Differences

This shows you the differences between two versions of the page.

--- technical:24.04_logwatch_installation [2024/10/12 21:04] – created wikiadmin
+++ technical:24.04_logwatch_installation [2024/11/13 18:56] (current) – [Testing] mark_scottworld.net
@@ Line 7: / Line 7: @@
 As part of the installation, logwatch will install the postfix mailer which we need to configure on install. We will choose the option '''satellite system'''
-Set the System mail name = your solaris.scottworld.net<br>
+Set the System mail name = your solaris.scottworld.net
 For the mail outgoing mail to relay correctly we need to set a '''relayhost'''
@@ Line 84: / Line 84: @@
   ssl0.ovh.net           root@scottworld.net:password
 Execute the command (to refresh the password table)
   postmap /etc/postfix/sasl_passwd
-== Alias the sender account if needed by your ISP ==
+===== Alias the sender account if needed by your ISP =====
 If you dont have authorisation on your SMTP relay to send mail for the standard sender account (in this case root@scottworld.net) you can alias it.
@@ Line 109: / Line 110: @@
   systemctl restart postfix.service
-== Testing ==
+==== Testing ====
 You can now test logwatch and the email functionality is working with the following command.
@@ Line 119: / Line 121: @@
   tail -f /var/log/mail.log
-== Emailing Tweaks ==
+=== Emailing Tweaks ===
 We may want to catch mail errors, so we need to set up a root mailing account and a few mail utilities. We should be good citizens and set this up as it will collect bounced emails.
@@ Line 139: / Line 142: @@
 == Configure Logwatch Daily Reports ==
 Create a file
@@ Line 154: / Line 158: @@
 Service = All
 Service = -audit
+Service = -http
+Service = -sshd
+Service = -pam_unix
 </code>
@@ Line 162: / Line 169: @@
 Add this line to tone down the logging
-  services/fail2ban: Detail = 0
+  services/fail2ban: Detail = 1
 Add a script for SMARTD error reporting
@@ Line 170: / Line 177: @@
 Set the following to change the log file and reporting
-  LogFile =
+<code>
-  LogFile = syslog
+LogFile =
+LogFile = none
+*JournalCtl = "--output=cat --no-pager --unit=smartmontools.service"
+</code>
-Update the named script to fix issues with gname minimization
+Update the named script to fix issues with qname minimization
-  wget -O /etc/logwatch/scripts/services/named
-  https://sourceforge.net/p/logwatch/git/ci/master/tree/scripts/services/named?format=raw
-  sed -i 's/DoLookup/#DoLookup/' /etc/logwatch/scripts/services/named
-  sed -i -e '/minimization/s/failure/.*/' /etc/logwatch/scripts/services/named
+<code>
-Update the named script to fix issues with fail2ban loggind
+wget -O /etc/logwatch/scripts/services/named https://sourceforge.net/p/logwatch/git/ci/master/tree/scripts/services/named?format=raw
+sed -i 's/DoLookup/#DoLookup/' /etc/logwatch/scripts/services/named
-  wget -O /etc/logwatch/scripts/services/fail2ban
+sed -i -e '/minimization/s/failure/.*/' /etc/logwatch/scripts/services/named
-  https://sourceforge.net/p/logwatch/git/ci/78a2b812cd1ca2b3fb6e8b22d6cf3b4766c75513/tree/scripts/services/fail2ban?format=raw
+</code>
 Add a script for NAMED error reporting
@@ Line 192: / Line 197: @@
 Set the following to change the log file and reporting
-  LogFile =
+<code>
-  LogFile = syslog
+LogFile =
+LogFile = syslog
-Add a script for OPENVPN error reporting
+</code>
-  /etc/logwatch/conf/services/openvpn.conf
-Set the following to change the log file and reporting
-  LogFile =
-  LogFile = syslog