Posted by Steve on Tue 28 Sep 2004 at 15:17
When you look after a group of machines it becomes increasingly difficult to watch the logfiles to see if anything suspicious is happening.
Enter logwatch, a simple Perl script which will keep an eye on all the common logfiles syslog produces and mail you a summery.
The summaries are simple enough to read and are sent by email once a day - they show things like available disk space, logins, rejected logins, commands ran by users via sudo and more.
This is a much less intensive approach than installing logcheck and recieving numerous daily emails.
This article can be found online at the Debian Administration website at the following bookmarkable URL (along with associated comments):
This article is copyright 2004 Steve - please ask for permission to republish or translate.