Every time something goes wrong with your system or programs, something has been modified or it needs your attention, an entry is created somewhere in the /var/log/ directory. LogWatch analyzes that data every night and it sends you an email with a short report of the changes. That’s pretty useful, don’t you think? Also, LogWatch doesn’t run a daemon so it won’t interfere with any services running on your computer.
Here’s an example of a LogWatch report:

Install LogWatch

Open a terminal and type:

sudo apt-get update
sudo apt-get install logwatch

This will also install postfix (service to send mail) so during setup select Internet Site and localhost if you don’t have another working hostname.

Create a directory that setup doesn’t create by default (??):

sudo mkdir /var/cache/logwatch

Configure LogWatch

Copy the conf file and start editing:

sudo cp /usr/share/logwatch/default.conf/logwatch.conf /etc/logwatch/conf/
sudo nano /etc/logwatch/conf/logwatch.conf

You only need to edit these options, leave the rest as default. But don’t use for MailTo a yahoo.com email address because it will get blocked or tagged as spam:

Output = email
MailTo = your.email@gmail.com
MailFrom = your.other.email@host.com
Detail = Med

Test it:

sudo logwatch

If you don’t get any email of the LogWatch report, check the mail log and see what went wrong:

cat /var/log/mail.log

A script to LogWatch every day has been automatically created to /etc/cron.daily/00logwatch so no need to worry about that.

That’s it, have fun!

Install and Configure LogWatch Log Analyzer on Ubuntu
Tagged on: