Logwatch is a great little proggie. I liked it very much when it used to work, it used to send me alerts about suspicious activity, and even one time saved my ass when some lowlife tried hacking through SSH. (Until I make some time figuring out what da hell is iptables) Anyways. It stopped running two weeks ago. Wanted to see what’s wrong, and here is how I got to the configuration file:

  1. Login to the server using root through SSH
  2. Edit the configuration file, with your choice of editor: pico -w /etc/log.d/conf/logwatch.conf
  3. Here you are. Here are stuff to look for:
    • MailTo = Email to which LogWatch sends the merchandise. Use an external email
    • Range = Time range of the report, use All/Today/Yesterday
    • Detail = Detail of the report, either Low/Med/High or a number, Low=0 High=10
  4. The configuration file should have comments, explaining each settings.
  5. When you’re done, save and exit. (CTRL+X,Y,[enter] in pico)

We’ll see if this does the trick. Hopefully nothing is screwed with mail.


Subscribe to comments Comment | Trackback |
Post Tags:

Browse Timeline


Add a Comment


XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>


© Copyright 2007 iRafi - My name is Rafi, and here are my online thoughts . Thanks for visiting!