I just discovered logwatch, a logfile analyser for Linux, and thought I'd share it here in case it could be useful to other server owners.
It's a really neat way to review your log files without trawling through the whole thing yourself - mine is set up to email me daily with a summary of what happened yesterday.
It comes with a bunch of pre-configured logfile and service configuration files, which tell it where to look for logs and how to parse them. My email today contained a summary in the following categories:
...and you can choose the level of detail you want to see for each. I still look at the log files occasionally, but now I use the summary to decide whether there's something worth looking at.
It's a really neat way to review your log files without trawling through the whole thing yourself - mine is set up to email me daily with a summary of what happened yesterday.
It comes with a bunch of pre-configured logfile and service configuration files, which tell it where to look for logs and how to parse them. My email today contained a summary in the following categories:
- Dovecot
- dpkg
- fail2ban
- httpd (apache)
- pam_unix
- postfix
- SSHD
- sudo
- vsftpd
- disk space
...and you can choose the level of detail you want to see for each. I still look at the log files occasionally, but now I use the summary to decide whether there's something worth looking at.
Comment