On Tue, Jan 08, 2008, Ugo Bellavance wrote:
Joseph L. Casale wrote:
Given my experience in Linux is limited currently, what do you guys use to monitor logs such as ?messages? on your centos servers? I had a hardware failure that happened in between me manually looking (of course?). I would hope it might have a some features to email critical issues etc?
logwatch is a good start.
Get the latest version from www.logwatch.org. Runs automatically daily and sends output to root.
Isn't logwatch standard in CentOS installations?
Swatch monitors one or more log files in real time, with options to report events immediately, or after some number of repeations in a specified time period (e.g. report immediately if a network interface goes into permiscuous mode, but only report something else if there are ``n'' occurrences within a minute).
I've attached the swatchrc configuration file from this machine which has several examples.
Bill -- INTERNET: bill@celestial.com Bill Campbell; Celestial Software LLC URL: http://www.celestial.com/ PO Box 820; 6641 E. Mercer Way FAX: (206) 232-9186 Mercer Island, WA 98040-0820; (206) 236-1676
Never blame a legislative body for not doing something. When they do nothing, that don't hurt anybody. When they do something is when they become dangerous. -- Will Rogers