Installing and configuring Logwatch

In this article I will give an example of installing Logwatch.
Installation command in Ubuntu/Debian:

sudo apt-get install logwatch

Installation on CentOS:

yum install logwatch

We create the necessary directory for work:

sudo mkdir /var/cache/logwatch
sudo chown www-data:www-data /var/cache/logwatch

Copy and edit the configuration file:

sudo cp /usr/share/logwatch/default.conf/logwatch.conf /etc/logwatch/conf/
sudo nano /etc/logwatch/conf/logwatch.conf

From the text editor nano, use the Ctrl+X and y or n keys to exit or save changes.
In the configuration file, you can increase the detail to come more information, specifying the Detail = High.
To disable information about a specific service, you must set Service = “-name”.
In Format, you can specify the format of the text/html report.

You can also copy and configure other configuration files, for example:

sudo cp /usr/share/logwatch/default.conf/logfiles/http.conf /etc/logwatch/conf/logfiles/

Logwatch is automatically launched daily by adding it to the cron /etc/cron.daily/ scheduler directory.

To check the operation of Logwatch, you can run a command that displays the report:

sudo logwatch

Or perform the task that is added to cron, after which the report will come to the email:

sudo /etc/cron.daily/00logwatch

To remove logwatch in Ubuntu/Debian, run:

sudo apt-get remove logwatch

To remove logwatch on CentOS:

yum remove logwatch

See also my article:
Installing Graylog on Ubuntu

Did my article help you? How about buying me a cup of coffee as an encouragement? Buy me a coffe.

Leave a comment

Leave a Reply