Customize LogWatch

Logwatch is a customizable log analysis system.
Logwatch parses through your system’s logs for a given period of time and creates a report analyzing areas that you specify, in as much detail as you require. Logwatch is easy to use and will work right out of the package on most systems.



1. Login to your server as root via SSH.



2. Load the logwatch configuration file

Type: pico -w /etc/log.d/conf/logwatch.conf



3. Search for where the log files are mailed too.

Press: CTRL-W

Type: MailTo

Set the e-mail address to an off server account so incase you get
hacked they can not delete the mail without hacking atleast 2 servers.



4. Now lets change what actions you are alerted of.

CTRL-W

Type: Detail



5. Detail = Low

Change that to Medium, or High.

I suggest high, because you will get more detailed logs with all actions.



6. Once you are done lets Exit & Save

CTRL-X then Y then Enter






Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.