[ Thanks to An Anonymous Reader for
this link. ]
“Logwatch is a log file parser program (Perl script) that
provides a report to you on any “interesting” activity on your
system. It is not, I repeat not, a pre-emptive tool or a tool
that’s used to catch anyone “in the act” of breaking into your
system. It is an after-the-fact tool that provides you with a daily
report of service activity. It reports on yesterday’s log
information.“We’ll explore active monitoring tools in the coming weeks to
catch a would-be system hacker. Logwatch’s value isn’t in its
ability to catch a criminal with his hands on your system, its
value is instead, designed to save you the effort of manually
scraping logs.”