mirror of
https://github.com/LCTT/TranslateProject.git
synced 2025-01-22 23:00:57 +08:00
翻译完成
This commit is contained in:
runningwater
parent
693601bada
commit
0f984b2a58
@ -1,138 +0,0 @@
|
||||
(translating by runningwater)
|
||||
How to Install Logwatch on Ubuntu 15.04
|
||||
================================================================================
|
||||
Hi, Today we are going to illustrate the setup of Logwatch on Ubuntu 15.04 Operating system where as it can be used for any Linux and UNIX like operating systems. Logwatch is a customizable system log analyzer and reporting log-monitoring system that go through your logs for a given period of time and make a report in the areas that you wish with the details you want. Its an easy tool to install, configure, review and to take actions that will improve security from data it provides. Logwatch scans the log files of major operating system components, like SSH, Web Server and forwards a summary that contains the valuable items in it that needs to be looked at.
|
||||
|
||||
### Pre-installation Setup ###
|
||||
|
||||
We will be using Ubuntu 15.04 operating system to deploy Logwatch on it so as a perquisite for the installation of Logwatch, make sure that your emails setup is working as it will be used to send email to the administrators for daily reports on the gathered reports.Your system repositories should be enabled as we will be installing it from its available universal repositories.
|
||||
|
||||
Then open the terminal of your ubuntu operating system and login with root user to update your system packages before moving to Logwatch installation.
|
||||
|
||||
root@ubuntu-15:~# apt-get update
|
||||
|
||||
### Installing Logwatch ###
|
||||
|
||||
Once your system is updated and your have fulfilled all its prerequisites then run the following command to start the installation of Logwatch in your server.
|
||||
|
||||
root@ubuntu-15:~# apt-get install logwatch
|
||||
|
||||
The logwatch installation process will starts with addition of some extra required packages as shown once you press “Y” to accept the required changes to the system.
|
||||
|
||||
During the installation process you will be prompted to configure the Postfix Configurations according to your mail server’s setup. Here we used “Local only” in the tutorial for ease, we can choose from the other available options as per your infrastructure requirements and then press “OK” to proceed.
|
||||
|
||||
|
||||
|
||||
Then you have to choose your mail server’s name that will also be used by other programs, so it should be single fully qualified domain name (FQDN).
|
||||
|
||||
|
||||
|
||||
Once you press “OK” after postfix configurations, then it will completes the Logwatch installation process with default configurations of Postfix.
|
||||
|
||||
|
||||
|
||||
You can check the status of Logwatch by issuing the following command in the terminal that should be in active state.
|
||||
|
||||
root@ubuntu-15:~# service postfix status
|
||||
|
||||
|
||||
|
||||
To confirm the installation of Logwatch with its default configurations, issue the simple “logwatch” command as shown.
|
||||
|
||||
root@ubuntu-15:~# logwatch
|
||||
|
||||
The output from the above executed command will results in following compiled report form in the terminal.
|
||||
|
||||
|
||||
|
||||
### Logwatch Configurations ###
|
||||
|
||||
Now after successful installation of Logwatch, we need to make few configuration changes in its configuration file located under following shown path. So, let’s open it with the file editor to update its configurations as required.
|
||||
|
||||
root@ubuntu-15:~# vim /usr/share/logwatch/default.conf/logwatch.conf
|
||||
|
||||
**Output/Format Options**
|
||||
|
||||
By default Logwatch will print to stdout in text with no encoding.To make email Default set “Output = mail” and to save to file set “Output = file”. So you can comment out the its default configurations as per your required settings.
|
||||
|
||||
Output = stdout
|
||||
|
||||
To make Html the default formatting update the following line if you are using Internet email configurations.
|
||||
|
||||
Format = text
|
||||
|
||||
Now add the default person to mail reports should be sent to, it could be a local account or a complete email address that you are free to mention in this line
|
||||
|
||||
MailTo = root
|
||||
#MailTo = user@test.com
|
||||
|
||||
Default person to mail reports sent from can be a local account or any other you wish to use.
|
||||
|
||||
# complete email address.
|
||||
MailFrom = Logwatch
|
||||
|
||||
Save the changes made in the configuration file of Logwatch while leaving the other parameter as default.
|
||||
|
||||
**Cronjob Configuration**
|
||||
|
||||
Now edit the "00logwatch" file in daily crons directory to configure your desired email address to forward reports from logwatch.
|
||||
|
||||
root@ubuntu-15:~# vim /etc/cron.daily/00logwatch
|
||||
|
||||
Here you need to use "--mailto" user@test.com instead of --output mail and save the file.
|
||||
|
||||
|
||||
|
||||
### Using Logwatch Report ###
|
||||
|
||||
Now we generate the test report by executing the "logwatch" command in the terminal to get its result shown in the Text format within the terminal.
|
||||
|
||||
root@ubuntu-15:~#logwatch
|
||||
|
||||
The generated report starts with showing its execution time and date, it will be comprising of different sections that starts with its begin status and closed with end status after showing the complete information about its logs of the mentioned sections.
