Automatically Summarize Your Logs
Wade through that haystack of logs to find the proverbial needle.
If you’re
logging almost every piece of information you can from all services
and hosts on your network, no doubt you’re drowning
in a sea of information. One way to
keep abreast of the real issues affecting your systems is summarizing
your logs. This easy with the
logwatch
tool (http://www.logwatch.org).
Logwatch analyzes your system logs over a given
period of time and automatically generates reports, and it can easily
be run from cron so that it can email you the
results.
Logwatch
is
available with most Red Hat Linux distributions. You can also download RPM packages from the
project’s web site if you are using another
RPM-based Linux distribution.
To compile logwatch from source, you can
download the source code package.
Since it is a script there is no need to compile
anything. Thus installing it is as
simple as copying the logwatch script to a
directory.
You can install it by running commands similar to these:
#tar xfz logwatch-5.0.tar.gz#cd logwatch-5.0#mkdir /etc/log.d#cp -R conf lib scripts /etc/log.d
You can also install the manpage and, for added convenience, create a
link from the logwatch.pl script to
/usr/sbin/logwatch:
#cp logwatch.8 /usr/share/man/man8#(cd /usr/sbin&& \ln -s ../../etc/log.d/scripts/logwatch.pl logwatch)
Running the following command will give you a taste of the summaries
logwatch creates:
# logwatch --print | less ################### LogWatch ...