Skip to Main Content
Network Security Hacks
book

Network Security Hacks

by Andrew Lockhart
April 2004
Intermediate to advanced content levelIntermediate to advanced
320 pages
9h 10m
English
O'Reilly Media, Inc.
Content preview from Network Security Hacks

Automatically Summarize Your Logs

Wade through that haystack of logs to find the proverbial needle.

If you’re logging almost every piece of information you can from all services and hosts on your network, no doubt you’re drowning in a sea of information. One way to keep abreast of the real issues affecting your systems is summarizing your logs. This easy with the logwatch tool (http://www.logwatch.org).

Logwatch analyzes your system logs over a given period of time and automatically generates reports, and it can easily be run from cron so that it can email you the results. Logwatch is available with most Red Hat Linux distributions. You can also download RPM packages from the project’s web site if you are using another RPM-based Linux distribution.

To compile logwatch from source, you can download the source code package. Since it is a script there is no need to compile anything. Thus installing it is as simple as copying the logwatch script to a directory.

You can install it by running commands similar to these:

# tar xfz logwatch-5.0.tar.gz
# cd logwatch-5.0
# mkdir /etc/log.d
# cp -R conf lib scripts /etc/log.d

You can also install the manpage and, for added convenience, create a link from the logwatch.pl script to /usr/sbin/logwatch:

# cp logwatch.8 /usr/share/man/man8
# (cd /usr/sbin 
            && \
            ln -s ../../etc/log.d/scripts/logwatch.pl logwatch)

Running the following command will give you a taste of the summaries logwatch creates:

# logwatch --print | less ################### LogWatch ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Linux: Powerful Server Administration

Linux: Powerful Server Administration

Uday Sawant, Oliver Pelz, Jonathan Hobson, William Leemans

Publisher Resources

ISBN: 0596006438Catalog PageErrata