|
||||
|
||||
Here is its starting point looks like, where it starts by showing all the installed packages in the system as shown below.
|
||||
|
||||
|
||||
|
||||
The following sections shows the logs informmation about the login sessions, rsyslogs and SSH connections about the current and last sessions enabled on the system.
|
||||
|
||||
|
||||
|
||||
The logwatch report will ends up by showing the secure sudo logs and the disk space usage of the root diretory as shown below.
|
||||
|
||||
|
||||
|
||||
You can also check for the generated emails about the logwatch reports by opening the following file.
|
||||
|
||||
root@ubuntu-15:~# vim /var/mail/root
|
||||
|
||||
Here you will be able to see all the generated emails to your configured users with their message delivery status.
|
||||
|
||||
### More about Logwatch ###
|
||||
|
||||
Logwatch is a great tool to lern more about it, so if your more interested to learn more about its logwatch then you can also get much help from the below few commands.
|
||||
|
||||
root@ubuntu-15:~# man logwatch
|
||||
|
||||
The above command contains all the users manual about the logwatch, so read it carefully and to exit from the manuals section simply press "q".
|
||||
|
||||
To get help about the logwatch commands usage you can run the following help command for further information in details.
|
||||
|
||||
root@ubuntu-15:~# logwatch --help
|
||||
|
||||
### Conclusion ###
|
||||
|
||||
At the end of this tutorial you learn about the complete setup of Logwatch on Ubuntu 15.04 that includes with its installation and configurations guide. Now you can start monitoring your logs in a customize able form, whether you monitor the logs of all the services rnning on your system or you customize it to send you the reports about the specific services on the scheduled days. So, let's use this tool and feel free to leave us a comment if you face any issue or need to know more about logwatch usage.
|
||||
|
||||
--------------------------------------------------------------------------------
|
||||
|
||||
via: http://linoxide.com/ubuntu-how-to/install-use-logwatch-ubuntu-15-04/
|
||||
|
||||
作者:[Kashif Siddique][a]
|
||||
译者:[runningwater](https://github.com/runningwater)
|
||||
校对:[校对者ID](https://github.com/校对者ID)
|
||||
|
||||
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出
|
||||
|
||||
[a]:http://linoxide.com/author/kashifs/
|
||||
@ -0,0 +1,137 @@
|
||||
Ubuntu 15.04 and系统中安装 Logwatch
|
||||
================================================================================
|
||||
大家好,今天我们会讲述在 Ubuntu 15.04 操作系统上如何安装 Logwatch 软件,它也可以在任意的 Linux 系统和类 Unix 系统上安装。Logwatch 是一款可定制的日志分析和日志监控报告生成系统,它可以根据一段时间的日志文件生成您所希望关注的详细报告。它具有易安装、易配置、可审查等特性,同时对其提供的数据的安全性上也有一些保障措施。Logwatch 会扫描重要的操作系统组件像 SSH、网站服务等的日志文件,然后生成用户所关心的有价值的条目汇总报告。
|
||||
|
||||
### 预安装设置 ###
|
||||
|
||||
我们会使用 Ubuntu 15.04 版本的操作系统来部署 Logwatch,所以安装 Logwatch 之前,要确保系统上邮件服务设置是正常可用的。因为它会每天把生成的报告通过日报的形式发送邮件给管理员。您的系统的源库也应该设置可用,以便可以从通用源库来安装 Logwatch。
|
||||
|
||||
然后打开您 ubuntu 系统的终端,用 root 账号登陆,在进入 Logwatch 的安装操作前,先更新您的系统软件包。
|
||||
|
||||
root@ubuntu-15:~# apt-get update
|
||||
|
||||
### 安装 Logwatch ###
|
||||
|
||||
只要你的系统已经更新和已经满足前面说的先决条件,那么就可以在您的机器上输入如下命令来安装 Logwatch。
|
||||
|
||||
root@ubuntu-15:~# apt-get install logwatch
|
||||
|
||||
