Featured
Cloud Spectator Cloud Storage Benchmark Report
Cloud Spectator
Benchmark Report
Cloud Block Storage
Access Report
Why Linode
Get to Know Us Better
Featured
Free Services from Linode Free Bundled Services
Free Bundled Services
Discover our no-cost security, networking,
maintenance, and monitoring solutions.
Learn More
View All Products
Compute
Storage
Databases
Services
Networking
Developer Tools
Featured
Dev Mukherjee
Dev Mukherjee
@ Anomaly
Innovation Down Under and Beyond:
From Virtualization to Electric Vehicles
Read Dev's Story
View All Solutions
Solutions
Featured
Cloud Pricing Calculator
Cloud Pricing Calculator
Estimate your cloud costs. Price and configure Linode features to match your needs.
Launch Calculator
Pricing
Free eBook
MSP ebook
The MSP's Guide
to Modern Cloud Infrastructure
Discover one of the best-kept secrets in building a scalable,
thriving, modern Managed Service Provider business.
Download
Community
Engage With Us

Monitor System Logs with Logwatch on Ubuntu 10.10 (Maverick)

Updated , by Linode
Select distribution:
Traducciones al Español
Estamos traduciendo nuestros guías y tutoriales al Español. Es posible que usted esté viendo una traducción generada automáticamente. Estamos trabajando con traductores profesionales para verificar las traducciones de nuestro sitio web. Este proyecto es un trabajo en curso.
Deprecated

This guide has been deprecated and is no longer being maintained.

Create a Linode account to try this guide with a $100 credit.
This credit will be applied to any valid services used during your first 60 days.

Logwatch is a utility used to monitor system logs and create reports. These reports include failed login attempts, successful login attempts, and storage space used/available.

Before installing Logwatch, it is assumed that you have followed our Setting Up and Securing a Compute Instance. If you are new to Linux server administration, you may be interested in our introduction to Linux concepts guide, beginner’s guide and administration basics guide.

Update System Packages

You will need to make sure that your system and installed packages are up to date by issuing the following commands:

apt-get update
apt-get upgrade

Install Logwatch

Issue the following command to install Logwatch:

apt-get install logwatch

By default, Logwatch will install Postfix if you do not have an SMTP service installed. If prompted to install Postfix, select the “Internet Site” configuration.

Configure Logwatch

Once you have installed Logwatch, you will need to configure it to email you the reports it generates. You are encouraged to look through the entire configuration, but you may safely use Logwatch after editing the lines below.

File: /usr/share/logwatch/default.conf/logwatch.conf
1
2
3
4

Output = mail
Format = html
MailTo = myemail@mydomain.com
MailFrom = logwatch@mydomain.com

These directives tell Logwatch to email you reports in an HTML format. The MailTo and MailFrom directives should be valid email addresses.

Issue the following command to test your Logwatch installation:

logwatch

Once you have issued this command, you will need to check your email to make sure that Logwatch is working. Be sure to check your spam folder as these emails may be seen as spam.

Adding a Cron Job for Logwatch

You can add a cron job for Logwatch in order to receive daily emails of new reports. You can add a new entry to your crontab by running crontab -e. The following example cron job runs Logwatch at 1 AM each day, issuing you an email report of the daily activity:

# m h dom mon dow   command
0 1  * * *          /usr/sbin/logwatch

Congratulations! You can now monitor system logs with Logwatch!

This page was originally published on

monitoring ubuntu

Your Feedback Is Important

Let us know if this guide made it easy to get the answer you needed.

Join the conversation.
Read other comments or post your own below. Comments must be respectful, constructive, and relevant to the topic of the guide. Do not post external links or advertisements. Before posting, consider if your comment would be better addressed by contacting our Support team or asking on our Community Site.