate some log entries and view your log summary by using this command
Latest posts by Ruwantha Nissanka (see all)
- 4 ways to hide your identity using linux - January 18, 2021
- How To Install Kali Linux in Virtualbox - December 31, 2020
- Kali Linux : The OS That Hackers Use - December 31, 2020
- How to monitor user activity in Linux with Acct - December 30, 2020
- Debsecan : You will not miss another security update - December 28, 2020