LogWatch —
In effetti Logwatch è un aggregatore di log che una volta al giorno manda una mail di riassunto che indica statistiche, scansioni lente o attacchi lenti.
apt-get install logwatch e l’operazione è finita.
A me non serve modificare nulla rispetto a quello che offre di default e quindi non copio il file di configurazione, ma se dovesse rendersi necessario a procedura è:
cp /usr/share/logwatch/default.conf/logwatch.conf /etc/logwatch/conf/ e modificare quest’ultimo file.
Un rapido test per vedere se tutto funziona a dovere con:
/usr/sbin/logwatch –output clark@myfirm.local e in mail mi trovo:
################### Logwatch 7.5.5 (01/22/21) ####################
Processing Initiated: Tue Nov 9 11:09:33 2021
Date Range Processed: yesterday
( 2021-Nov-08 )
Period is day.
Detail Level of Output: 0
Type of Output/Format: clark@myfirm.local / text
Logfiles for Host: sangiorgio
##################################################################
--------------------- Kernel Audit Begin ------------------------
Number of lost messages: 10
---------------------- Kernel Audit End -------------------------
--------------------- Named Begin ------------------------
**Unmatched Entries**
managed-keys-zone: Key 20326 for zone . is now trusted (acceptance timer complete): 1 Time(s)
---------------------- Named End -------------------------
--------------------- pam_unix Begin ------------------------
su:
Sessions Opened:
root -> nobody(uid=65534): 3 Time(s)
root -> fwanalog(uid=111): 2 Time(s)
---------------------- pam_unix End -------------------------
--------------------- Postfix Begin ------------------------
2.638M Bytes accepted 2,765,825
2.639M Bytes sent via SMTP 2,767,085
2.636M Bytes forwarded 2,764,534
======== ==================================================
10 Accepted 100.00%
-------- --------------------------------------------------
10 Total 100.00%
======== ==================================================
18 Removed from queue 18
10 Sent via SMTP 10
8 Forwarded 8
---------------------- Postfix End -------------------------
--------------------- Disk Space Begin ------------------------
Filesystem Size Used Avail Use% Mounted on
/dev/sda6 46G 1.9G 42G 5% /
/dev/sda3 546M 82M 424M 17% /boot
/dev/sda9 46G 98M 44G 1% /home
/dev/sda8 8.0G 38M 7.5G 1% /tmp
/dev/sda7 229G 11G 207G 5% /var
---------------------- Disk Space End -------------------------
###################### Logwatch End #########################
Categorised as: Logging | Work
Comments are disabled on this post