Difference between revisions of "Logwatch"
(Created page with "This is a perl script that scans logfiles and auto-generates reports. It sends them to you via email (plain txt or html). ==Logfiles Watched== afpd denyhosts ftpd-xferlog netsc...") |
(→TBD) |
||
Line 30: | Line 30: | ||
===TBD=== | ===TBD=== | ||
We need filters for FusionPBX logfiles, and FreeSWITCH logfiles. | We need filters for FusionPBX logfiles, and FreeSWITCH logfiles. | ||
+ | |||
+ | ===Testing=== | ||
+ | logwatch --print > /tmp/logtest |
Revision as of 15:31, 19 May 2011
This is a perl script that scans logfiles and auto-generates reports. It sends them to you via email (plain txt or html).
Contents
Logfiles Watched
afpd denyhosts ftpd-xferlog netscreen pureftpd sendmail-largeboxes vsftpd amavis dhcpd http oidentd qmail shaperd windows arpwatch dnssec identd openvpn qmail-pop3d slon xntpd audit dovecot imapd pam qmail-pop3ds smartd yum automount dpkg init pam_pwdb qmail-send sonicwall zz-disk_space autorpm emerge in.qpopper pam_unix qmail-smtpd spamassassin zz-fortune barracuda evtapplication ipop3d php raid sshd zz-network bfd evtsecurity iptables pix resolver sshd2 zz-runtime cisco evtsystem kernel pluto rt314 stunnel zz-sys clamav exim mailscanner pop3 samba sudo clamav-milter eximstats modprobe portsentry saslauthd syslogd clam-update extreme-networks mountd postfix scsi tac_acc courier fail2ban named pound secure up2date cron ftpd-messages netopia proftpd-messages sendmail vpopmail
Install
First, you will need an smtp mailer. You might have a look at the sSmtp program
Ubuntu 10.04
sudo su apt-get install logwatch build-essential libyaml-perl perl -MCPAN -e 'install Sys::CPU' perl -MCPAN -e 'install Sys::MemInfo'
Configure
vim /usr/share/logwatch/default.conf/logwatch.conf
change:
Output = mail Format = html MailTo = root Range = all #Service = "-zz-network" # Prevents execution of zz-network service, which # prints useful network configuration info. #Service = "-zz-sys" # Prevents execution of zz-sys service, which # prints useful system configuration info. Service = "-eximstats" # Prevents execution of eximstats service, which # is a wrapper for the eximstats program. #Maybe Detail = High?
Example Output
Here's an example from a voip server
TBD
We need filters for FusionPBX logfiles, and FreeSWITCH logfiles.
Testing
logwatch --print > /tmp/logtest