11月 292012
 

#yum install logwatch

查看配置文件目录
#ls /usr/share/logwatch/default.conf/

编辑配置文件
[root@oracle default.conf]# vi logwatch.conf

配置文件参数
指定系统日志存储目录(默认)
LogDir = /var/log

指定临时目录
TmpDir = /var/cache/logwatch

邮件报告的接收联系人
MailTo = root
多个联系人采用逗号分隔
MailTo = user1@mail.com,user2@mail.com

邮件发件人名称
MailFrom = Logwatch

指定报告内容时间段
Range = yesterday
可选参数包括、
All Today Yesterday

报告详细程度
Detail = Low

报告服务类型
Service = All
查看支持的报告服务类型
#ls /usr/share/logwatch/scripts/services/
afpd denyhosts ftpd-messages named postfix saslauthd syslogd
amavis dhcpd ftpd-xferlog netopia pound scsi tac_acc
arpwatch dnssec http netscreen proftpd-messages secure up2date
audit dovecot identd oidentd pureftpd sendmail vpopmail
automount dpkg imapd openvpn qmail sendmail-largeboxes vsftpd
autorpm emerge init pam qmail-pop3d shaperd windows
bfd evtapplication in.qpopper pam_pwdb qmail-pop3ds slon xntpd
cisco evtsecurity ipop3d pam_unix qmail-send smartd yum
clamav evtsystem iptables php qmail-smtpd sonicwall zz-disk_space
clamav-milter exim kernel pix raid sshd zz-fortune
clam-update eximstats mailscanner pluto resolver sshd2 zz-network
courier extreme-networks modprobe pop3 rt314 stunnel zz-runtime
cron fail2ban mountd portsentry samba sudo zz-sys

邮件发送参数(默认)
mailer = “sendmail -t”

系统每日计划任务
[root@oracle default.conf]# ls /etc/cron.daily/
0logwatch logrotate mlocate.cron readahead.cron
cups makewhatis.cron prelink tmpwatch
[root@oracle default.conf]#

手工执行报告发送
# /usr/share/logwatch/scripts/logwatch.pl

查看系统日志报告
#logwatch –print

# logwatch –range Today –print –mailto user1@mail.com

# /usr/share/logwatch/scripts/logwatch.pl –mailto user1@mail.com

 Leave a Reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

(required)

(required)

此站点使用Akismet来减少垃圾评论。了解我们如何处理您的评论数据