A utility for monitoring server logs. (https://help.ubuntu.com/community/Logwatch)
Logwatch is a toolset for monitoring periodic changes that occur in a system's log files, it takes these changes and attempts to produce a much more digestible report of what are hopefully the most interesting events.
The toolset is written in perl and is typically fired by cron on a daily basis to provide the report in an email.
The way that logwatch is configured means that it can provide support for many log file types and locations out of the box. Configuration and extendibility is very modular where every service that is to be monitored has a perl script that does the specific filtering, and a .conf to provide high level control of verbosity, specific features and what log file is to be referenced. Similarly each referenced log file has a .conf file that provides details of its possible location, archives, format, and what is to be filtered out. Default versions of these files are in a central location (typically /usr/share/logwatch) and specific config is done by providing override files in /etc/logwatch.
External links
- Official site is presently just redirect to SourceForge hosting
- Man page
- Arch Linux wiki
- Ubuntu wiki
- Adding support for MySQL, Apache, PHP Wayback Machine archive
