Logwatch commandIt is a customizable and pluggable log monitoring system that generates log reports by traversing system log files within a given time range. Logwatch is executed once a day by default, and can be executed from
Detail < report detail >: specify the detail of log reports; Logfile < Logfile >: Only the specified log files are processed; Service < Service Name >: Only log files for specified services are processed; Print: Print results to standard output; Mailto < Mail Address >: Send the results to the designated mailbox; Range < date range >: specify the date range for processing logs; Archves: Processing archived log files; Debug < Debugging Level >: Debugging Mode; Save < filename >: save the result to the specified file without displaying or sending it to the specified mailbox; Logdir < Directory >: Specify the directory to find log files instead of using the default log directory; - hostname < host name >: specify the host name used in the log report, not using the default host name of the system; - numeric: Display the IP address instead of the host name in the report; --help: Displays help information for instructions.
Check if Logwatch already exists on your host (Redhat has installed Logwatch by default, but the version is older):
rpm -qa logwatch
If there is no logwatch on the host, execute:
rpm -Ivh logwatch***.rpm
If there is an old version of logwatch, execute:
rpm -Uvh logwatch***.rpm
After installation, configure:
You can modify and add its logfiles, services, and other configurations, but by default there are many scripts, as long as they are set in 1)
Detail = HighThat’s all right.
- New configurations can be added to
- It can also be modified.
/usr/share/logwatch/default.conf/The file with the same name below.
It doesn’t matter if logwatch. conf is not set, you can set it directly from the command line.
Logwatch -- detail High -- Service All -- range All -- print basically shows all the logs. Logwatch -- service sshd -- detail High only looks at sshd's log
The above is the Logwatch command in Linux introduced by Xiaobian. I hope it will be helpful to you. If you have any questions, please leave me a message and Xiaobian will reply to you in time. Thank you very much for your support to developpaer.