How to monitoring log Files? Logwatch + postfix

Created: Aug. 21, 2020, 10:43 a.m.
Update: Sept. 26, 2021, 9:04 a.m.
How to monitoring log files of many servers?

How to monitoring log files of many servers?

The best and easy way to this is receive by email daily the report of syslog.

Enviromment variables

sudo is required
domain mydomain.com
email admin admin@mydomain.com
email account  notify@mydomain.com
email pass        123456

Logwatch + Postfix (Satelite/SmartHost)

https://www.linode.com/docs/email/postfix/postfix-smtp-debian7/
https://help.ubuntu.com/community/Logwatch
https://www.mankier.com/8/logwatch
Postfix = Satelite = SmartHost
$ dpk-reconfigure postfix

New Alias

Add line at the end of file. This is a redirect for admin of domain.
$ vim /etc/alias
root: admin@domain.com
update alias DB
$ newaliases

OR (AA) Install and edit logwatch script crontab daily

$ apt update
$ apt install logwatch
$ mkdir /var/cache/logwatch
Make ours custom settings
$ vim /etc/logwatch/conf/logwatch.conf
Detail = Hight
Mailto do not have effect
if you use SSMTP or ZIMBRA MAIL, comment this line with #
#mailer = "sedmail -t"
$ vim /etc/cron.daily/00logwatch
add a line for each email address.
/usr/sbin/logwatch --mailto sys@domain.com --subject "EC Logwatch Forge"
/usr/sbin/logwatch --mailto admin@domain.com --subject "EC Logwatch Forge"

(AT) Test Logwatch

$ bash /etc/cron.daily/00logwatch

SSMTP - Alternative to setup a email account using a external mail server with user and pass

Alias email is not acceptable in this case!
$ apt update
$ apt install ssmtp
change setting
$ vim /etc/ssmtp/ssmtp.conf
root=from@email.com
mailhub = smtp.mydomain.com:587
AuthUser = notify@mydomail.com
AuthPass = 12345
UseTLS = YES
UseSTARTTLS = YES
go to AA to finish logwatch setup then AT to test.


Tiago de Souza Moraes - teago.futuria.com.br - 2021 // CSS by UIKIT CSS