Logwatch is a very powerful log analyzer for Linux systems. It is basically used to monitor all the logs of a Linux server and then it can generate a detailed log report. The report is delivered either on command-line or through a dedicated email address.
Here at Ibmi Media, as part of our Server Management Services, we regularly help our Customers to perform related Server Monitoring queries on Linux Systems.
In this context, we shall look into how to install and use the Logwatch utility on a Linux Mint 20 system.
To have Logwatch installed on your Linux Mint system, you need to go on with the following sequence of steps.
1. Update your System
To begin, you should carry out a complete system update with the command below:
$ sudo apt-get update –y
2. Install Logwatch
Here, you can install Logwatch on your system with the following command:
$ sudo apt-get install logwatch –y
3. Check version of Logwatch Installed
Once Logwatch is installed successfully on your system, you can check its version by executing the command shown below:
$ logwatch --version
In the output, you will see the version of the Logwatch utility Installed on the system.
To use Logwatch on your Linux Mint 20 system, you need to perform the steps stated below.
1. Create the Logwatch Directory
Before using Logwatch, we need to create a dedicated directory for it with the help of the following command:
$ sudo mkdir /var/cache/logwatch
2. Run the Logwatch Command
Once a dedicated Logwatch directory has been created, you can execute the Logwatch command as follows:
$ logwatch
This command will generate a detailed Logwatch report. You can scroll down to view the contents of the entire Logwatch report.
Now, if you want to remove the Logwatch utility from your system, then you will have to follow the two steps that are mentioned below.
1. Remove the Logwatch Directory
First, you need to remove the dedicated Logwatch directory that you have created with the help of the following command:
$ sudo rmdir /var/cache/logwatch
2. Remove the Logwatch Utility
Once the Logwatch directory is removed, you can remove this utility from your Linux Mint 20 system with the command shown below:
$ sudo apt-get purge --autoremove logwatch
This article covers how to install the Logwatch utility on your Linux server. With Logwatch, you will be able to keep an eye on your server logs and hence, you can quickly figure out any possible issues.
You can easily customize Logwatch to your preference by modifying the parameters in the /etc/logwatch/conf path. It also provides something extra in the way of pre-written PERL scripts for making log parsing easier.
All the default settings are defined in the /usr/share/logwatch/default.conf/logwatch.conf file. The recommended practice is to leave this file intact and instead create your own configuration file at the /etc/logwatch/conf/ path by copying the original config file and then define your custom settings.
Logwatch comes with a tiered approach and there are 3 main locations where configuration details are defined:
To install Logwatch on your server.
On Ubuntu:
$ sudo apt-get install logwatch
On Debian:
$ apt-get install logwatch