5.5. Keeping an eye on things (logwatch)

5.5. Keeping an eye on things (logwatch)
Prev	Chapter 5. Network Configuration	Next

The SISO router uses remote syslog to archive messages from its tasks. This section describes how to generate reports for key services.

The vanilla syslogd appends messages from the different syslog clients to the file /var/log/messages. The sytem log analyzer and reporter (logwatch) can generate reports based on this raw data. To use logwatch with SISO:

Only report on one host
- add HostLimit = Yes to /etc/log.d/logwatch.conf

Generate the reports once a day.

add the following crontab entry

0 1 * * * /usr/sbin/logwatch --archives --range yesterday --hostname siso.vonk --mailto root

The logwatch distributed with Fedora Core 3, needs a patch: ^[38]

Example F.10, “patch for syslog:/etc/log.d/scripts/shared/onlyhost”

Install the example logwatch configuration files and scripts on the syslog server:

Example F.11, “syslog:/etc/log.d/conf/services/firewall.conf”
Example F.12, “syslog:/etc/log.d/scripts/services/firewall”
Example F.13, “syslog:/etc/log.d/conf/services/dnsmasq.conf”
Example F.14, “syslog:/etc/log.d/scripts/services/dnsmasq”
Example F.15, “syslog:/etc/log.d/conf/services/hostapd.conf”
Example F.16, “syslog:/etc/log.d/scripts/services/hostapd”

^[38] Reported as bug 151612 on http://bugzilla.redhat.com

Prev	Up	Next
5.4. Traffic Control	Home	Chapter 6. Virtual Private Network Server