Linux Today: Linux News On Internet Time.

From the Sys Admin Toolbox: Logwatch

Jun 09, 2010, 15:02 (0 Talkback[s])
(Other stories by Ken Hess)

[ Thanks to An Anonymous Reader for this link. ]

"Logwatch is a log file parser program (Perl script) that provides a report to you on any "interesting" activity on your system. It is not, I repeat not, a pre-emptive tool or a tool that's used to catch anyone "in the act" of breaking into your system. It is an after-the-fact tool that provides you with a daily report of service activity. It reports on yesterday's log information.

"We'll explore active monitoring tools in the coming weeks to catch a would-be system hacker. Logwatch's value isn't in its ability to catch a criminal with his hands on your system, its value is instead, designed to save you the effort of manually scraping logs."

Complete Story

Related Stories: