logwatch是一款用 Perl 语言编写的开源日志解析分析器。它能对原始的日志文件进行解析并转换成结构化格式的文档,也能根据您的使用情况和需求来定制报告。logwatch 的主要目的是生成更易于使用的日志摘要,并不是用来对日志进行实时的处理和监控的。正因为如此,logwatch 通常被设定好时间和频率的自动定时任务来调度运行或者是有需要日志处理的时候从命令行里手动运行。一旦日志报告生成,logwatch 可以通过电子邮件把这报告发送给您,您可以把它保存成文件或者直接显示在屏幕上。
安装:
yum install logwatch -y配置文件:/usr/share/logwatch/default.conf/logwatch.conf
我目前不想让它每天都执行,所以就删掉了/etc/cron.daily/0logwatch文件
手动执行
logwatch
################### Logwatch 7.4.0 (03/01/11) ####################
Processing Initiated: Wed Apr 29 18:18:37 2020
Date Range Processed: yesterday
( 2020-Apr-28 )
Period is day.
Detail Level of Output: 0
Type of Output/Format: stdout / text
Logfiles for Host: localhost.localdomain
##################################################################
--------------------- Cron Begin ------------------------
**Unmatched Entries**
INFO (RANDOM_DELAY will be scaled with factor 39% if used.)
---------------------- Cron End -------------------------
--------------------- Kernel Begin ------------------------
WARNING: Kernel Errors Present
[drm:vmw_host_log [vmwgfx]] *ERROR* Failed to send ...: 2 Time(s)
---------------------- Kernel End -------------------------
--------------------- pam_unix Begin ------------------------
login:
Authentication Failures:
root (): 1 Time(s)
---------------------- pam_unix End -------------------------
--------------------- Postfix Begin ------------------------
1 Postfix start
---------------------- Postfix End -------------------------
--------------------- Connections (secure-log) Begin ------------------------
Failed logins:
User root:
tty1: 1 Time(s)
Root logins on ttys: 1 Time(s).
**Unmatched Entries**
polkitd: Acquired the name org.freedesktop.PolicyKit1 on the system bus: 1 Time(s)
polkitd: Finished loading, compiling and executing 2 rules: 1 Time(s)
polkitd: Loading rules from directory /etc/polkit-1/rules.d: 1 Time(s)
polkitd: Loading rules from directory /usr/share/polkit-1/rules.d: 1 Time(s)
---------------------- Connections (secure-log) End -------------------------
--------------------- SSHD Begin ------------------------
SSHD Started: 2 Time(s)
Users logging in through sshd:
root:
10.10.31.22: 1 time
---------------------- SSHD End -------------------------
--------------------- yum Begin ------------------------
Packages Installed:
python-dateutil-1.5-7.el7.noarch
s3cmd-2.0.2-1.el7.noarch
python-magic-5.11-36.el7.noarch
Packages Updated:
file-5.11-36.el7.x86_64
file-libs-5.11-36.el7.x86_64
---------------------- yum End -------------------------
--------------------- Disk Space Begin ------------------------
Filesystem Size Used Avail Use% Mounted on
devtmpfs 1.2G 0 1.2G 0% /dev
/dev/mapper/centos-root 6.2G 2.7G 3.6G 44% /
/dev/sda1 1014M 149M 866M 15% /boot
/dev/mapper/VolGroup_NA-lvdata_NA 7.8G 504M 6.9G 7% /data
---------------------- Disk Space End -------------------------
###################### Logwatch End #########################
来源:oschina
链接:https://my.oschina.net/bobwei/blog/4258628