Logwatch 7.3-10 설정방법

 

#### 설치 유무확인

# rpm -qa | grep Logwatch
 아무것도 없으면 설치 안되어 있음

 

#### 설치
# yum install -y Logwatch
Loaded plugins: fastestmirror
Determining fastest mirrors
 * addons: ftp.daum.net
 * base: ftp.daum.net
 * extras: ftp.neowiz.com
 * updates: mirror01.idc.hinet.net
addons                                                                                                 | 1.9 kB     00:00    
addons/primary_db                                                                                      | 1.1 kB     00:00    
base                                                                                                   | 1.1 kB     00:00    
base/primary                                                                                           | 1.2 MB     00:00    
base                                                                                                                3641/3641
extras                                                                                                 | 2.1 kB     00:00    
extras/primary_db                                                                                      | 188 kB     00:00    
updates                                                                                                | 1.9 kB     00:00    
updates/primary_db                                                                                     | 349 kB     01:47    
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package logwatch.noarch 0:7.3-10.el5 set to be updated
--> Processing Dependency: mailx for package: logwatch
--> Running transaction check
---> Package mailx.x86_64 0:8.1.1-44.2.2 set to be updated
--> Finished Dependency Resolution

Dependencies Resolved

==============================================================================================================================
 Package                       Arch                        Version                            Repository                 Size
==============================================================================================================================
Installing:
 logwatch                      noarch                      7.3-10.el5                         base                      245 k
Installing for dependencies:
 mailx                         x86_64                      8.1.1-44.2.2                       base                       57 k

Transaction Summary
==============================================================================================================================
Install       2 Package(s)
Upgrade       0 Package(s)

Total download size: 302 k
Is this ok [y/N]: y
Downloading Packages:
(1/2): mailx-8.1.1-44.2.2.x86_64.rpm                                                                   |  57 kB     00:00    
(2/2): logwatch-7.3-10.el5.noarch.rpm                                                                  | 245 kB     00:00    
------------------------------------------------------------------------------------------------------------------------------
Total                                                                                         1.6 MB/s | 302 kB     00:00    
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing     : mailx                                                                                                  1/2
  Installing     : logwatch                                                                                               2/2

Installed:
  logwatch.noarch 0:7.3-10.el5                                                                                               

Dependency Installed:
  mailx.x86_64 0:8.1.1-44.2.2                                                                                                

Complete!
설치완료

 

#### 환경 설정
환경 설정 파일은
/usr/share/logwatch/default.conf/logwatch.conf
여기에 있음

# vi /usr/share/logwatch/default.conf/logwatch.conf
########################################################
# This was written and is maintained by:
#    Kirk Bauer <kirk@kaybee.org>
#
# Please send all comments, suggestions, bug reports,
#    etc, to kirk@kaybee.org.
#
########################################################

# NOTE:
#   All these options are the defaults if you run logwatch with no
#   command-line arguments.  You can override all of these on the
#   command-line.

# You can put comments anywhere you want to.  They are effective for the
# rest of the line.

# this is in the format of <name> = <value>.  Whitespace at the beginning
# and end of the lines is removed.  Whitespace before and after the = sign
# is removed.  Everything is case *insensitive*.

# Yes = True  = On  = 1
# No  = False = Off = 0

# Default Log Directory
# All log-files are assumed to be given relative to this directory.
#LogDir = /var/log

#LogDir = 로그파일 위치

# You can override the default temp directory (/tmp) here
TmpDir = /var/cache/logwatch

# Default person to mail reports to.  Can be a local account or a
# complete email address.
#MailTo = root
MailTo = 개인메일주소

# Default person to mail reports from.  Can be a local account or a
# complete email address.
#MailFrom = Logwatch
MailFrom = 보내는사람 메일계정

# If set to 'Yes', the report will be sent to stdout instead of being
# mailed to above person.
Print = No

# if set, the results will be saved in <filename> instead of mailed
# or displayed.
#Save = /tmp/logwatch

# Use archives?  If set to 'Yes', the archives of logfiles
# (i.e. /var/log/messages.1 or /var/log/messages.1.gz) will
# be searched in addition to the /var/log/messages file.
# This usually will not do much if your range is set to just
# 'Yesterday' or 'Today'... it is probably best used with


수정 저장함.

#### 실행해 보기
실행파일은
/etc/cron.daily/0logwatch
/usr/share/logwatch/scripts/logwatch.pl
두개가 동일한 파일이다. 심블릭링크가 되어있다.

 

# /usr/share/logwatch/scripts/logwatch.pl

실행하면 개인메일주소로 메일이 발송이 된다.
(단, 메일데몬이 돌고 있어야 메일이 발송이 되는듯하다.)

 

매일 실행이 되도록 최초에 설치가 된다.
/etc/cron.daily 안에 실행파일이 있으므로 따로 설정을 건들지 않아도 된다.

 

#### 메일 확인
메일에 보내는사람의 메일 주소를 보면 "보내는사람 메일계정"으로 메일이 온다.
여러개의 서버를 관리하면 보내는사람으로 필터해서 메일을 구분하면 됩니다.