在安装过程中,一旦您按提示按下“Y”健同意对系统修改的话,Logwatch 将会开始安装一些额外的必须软件包。
|
||||
|
||||
在安装过程中会根据您机器上的邮件服务器设置情况弹出提示对 Postfix 设置的配置界面。在这篇教程中我们使用最容易的 “仅本地” 选项。根据您的基础设施情况也可以选择其它的可选项,然后点击“确定”继续。
|
||||
|
||||
|
||||
|
||||
随后您得选择邮件服务器名,这邮件服务器名也会被其它程序使用,所以它应该是一个完全合格域名/全称域名(FQDN),且只一个。
|
||||
|
||||
|
||||
|
||||
一旦按下在 postfix 配置提示底端的 “OK”,安装进程就会用 Postfix 的默认配置来安装,并且完成 Logwatch 的整个安装。
|
||||
|
||||
|
||||
|
||||
您可以在终端下发出如下命令来检查 Logwatch 状态,正常情况下它应该是激活状态。
|
||||
|
||||
root@ubuntu-15:~# service postfix status
|
||||
|
||||
|
||||
|
||||
要确认 Logwatch 在默认配置下的安装信息,可以如下示简单的发出“logwatch” 命令。
|
||||
|
||||
root@ubuntu-15:~# logwatch
|
||||
|
||||
上面执行命令的输出就是终端下编制出的报表展现格式。
|
||||
|
||||
|
||||
|
||||
### 配置 Logwatch ###
|
||||
|
||||
在成功安装好 Logwatch 后,我们需要在它的配置文件中做一些修改,配置文件位于如下所示的路径。那么,就让我们用文本编辑器打开它,然后按需要做些变动。
|
||||
|
||||
root@ubuntu-15:~# vim /usr/share/logwatch/default.conf/logwatch.conf
|
||||
|
||||
**输出/格式化选项**
|
||||
|
||||
默认情况下 Logwatch 会以无编码的文本打印到标准输出方式。要改为以邮件为默认方式,需设置“Output = mail”,要改为保存成文件方式,需设置“Output = file”。所以您可以根据您的要求设置其默认配置。
|
||||
|
||||
Output = stdout
|
||||
|
||||
如果使用的是因特网电子邮件配置,要用 Html 格式为默认出格式,需要修改成如下行所示的样子。
|
||||
|
||||
Format = text
|
||||
|
||||
现在增加默认的邮件报告接收人地址,可以是本地账号也可以是完整的邮件地址,需要的都可以在这行上写上
|
||||
|
||||
MailTo = root
|
||||
#MailTo = user@test.com
|
||||
|
||||
默认的邮件发送人可以是本地账号,也可以是您需要使用的其它名字。
|
||||
|
||||
# complete email address.
|
||||
MailFrom = Logwatch
|
||||
|
||||
对这个配置文件保存修改,至于其它的参数就让它是默认的,无需改动。
|
||||
|
||||
**调度任务配置**
|
||||
|
||||
现在编辑在日常 crons 目录下的 “00logwatch” 文件来配置从 logwatch 生成的报告需要发送的邮件地址。
|
||||
|
||||
root@ubuntu-15:~# vim /etc/cron.daily/00logwatch
|
||||
|
||||
在这儿您需要作用“--mailto user@test.com”来替换掉“--output mail”,然后保存文件。
|
||||
|
||||
|
||||
|
||||
### 生成报告 ###
|
||||
|
||||
现在我们在终端中执行“logwatch”命令来生成测试报告,生成的结果在终端中会以文本格式显示出来。
|
||||
|
||||
root@ubuntu-15:~#logwatch
|
||||
|
||||
生成的报告开始部分显示的是执行的时间和日期。它包含不同的部分,每个部分以开始标识开始而以结束标识结束,中间显示的标识部分提到的完整日志信息。
|
||||
|
||||
这儿演示的是开始标识头的样子,要显示系统上所有安装包的信息,如下所示:
|
||||
|
||||
|
||||
|
||||
接下来的部分显示的日志信息是关于当前系统登陆会话、rsyslogs 和当前及最后可用的会话 SSH 连接信息。
|
||||
|
||||
|
||||
|
||||
Logwatch 报告最后显示的是安全 sudo 日志及root目录磁盘使用情况,如下示:
|
||||
|
||||
|
||||
|
||||
您也可以打开如下的文件来检查生成的 logwatch 报告电子邮件。
|
||||
|
||||
root@ubuntu-15:~# vim /var/mail/root
|
||||
|
||||
您会看到所有已生成的邮件到其配置用户的信息传送状态。
|
||||
|
||||
### 更多详情 ###
|
||||
|
||||
Logwatch 是一款很不错的工具,可以学习的很多很多,所以如果您对它的日志监控功能很感兴趣的话,也以通过如下所示的简短命令来获得更多帮助。
|
||||
|
||||
root@ubuntu-15:~# man logwatch
|
||||
|
||||
上面的命令包含所有关于 logwatch 的用户手册,所以仔细阅读,要退出手册的话可以简单的输入“q”。
|
||||
|
||||
关于 logwatch 命令的使用,您可以使用如下所示的帮助命令来获得更多的详细信息。
|
||||
|
||||
root@ubuntu-15:~# logwatch --help
|
||||
|
||||
### 结论 ###
|
||||
|
||||
教程结束,您也学会了如何在 Ubuntu 15.04 上对 Logwatch 的安装、配置等全部设置指导。现在您就可以自定义监控您的系统日志,不管是监控所有服务的运行情况还是对特定的服务在指定的时间发送报告都可以。所以,开始使用这工具吧,无论何时有问题或想知道更多关于 logwatch 的使用的都可以给我们留言。
|
||||
|
||||
--------------------------------------------------------------------------------
|
||||
|
||||
via: http://linoxide.com/ubuntu-how-to/install-use-logwatch-ubuntu-15-04/
|
||||
|
||||
作者:[Kashif Siddique][a]
|
||||
译者:[runningwater](https://github.com/runningwater)
|
||||
校对:[校对者ID](https://github.com/校对者ID)
|
||||
|
||||
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出
|
||||
|
||||
[a]:http://linoxide.com/author/kashifs/
|
||||
Loading…
Reference in New Issue
Block a user