[CentOS] Custom named logwatch script

Sun Apr 19 18:34:10 UTC 2015
Todor Petkov <zakk at online.bg>

On 19/04/2015 09:20 PM, Bill Gee wrote:
> On Sunday, April 19, 2015 15:46:29 Joseph L. Casale wrote:
>> > Can anyone point me to where my mistake is?
>> 
>> First, you are creating overrides, or site specific definitions in the
>> platform directory. Don't do that, the distro owns and maintains this. 
>> Put
>> your new code in /etc/logwatch, man 8 logwatch for explanation.
>> 
>> Finally, you don't show is the script that actually does the parsing. 
>> The
>> "service" and "log" definition represent 2 of 3 component's, you also 
>> need
>> to tell logwatch how to read and extract the parts of the logfile you 
>> want,
>> as well as the applicable severity etc...
>> 
>> jlc
> 
> Also watch out for selinux permissions.  Logwatch does not have selinux
> permissions in all directories.

Thanks, I created the files in /etc/logwatch. I need to make a script to 
parse the logs, since they are a bit different from the usual output in 
/var/log/messages.

So far no errors in SELinux.

Regards,