Logwatch 7.3-10 설정방법
#### 설치 유무확인
# rpm -qa | grep Logwatch
아무것도 없으면 설치 안되어 있음
#### 설치
# yum install -y Logwatch
Loaded plugins: fastestmirror
Determining fastest mirrors
* addons: ftp.daum.net
* base: ftp.daum.net
* extras: ftp.neowiz.com
* updates: mirror01.idc.hinet.net
addons | 1.9 kB 00:00
addons/primary_db | 1.1 kB 00:00
base | 1.1 kB 00:00
base/primary | 1.2 MB 00:00
base 3641/3641
extras | 2.1 kB 00:00
extras/primary_db | 188 kB 00:00
updates | 1.9 kB 00:00
updates/primary_db | 349 kB 01:47
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package logwatch.noarch 0:7.3-10.el5 set to be updated
--> Processing Dependency: mailx for package: logwatch
--> Running transaction check
---> Package mailx.x86_64 0:8.1.1-44.2.2 set to be updated
--> Finished Dependency Resolution
Dependencies Resolved
==============================================================================================================================
Package Arch Version Repository Size
==============================================================================================================================
Installing:
logwatch noarch 7.3-10.el5 base 245 k
Installing for dependencies:
mailx x86_64 8.1.1-44.2.2 base 57 k
Transaction Summary
==============================================================================================================================
Install 2 Package(s)
Upgrade 0 Package(s)
Total download size: 302 k
Is this ok [y/N]: y
Downloading Packages:
(1/2): mailx-8.1.1-44.2.2.x86_64.rpm | 57 kB 00:00
(2/2): logwatch-7.3-10.el5.noarch.rpm | 245 kB 00:00
------------------------------------------------------------------------------------------------------------------------------
Total 1.6 MB/s | 302 kB 00:00
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : mailx 1/2
Installing : logwatch 2/2
Installed:
logwatch.noarch 0:7.3-10.el5
Dependency Installed:
mailx.x86_64 0:8.1.1-44.2.2
Complete!
설치완료
#### 환경 설정
환경 설정 파일은
/usr/share/logwatch/default.conf/logwatch.conf
여기에 있음
# vi /usr/share/logwatch/default.conf/logwatch.conf
########################################################
# This was written and is maintained by:
# Kirk Bauer <kirk@kaybee.org>
#
# Please send all comments, suggestions, bug reports,
# etc, to kirk@kaybee.org.
#
########################################################
# NOTE:
# All these options are the defaults if you run logwatch with no
# command-line arguments. You can override all of these on the
# command-line.
# You can put comments anywhere you want to. They are effective for the
# rest of the line.
# this is in the format of <name> = <value>. Whitespace at the beginning
# and end of the lines is removed. Whitespace before and after the = sign
# is removed. Everything is case *insensitive*.
# Yes = True = On = 1
# No = False = Off = 0
# Default Log Directory
# All log-files are assumed to be given relative to this directory.
#LogDir = /var/log
#LogDir = 로그파일 위치
# You can override the default temp directory (/tmp) here
TmpDir = /var/cache/logwatch
# Default person to mail reports to. Can be a local account or a
# complete email address.
#MailTo = root
MailTo = 개인메일주소
# Default person to mail reports from. Can be a local account or a
# complete email address.
#MailFrom = Logwatch
MailFrom = 보내는사람 메일계정
# If set to 'Yes', the report will be sent to stdout instead of being
# mailed to above person.
Print = No
# if set, the results will be saved in <filename> instead of mailed
# or displayed.
#Save = /tmp/logwatch
# Use archives? If set to 'Yes', the archives of logfiles
# (i.e. /var/log/messages.1 or /var/log/messages.1.gz) will
# be searched in addition to the /var/log/messages file.
# This usually will not do much if your range is set to just
# 'Yesterday' or 'Today'... it is probably best used with
수정 저장함.
#### 실행해 보기
실행파일은
/etc/cron.daily/0logwatch
/usr/share/logwatch/scripts/logwatch.pl
두개가 동일한 파일이다. 심블릭링크가 되어있다.
# /usr/share/logwatch/scripts/logwatch.pl
실행하면 개인메일주소로 메일이 발송이 된다.
(단, 메일데몬이 돌고 있어야 메일이 발송이 되는듯하다.)
매일 실행이 되도록 최초에 설치가 된다.
/etc/cron.daily 안에 실행파일이 있으므로 따로 설정을 건들지 않아도 된다.
#### 메일 확인
메일에 보내는사람의 메일 주소를 보면 "보내는사람 메일계정"으로 메일이 온다.
여러개의 서버를 관리하면 보내는사람으로 필터해서 메일을 구분하면 됩니다.