Setup logwatch on Ubuntu

From HPCWIKI
Revision as of 14:39, 7 January 2024 by Admin (talk | contribs) (→‎Setup logwatch[1])
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search


A log file is a collection of events and activities that have occurred over a specified period of time. The containing too much detailed and repeated information make system administrator very difficult to go through all logs.

Logwatch is a customizable tool that analyzes system log files based on areas you specify. It then generates the report of what is happening on the server and email it to the specified address if you want

Setup logwatch[1]

# On Ubuntu
sudo apt install logwatch

# Crate temporary directory
sudo mkdir /var/cache/logwatch

#Logwatch’s default configuration is in /usr/share/logwatch/default.conf/logwatch.conf. 
#However, configuration changes made directly to that file can be overwritten during updates
#so instead the file should be copied into /etc and modified the copied files for configuration
sudo cp /usr/share/logwatch/default.conf/logwatch.conf /etc/logwatch/conf/

# The two configuration files are  
default.conf/services
dist.conf/services

#By default, Logwatch will monitor logs for all services on the system
#undesired service can be disabled through the Service parameter, for example,
Service = "-http"
Service = "-eximstats"

Test logwatch

$ sudo logwatch --detail Low --range today

Customize logwatch service

The default logwatch.conf can control logwatch output sections. admin can enable or disable services by editing service sections logwatch.conf file

# -service name will disable the service
...
# You can also disable certain services (when specifying all)
Service = "-sudo"      
Service = "-secure"      
Service = "-pam_unix"      
Service = "-dpkg"      
Service = "-spamassassin"      
Service = "-zz-lm_sensors"
...

Enable smartd to logwatch on Ubuntu[2]

# To enable smart information to logwatch on Ubuntu
# Edit edited the smart.conf files in both files /usr/share/logwatch/default.conf/services and /usr/share/logwatch/dist.conf/services
"LogFile =" to LogFile = syslog

# Above logwatch command will show smartd logs, for example 
...
--------------------- Smartd Begin ------------------------ 
 /dev/sda [SAT] :
    Usage: Temperature_Celsius (194) changed to 
      119, 116, 117, 116, 
 /dev/sdb [SAT] :
    Usage: Temperature_Celsius (194) changed to 
      118, 116, 
 /dev/sdc [SAT] :
    Usage: Temperature_Celsius (194) changed to 
      166, 162, 
 Offline uncorrectable sectors detected:
        /dev/sdc [SAT] - 15 Time(s)
        3 offline uncorrectable sectors detected
 ---------------------- Smartd End ------------------------- 
 ...

References

  1. https://ubuntu.com/server/docs/logwatch
  2. https://ubuntuforums.org/showthread.php?t=2268073
Retrieved from "http://wiki.hpcmate.com/index.php?title=Setup_logwatch_on_Ubuntu&oldid=1761"