1LOGWATCH(8) User Manuals LOGWATCH(8)
2
3
4
6 logwatch - system log analyzer and reporter
7
9 logwatch [--detail level ] [--logfile log-file-group ] [--service ser‐
10 vice-name ] [--print] [--mailto address ] [--archives] [--range range ]
11 [--debug level ] [--save file-name ] [--logdir directory ] [--hostname
12 hostname ] [--splithosts] [--multiemail] [--output output-type ]
13 [--numeric] [--version] [--help|--usage]
14
16 Logwatch is a customizable, pluggable log-monitoring system. It will
17 go through your logs for a given period of time and make a report in
18 the areas that you wish with the detail that you wish. Logwatch is
19 being used for Linux and many types of UNIX.
20
22 --detail level
23 This is the detail level of the report. level can be a positive
24 integer, or high, med, low, which correspond to the integers 10,
25 5, and 0, repectively.
26
27 --logfile log-file-group
28 This will force Logwatch to process only the set of logfiles
29 defined by log-file-group (i.e. messages, xferlog, ...). Log‐
30 watch will therefore process all services that use those log‐
31 files. This option can be specified more than once to specify
32 multiple logfile-groups.
33
34 --service service-name
35 This will force Logwatch to process only the service specified
36 in service-name (i.e. login, pam, identd, ...). Logwatch will
37 therefore also process any log-file-groups necessary to process
38 these services. This option can be specified more than once to
39 specify multiple services to process. A useful service-name is
40 All which will process all services (and logfile-groups) for
41 which you have filters installed.
42
43 --print
44 Print the results to stdout (i.e. the screen).
45
46 --mailto address
47 Mail the results to the email address or user specified in
48 address.
49
50 --range range
51 You can specify a date-range to process. Common ranges are Yes‐
52 terday, Today, All, and Help. Additional options are listed
53 when invoked with the Help parameter.
54
55 --archives
56 Each log-file-group has basic logfiles (i.e. /var/log/messages)
57 as well as archives (i.e. /var/log/messages.? or /var/log/mes‐
58 sages.?.gz). When used with "--range all", this option will
59 make Logwatch search through the archives in addition to the
60 regular logfiles. For other values of --range, Logwatch will
61 search the appropriate archived logs.
62
63 --debug level
64 For debugging purposes. level can range from 0 to 100. This
65 will really clutter up your output. You probably don't want to
66 use this.
67
68 --save file-name
69 Save the output to file-name instead of displaying or mailing
70 it.
71
72 --logdir directory
73 Look in directory for log subdirectories or log files instead of
74 the default directory.
75
76 --hostname hostname
77 Use hostname for the reports instead of this system's hostname.
78 In addition, if HostLimit is set in the logwatch.conf configura‐
79 tion file (see MORE INFORMATION, below), then only logs from
80 this hostname will be processed (where appropriate).
81
82 --numeric
83 Inhibits additional name lookups, displaying IP addresses numer‐
84 ically.
85
86 --usage
87 Displays usage information
88
89 --help same as --usage.
90
92 /usr/share/logwatch/
93 This directory contains all the perl executables and configura‐
94 tion files shipped with the logwatch distribution.
95
96 /etc/logwatch
97 This directory contains local configuration files that override
98 the default configuration. See MORE INFORMATION below for more
99 information.
100
102 logwatch --service ftpd-xferlog --range all --detail high --print --ar‐
103 chives
104 This will print out all FTP transfers that are stored in all
105 current and archived xferlogs.
106 logwatch --service pam_pwdb --range yesterday --detail high --print
107 This will print out login information for the previous day...
108
110 The directory /usr/share/doc/logwatch-* contains several files with
111 additional documentation:
112 HOWTO-Customize-LogWatch
113 Documents the directory structure of Logwatch configuration and
114 executable files, and describes how to customize Logwatch by
115 overriding these default files.
116 License
117 Describes the License under which Logwatch is distributed.
118 Additional clauses may be specified in individual files.
119 README
120 Describes how to install, where to find it, mailing lists, and
121 other useful information.
122
124 Kirk Bauer <kirk@kaybee.org>
125 http://www.kaybee.org/~kirk
126 ftp://ftp.kaybee.org/pub/redhat/RPMS
127
128
129
130Linux October 2005 LOGWATCH(8)