I mentioned in a recent post regarding postfix smtp via Gmail that I use the logwatch utility for monitoring my systems. Ever since I found this utility I have really enjoyed the daily snapshot that it gives me of each of my systems, whether local or remote. Everything from package installed and removed, to security notifications regarding unsuccessful login attempts. Here’s how to install and configure Logwatch.
Install The Package
sudo aptitude install logwatch
Configuration
The default configuration can be found in /usr/share/logwatch/default.conf/logwatch.conf. Take a look around the file, but the main thing you might want to update:
MailTo = rootupdates toMailTo = [email protected]
I have my systems email me daily at my gmail address, so each morning I get an overview of the previous days logs.
If you have problems with the mail actually getting out you might want to check out my post regarding Postfix smtp via Gmail.
Any flavour/version of logwatch available that doesn’t require Postfix? Or similiar application that doesn’t? It’s dependancy seems a large overkill just to send an email once a day.
Jason, try ssmtp 🙂
logwatch is very useful.
At work we use CentOS and logwatch is installed an configured by default with httpd log analysis, pan_unix (mainly sshd logs), sshd, sendmail, xntpd, and disk usage.
Jason: you can use http://msmtp.sourceforge.net/ and tell cron to use it instead of default sendmail (postfix), and there’s no need to have a full working MTA in order to benefit from logwatch.