In this article I will give an example of installing Logwatch.
Installation command in Ubuntu/Debian:
sudo apt-get install logwatch
Installation on CentOS:
yum install logwatch
We create the necessary directory for work:
sudo mkdir /var/cache/logwatch sudo chown www-data:www-data /var/cache/logwatch
Copy and edit the configuration file:
sudo cp /usr/share/logwatch/default.conf/logwatch.conf /etc/logwatch/conf/ sudo nano /etc/logwatch/conf/logwatch.conf
From the text editor nano, use the Ctrl+X and y or n keys to exit or save changes.
In the configuration file, you can increase the detail to come more information, specifying the Detail = High.
To disable information about a specific service, you must set Service = “-name”.
In Format, you can specify the format of the text/html report.
You can also copy and configure other configuration files, for example:
sudo cp /usr/share/logwatch/default.conf/logfiles/http.conf /etc/logwatch/conf/logfiles/
Logwatch is automatically launched daily by adding it to the cron /etc/cron.daily/ scheduler directory.
To check the operation of Logwatch, you can run a command that displays the report:
sudo logwatch
Or perform the task that is added to cron, after which the report will come to the email:
sudo /etc/cron.daily/00logwatch
To remove logwatch in Ubuntu/Debian, run:
sudo apt-get remove logwatch
To remove logwatch on CentOS:
yum remove logwatch
See also my article:
Installing Graylog on Ubuntu