Installing And Using Logwatch
As a server administrator or even if you just have a system thats open to the internet it's wise to keep an eye on your logs. Luckily there is a program that will do log analysis and creates a report analyzing areas that you specify and can email you the details.
It will scan your logs and show you any details that pop up out of the ordinary.
On Debian based systems the logwatch program sends an email daily of the log report. However this email by default goes to root. If you want to have this sent to your email instead you can do like I do and change your email alias file so that any email sent to root goes to your email instead
Edit Aliases File
Change the entry that says
to the following...changing YOUREMAIL@DOMAIN.COM to your own email address
Comit Your Changes
Edit ConfigurationSome versions of ubuntu / linux mint will email out the logwatch results every day. But I have come across some that you have to run a crontab and configure logwatch. First open up the configuration.
Modify EntriesWhen the configuration file loads look in the file for the following entries and change them to the following. Make sure the MailTo and MailFrom entries are valid real address
Add A Cron JobNow we need to set a cronjob so logwatch runs every day and emails you the results
Add the following in the file and then save and exit the file
This will send an email every day at 8am