Difference between revisions of "Monitor System Logs via E-mail"

From Amahi Wiki
Jump to: navigation, search
 
(28 intermediate revisions by 2 users not shown)
Line 2: Line 2:
  
 
* First, open a terminal window and become '''root'''.  Enter the following to install:
 
* First, open a terminal window and become '''root'''.  Enter the following to install:
  yum install logwatch
+
<pre>yum install logwatch</pre>
  
* Settings are stored in '''''/usr/share/logwatch/default.conf/logwatch.conf''''' and NO changes to make it work. However, by default it sends the daily logwatch email to the local root mail folder.  If you want to forward these emails to another (including external) account, see:
+
::'''NOTE:''' <code>yum</code> (deprecated) has been replaced with <code>dnf</code> as the package manager for Fedora 23 and greater.
  
http://wiki.amahi.org/index.php/Forward_System_Emails
+
* You can customize the settings by adding options to '''''/etc/logwatch/conf/logwatch.conf'''''. By default it sends the daily logwatch email to the local root mail box.  To change it, add this line (change user@yourisp.com to desired email address):
 +
<pre>Output = mail
 +
MailTo = user@yourisp.com</pre>
  
* If you want to send the logwatch emails to an address different from other root emails, edit the default.conf file with your favorite editor and make the following change:
+
* If you want the email in html, add this line:
** '''MailTo = root''' (line 35) to '''MailTo = (your email address)'''
+
<pre>Format = html</pre>
 
 
* Ensure sendmail is running ('''''service sendmail status''''') or it won't work.
 
 
 
* To test, enter the command '''''logwatch''''' and go check your email.  If you want the email in html, add the switch '''''--output html'''''.
 
  
 +
* To test, enter the command '''''logwatch''''' and go check your email. 
 +
<pre>logwatch</pre>
 +
* Ensure sendmail or postfix is running (rerun command and change '''''status''''' to '''''start''''' if not):
 +
<pre>service sendmail status</pre>
 +
or
 +
<pre>service postfix status</pre>
  
 
'''Optional:'''
 
'''Optional:'''
  
 
* These are a few more basic options that can be configured.
 
* These are a few more basic options that can be configured.
** '''Range = yesterday''' (line 65) - additional values are '''all''' or '''today'''.
+
** '''Range = yesterday''' (default) - additional values are '''all''' or '''today'''.
** '''Detail = Low''' (line 72) - additional values are '''med''' or '''high'''.  I set mine to '''med'''.
+
** '''Detail = Low''' (default) - additional values are '''med''' or '''high'''.  I set mine to '''med'''.
  
  
 
This application runs transparent in the background, once daily in the morning.  If you want to run it more frequently (i.e. send logs for today), then change the range and execute the command '''''logwatch''''' as needed.
 
This application runs transparent in the background, once daily in the morning.  If you want to run it more frequently (i.e. send logs for today), then change the range and execute the command '''''logwatch''''' as needed.
 +
 +
'''NOTE:'''  If you want to forward these emails to another (including external) account, see [http://wiki.amahi.org/index.php/Forward_System_Emails Forward System Emails].

Latest revision as of 03:53, 18 June 2017

This will provide the capability to receive system logs via e-mail. There are many customizable features (Logwatch Documentation), but this will only identify the basic ones.

  • First, open a terminal window and become root. Enter the following to install:
yum install logwatch
NOTE: yum (deprecated) has been replaced with dnf as the package manager for Fedora 23 and greater.
  • You can customize the settings by adding options to /etc/logwatch/conf/logwatch.conf. By default it sends the daily logwatch email to the local root mail box. To change it, add this line (change user@yourisp.com to desired email address):
Output = mail
MailTo = user@yourisp.com
  • If you want the email in html, add this line:
Format = html
  • To test, enter the command logwatch and go check your email.
logwatch
  • Ensure sendmail or postfix is running (rerun command and change status to start if not):
service sendmail status

or

service postfix status

Optional:

  • These are a few more basic options that can be configured.
    • Range = yesterday (default) - additional values are all or today.
    • Detail = Low (default) - additional values are med or high. I set mine to med.


This application runs transparent in the background, once daily in the morning. If you want to run it more frequently (i.e. send logs for today), then change the range and execute the command logwatch as needed.

NOTE: If you want to forward these emails to another (including external) account, see Forward System Emails.