Monitor System Logs via E-mail
From Amahi Wiki
This will provide the capability to receive system logs via e-mail. There are many customizable features (Logwatch Documentation), but this will only identify the basic ones.
- First, open a terminal window and become root. Enter the following to install:
bash code |
---|
yum install logwatch
|
- Settings are stored in /usr/share/logwatch/default.conf/logwatch.conf and NO changes to make it work. However, by default it sends the daily logwatch email to the local root mail folder. If you want to forward these emails to another (including external) account, see Forward System Emails
- If you want to send the logwatch emails to an address different from other root emails, edit the default.conf file with your favorite editor and make the following change:
- MailTo = root (line 35) to MailTo = (your email address)
- Ensure sendmail is running (service sendmail status) or it won't work.
- To test, enter the command logwatch and go check your email. If you want the email in html, add the switch --output html.
Optional:
- These are a few more basic options that can be configured.
- Range = yesterday (line 65) - additional values are all or today.
- Detail = Low (line 72) - additional values are med or high. I set mine to med.
This application runs transparent in the background, once daily in the morning. If you want to run it more frequently (i.e. send logs for today), then change the range and execute the command logwatch as needed.