Step1)安裝logwatch,查詢安裝的檔案與資料夾,建立分析暫存資料夾
#apt -y install logwatch
#dpkg -L logwatch
#mkdir /var/cache/logwatch
Step2)設定logwatch,將分析結果儲存到檔案/var/log/logwatch
#vi /usr/share/logwatch/default.conf/logwatch.conf
Output = file
Filename = /var/log/logwatch
Range = Today
Step3)使用logwatch分析記錄檔
#logwatch
定時執行logwatch
# vi /etc/crontab
58 23 * * * root /usr/sbin/logwatch
Step4)編輯logwatch.sh,新增標題與寄送給Gmail
/usr/home/jang/logwatch.sh
#!/bin/sh
awk 'NR==1{print "Subject: LogWatch 13\n\n"}1' /var/log/logwatch > /var/log/logwatch2
ssmtp zsg101101@gmail.com < /var/log/logwatch2
讓logwatch.sh具有執行權限
#chmod 700 logwatch.sh
定時執行logwatch.sh
# ee /etc/crontab
59 23 * * * root /root/logwatch.sh