logwatch(8)

1LOGWATCH(8)                      User Manuals                      LOGWATCH(8)
2
3
4

NAME

6       logwatch - system log analyzer and reporter
7

SYNOPSIS

9       logwatch  [--detail level ] [--logfile log-file-group ] [--service ser‐
10       vice-name ] [--print] [--mailto address ] [--archives] [--range range ]
11       [--debug  level ] [--save file-name ] [--logdir directory ] [--hostname
12       hostname  ]  [--splithosts]  [--multiemail]  [--output  output-type   ]
13       [--numeric] [--no-oldfiles-log] [--version] [--help|--usage]
14

DESCRIPTION

16       Logwatch  is  a customizable, pluggable log-monitoring system.  It will
17       go through your logs for a given period of time and make  a  report  in
18       the  areas  that  you  wish with the detail that you wish.  Logwatch is
19       being used for Linux and many types of UNIX.
20

OPTIONS

22       --detail level
23              This is the detail level of the report.  level can be a positive
24              integer, or high, med, low, which correspond to the integers 10,
25              5, and 0, repectively.
26
27       --logfile log-file-group
28              This will force Logwatch to process only  the  set  of  logfiles
29              defined  by  log-file-group (i.e. messages, xferlog, ...).  Log‐
30              watch will therefore process all services that  use  those  log‐
31              files.   This  option can be specified more than once to specify
32              multiple logfile-groups.
33
34       --service service-name
35              This will force Logwatch to process only the  service  specified
36              in  service-name  (i.e. login, pam, identd, ...).  Logwatch will
37              therefore also process any log-file-groups necessary to  process
38              these  services.  This option can be specified more than once to
39              specify multiple services to process.  A useful service-name  is
40              All  which  will  process  all services (and logfile-groups) for
41              which you have filters installed.
42
43       --print
44              Print the results to stdout (i.e. the screen).
45
46       --mailto address
47              Mail the results to the  email  address  or  user  specified  in
48              address.  This option overrides the --print option.
49
50       --range range
51              You  can specify a date-range to process. Common ranges are Yes‐
52              terday, Today, All, and Help.   Additional  options  are  listed
53              when invoked with the Help parameter.
54
55       --archives
56              Each  log-file-group has basic logfiles (i.e. /var/log/messages)
57              as well as archives (i.e. /var/log/messages.?  or  /var/log/mes‐
58              sages.?.gz).   When  used  with  "--range all", this option will
59              make Logwatch search through the archives  in  addition  to  the
60              regular  logfiles.   For  other values of --range, Logwatch will
61              search the appropriate archived logs.
62
63       --debug level
64              For debugging purposes.  level can range from 0  to  100.   This
65              will  really clutter up your output.  You probably don't want to
66              use this.
67
68       --save file-name
69              Save the output to file-name instead of  displaying  or  mailing
70              it.
71
72       --logdir directory
73              Look in directory for log subdirectories or log files instead of
74              the default directory.
75
76       --hostname hostname
77              Use hostname for the reports instead of this system's  hostname.
78              In addition, if HostLimit is set in the logwatch.conf configura‐
79              tion file (see MORE INFORMATION, below),  then  only  logs  from
80              this hostname will be processed (where appropriate).
81
82       --numeric
83              Inhibits additional name lookups, displaying IP addresses numer‐
84              ically.
85
86       --no-oldfiles-log
87              Suppress the logwatch log, which informs about the old files  in
88              logwatch tmpdir.
89
90       --help Displays usage information.
91

FILES

93       /usr/share/logwatch/
94              This  directory contains all the perl executables and configura‐
95              tion files shipped with the logwatch distribution.
96
97       /etc/logwatch
98              This directory contains local configuration files that  override
99              the  default configuration.  See MORE INFORMATION below for more
100              information.
101

EXAMPLES

103       logwatch --service ftpd-xferlog --range all --detail high --print --ar‐
104       chives
105              This  will  print  out  all FTP transfers that are stored in all
106              current and archived xferlogs.
107       logwatch --service pam_pwdb --range yesterday --detail high --print
108              This will print out login information for the previous day...
109

MORE INFORMATION

111       The directory /usr/share/doc/logwatch-*  contains  several  files  with
112       additional documentation:
113       HOWTO-Customize-LogWatch
114              Documents  the directory structure of Logwatch configuration and
115              executable files, and describes how  to  customize  Logwatch  by
116              overriding these default files.
117       License
118              Describes  the  License  under  which  Logwatch  is distributed.
119              Additional clauses may be specified in individual files.
120       README
121              Describes how to install, where to find it, mailing  lists,  and
122              other useful information.
123

AUTHOR

125       Kirk Bauer <kirk@kaybee.org>
126       http://www.kaybee.org/~kirk
127       ftp://ftp.kaybee.org/pub/redhat/RPMS
128
129
130
131Linux                            October 2005                      LOGWATCH(8)