Posted by Steve on Tue 28 Sep 2004 at 15:17
When you look after a group of machines it becomes increasingly difficult to watch the logfiles to see if anything suspicious is happening.
Enter logwatch, a simple Perl script which will keep an eye on all the common logfiles syslog produces and mail you a summery.
The summaries are simple enough to read and are sent by email once a day - they show things like available disk space, logins, rejected logins, commands ran by users via sudo and more.
This is a much less intensive approach than installing logcheck and recieving numerous daily emails.
This article can be found online at the Debian Administration website at the following bookmarkable URL:
This article is copyright 2004 Steve - please ask for permission to republish or translate.