1LOGWATCH(8)                      User Manuals                      LOGWATCH(8)
2
3
4

NAME

6       logwatch - system log analyzer and reporter
7

SYNOPSIS

9       logwatch  [--detail level ] [--logfile log-file-group ] [--service ser‐
10       vice-name ] [--print] [--mailto address ] [--archives] [--range range ]
11       [--debug  level ] [--save file-name ] [--logdir directory ] [--hostname
12       hostname  ]  [--splithosts]  [--multiemail]  [--output  output-type   ]
13       [--numeric] [--version] [--help|--usage]
14

DESCRIPTION

16       Logwatch  is  a customizable, pluggable log-monitoring system.  It will
17       go through your logs for a given period of time and make  a  report  in
18       the  areas  that  you  wish with the detail that you wish.  Logwatch is
19       being used for Linux and many types of UNIX.
20

OPTIONS

22       --detail level
23              This is the detail level of the report.  level can be a positive
24              integer, or high, med, low, which correspond to the integers 10,
25              5, and 0, repectively.
26
27       --logfile log-file-group
28              This will force Logwatch to process only  the  set  of  logfiles
29              defined  by  log-file-group (i.e. messages, xferlog, ...).  Log‐
30              watch will therefore process all services that  use  those  log‐
31              files.   This  option can be specified more than once to specify
32              multiple logfile-groups.
33
34       --service service-name
35              This will force Logwatch to process only the  service  specified
36              in  service-name  (i.e. login, pam, identd, ...).  Logwatch will
37              therefore also process any log-file-groups necessary to  process
38              these  services.  This option can be specified more than once to
39              specify multiple services to process.  A useful service-name  is
40              All  which  will  process  all services (and logfile-groups) for
41              which you have filters installed.
42
43       --print
44              Print the results to stdout (i.e. the screen).
45
46       --mailto address
47              Mail the results to the  email  address  or  user  specified  in
48              address.
49
50       --range range
51              You  can specify a date-range to process. Common ranges are Yes‐
52              terday, Today, All, and Help.   Additional  options  are  listed
53              when invoked with the Help parameter.
54
55       --archives
56              Each  log-file-group has basic logfiles (i.e. /var/log/messages)
57              as well as archives (i.e. /var/log/messages.?  or  /var/log/mes‐
58              sages.?.gz).   When  used  with  "--range all", this option will
59              make Logwatch search through the archives  in  addition  to  the
60              regular  logfiles.   For  other values of --range, Logwatch will
61              search the appropriate archived logs.
62
63       --debug level
64              For debugging purposes.  level can range from 0  to  100.   This
65              will  really clutter up your output.  You probably don't want to
66              use this.
67
68       --save file-name
69              Save the output to file-name instead of  displaying  or  mailing
70              it.
71
72       --logdir directory
73              Look in directory for log subdirectories or log files instead of
74              the default directory.
75
76       --hostname hostname
77              Use hostname for the reports instead of this system's  hostname.
78              In addition, if HostLimit is set in the logwatch.conf configura‐
79              tion file (see MORE INFORMATION, below),  then  only  logs  from
80              this hostname will be processed (where appropriate).
81
82       --numeric
83              Inhibits additional name lookups, displaying IP addresses numer‐
84              ically.
85
86       --usage
87              Displays usage information
88
89       --help same as --usage.
90

FILES

92       /usr/share/logwatch/
93              This directory contains all the perl executables and  configura‐
94              tion files shipped with the logwatch distribution.
95
96       /etc/logwatch
97              This  directory contains local configuration files that override
98              the default configuration.  See MORE INFORMATION below for  more
99              information.
100

EXAMPLES

102       logwatch --service ftpd-xferlog --range all --detail high --print --ar‐
103       chives
104              This will print out all FTP transfers that  are  stored  in  all
105              current and archived xferlogs.
106       logwatch --service pam_pwdb --range yesterday --detail high --print
107              This will print out login information for the previous day...
108

MORE INFORMATION

110       The  directory  /usr/share/doc/logwatch-*  contains  several files with
111       additional documentation:
112       HOWTO-Customize-LogWatch
113              Documents the directory structure of Logwatch configuration  and
114              executable  files,  and  describes  how to customize Logwatch by
115              overriding these default files.
116       License
117              Describes the  License  under  which  Logwatch  is  distributed.
118              Additional clauses may be specified in individual files.
119       README
120              Describes  how  to install, where to find it, mailing lists, and
121              other useful information.
122

AUTHOR

124       Kirk Bauer <kirk@kaybee.org>
125       http://www.kaybee.org/~kirk
126       ftp://ftp.kaybee.org/pub/redhat/RPMS
127
128
129
130Linux                            October 2005                      LOGWATCH(8)