Difference between revisions of "Creating new logwatch service or scripts"

From Notes_Wiki
m
m
 
(2 intermediate revisions by the same user not shown)
Line 1: Line 1:
==Creating new logwatch service or scripts==
[[Main Page|Home]] > [[CentOS]] > [[CentOS 6.x]] > [[Monitoring tools]] > [[Logwatch configuration]] > [[Creating new logwatch service or scripts]]


===Creating service configuration file===
===Creating service configuration file===
Line 10: Line 10:
</pre>
</pre>


Sample logwatch service configuration file is [[media:Rsyslog asa.conf-2009-10-14.txt|rsyslog asa.conf-2009-10-14.txt]].




Line 24: Line 23:


Read /usr/share/doc/logwatch-.*/HOWTO-Customize-LogWatch for more details then given above.
Read /usr/share/doc/logwatch-.*/HOWTO-Customize-LogWatch for more details then given above.
[[Main Page|Home]] > [[CentOS]] > [[CentOS 6.x]] > [[Monitoring tools]] > [[Logwatch configuration]] > [[Creating new logwatch service or scripts]]

Latest revision as of 12:35, 28 July 2022

Home > CentOS > CentOS 6.x > Monitoring tools > Logwatch configuration > Creating new logwatch service or scripts

Creating service configuration file

In order to get log messages of remote host though logwatch email we have to setup service for that hosts messages. First in folder /etc/logwatch/conf/services create a service_name.conf file. The only required line in this config file is Logfile = directive. Use logfile = messages. Here it is important to have space between LogFile and '=' and between '=' and messages. Also we have specified messages not because file is /var/log/messages but because /var/log/messages comes under messages Log Group.

Contents of sample file "asa.conf"

LogFile = messages


Creating service script file

After this we have to create filter script that when given log file on standard input would print only relevant output on standard output. Filter scripts must be kept in /etc/logwatch/scripts/services directory and the name must be service_name. The file should also be executable, so if it is shell script do not forget to do chmod +x on it. It can also be a c program or python script, it is not necessary for filter to be a bash script. We mention loggroup in service configuration file. The loggroup configuration file contains names of logfiles inside that loggroup. For examples loggroup `messages', contains logfile `/var/log/messages'. This script is given entire logfiles as standard input and its standard output is sent as log report.

So if you want entire log file to be sent as log report the script file can contain just one `cat' command without any arguments. In case you want only lines containing word ASA to be sent as logreport then you can write only one line 'grep ASA' in the script file.



All the current logwatch scripts, configuration files and service files are located in '/usr/share/logwatch-&ltver>' directory. We can refer to these config files, service files etc. to create new files.

Read /usr/share/doc/logwatch-.*/HOWTO-Customize-LogWatch for more details then given above.


Home > CentOS > CentOS 6.x > Monitoring tools > Logwatch configuration > Creating new logwatch service or scripts