| 4 |
- |
1 |
########################################################
|
|
|
2 |
# This was written and is maintained by:
|
|
|
3 |
# Kirk Bauer <kirk@kaybee.org>
|
|
|
4 |
#
|
|
|
5 |
# Please send all comments, suggestions, bug reports,
|
|
|
6 |
# etc, to kirk@kaybee.org.
|
|
|
7 |
#
|
|
|
8 |
########################################################
|
|
|
9 |
|
|
|
10 |
# NOTE:
|
|
|
11 |
# All these options are the defaults if you run logwatch with no
|
|
|
12 |
# command-line arguments. You can override all of these on the
|
|
|
13 |
# command-line.
|
|
|
14 |
|
|
|
15 |
# You can put comments anywhere you want to. They are effective for the
|
|
|
16 |
# rest of the line.
|
|
|
17 |
|
|
|
18 |
# this is in the format of <name> = <value>. Whitespace at the beginning
|
|
|
19 |
# and end of the lines is removed. Whitespace before and after the = sign
|
|
|
20 |
# is removed. Everything is case *insensitive*.
|
|
|
21 |
|
|
|
22 |
# Yes = True = On = 1
|
|
|
23 |
# No = False = Off = 0
|
|
|
24 |
|
|
|
25 |
# Default Log Directory
|
|
|
26 |
# All log-files are assumed to be given relative to this directory.
|
|
|
27 |
LogDir = /var/log
|
|
|
28 |
|
|
|
29 |
# You can override the default temp directory (/tmp) here
|
|
|
30 |
TmpDir = /var/cache/logwatch
|
|
|
31 |
|
|
|
32 |
# Default person to mail reports to. Can be a local account or a
|
|
|
33 |
# complete email address. Variable Print should be set to No to
|
|
|
34 |
# enable mail feature.
|
|
|
35 |
MailTo = root
|
|
|
36 |
# WHen using option --multiemail, it is possible to specify a different
|
|
|
37 |
# email recipient per host processed. For example, to send the report
|
|
|
38 |
# for hostname host1 to user@example.com, use:
|
|
|
39 |
#Mailto_host1 = user@example.com
|
|
|
40 |
# Multiple recipients can be specified by separating them with a space.
|
|
|
41 |
|
|
|
42 |
# Default person to mail reports from. Can be a local account or a
|
|
|
43 |
# complete email address.
|
|
|
44 |
MailFrom = Logwatch
|
|
|
45 |
|
|
|
46 |
# If set to 'Yes', the report will be sent to stdout instead of being
|
|
|
47 |
# mailed to above person.
|
|
|
48 |
Print =
|
|
|
49 |
|
|
|
50 |
# if set, the results will be saved in <filename> instead of mailed
|
|
|
51 |
# or displayed.
|
|
|
52 |
#Save = /tmp/logwatch
|
|
|
53 |
|
|
|
54 |
# Use archives? If set to 'Yes', the archives of logfiles
|
|
|
55 |
# (i.e. /var/log/messages.1 or /var/log/messages.1.gz) will
|
|
|
56 |
# be searched in addition to the /var/log/messages file.
|
|
|
57 |
# This usually will not do much if your range is set to just
|
|
|
58 |
# 'Yesterday' or 'Today'... it is probably best used with
|
|
|
59 |
# By default this is now set to Yes. To turn off Archives uncomment this.
|
|
|
60 |
#Archives = No
|
|
|
61 |
# Range = All
|
|
|
62 |
|
|
|
63 |
# The default time range for the report...
|
|
|
64 |
# The current choices are All, Today, Yesterday
|
|
|
65 |
Range = yesterday
|
|
|
66 |
|
|
|
67 |
# The default detail level for the report.
|
|
|
68 |
# This can either be Low, Med, High or a number.
|
|
|
69 |
# Low = 0
|
|
|
70 |
# Med = 5
|
|
|
71 |
# High = 10
|
|
|
72 |
Detail = Low
|
|
|
73 |
|
|
|
74 |
|
|
|
75 |
# The 'Service' option expects either the name of a filter
|
|
|
76 |
# (in /usr/share/logwatch/scripts/services/*) or 'All'.
|
|
|
77 |
# The default service(s) to report on. This should be left as All for
|
|
|
78 |
# most people.
|
|
|
79 |
Service = All
|
|
|
80 |
# You can also disable certain services (when specifying all)
|
|
|
81 |
Service = "-zz-network" # Prevents execution of zz-network service, which
|
|
|
82 |
# prints useful network configuration info.
|
|
|
83 |
Service = "-zz-sys" # Prevents execution of zz-sys service, which
|
|
|
84 |
# prints useful system configuration info.
|
|
|
85 |
Service = "-eximstats" # Prevents execution of eximstats service, which
|
|
|
86 |
# is a wrapper for the eximstats program.
|
|
|
87 |
# If you only cared about FTP messages, you could use these 2 lines
|
|
|
88 |
# instead of the above:
|
|
|
89 |
#Service = ftpd-messages # Processes ftpd messages in /var/log/messages
|
|
|
90 |
#Service = ftpd-xferlog # Processes ftpd messages in /var/log/xferlog
|
|
|
91 |
# Maybe you only wanted reports on PAM messages, then you would use:
|
|
|
92 |
#Service = pam_pwdb # PAM_pwdb messages - usually quite a bit
|
|
|
93 |
#Service = pam # General PAM messages... usually not many
|
|
|
94 |
|
|
|
95 |
# You can also choose to use the 'LogFile' option. This will cause
|
|
|
96 |
# logwatch to only analyze that one logfile.. for example:
|
|
|
97 |
#LogFile = messages
|
|
|
98 |
# will process /var/log/messages. This will run all the filters that
|
|
|
99 |
# process that logfile. This option is probably not too useful to
|
|
|
100 |
# most people. Setting 'Service' to 'All' above analyizes all LogFiles
|
|
|
101 |
# anyways...
|
|
|
102 |
|
|
|
103 |
#
|
|
|
104 |
# By default we assume that all Unix systems have sendmail or a sendmail-like system.
|
|
|
105 |
# The mailer code Prints a header with To: From: and Subject:.
|
|
|
106 |
# At this point you can change the mailer to any thing else that can handle that output
|
|
|
107 |
# stream. TODO test variables in the mailer string to see if the To/From/Subject can be set
|
|
|
108 |
# From here with out breaking anything. This would allow mail/mailx/nail etc..... -mgt
|
|
|
109 |
mailer = "mailx -s'Logwatch homeserver' root"
|
|
|
110 |
|
|
|
111 |
#
|
|
|
112 |
# With this option set to 'Yes', only log entries for this particular host
|
|
|
113 |
# (as returned by 'hostname' command) will be processed. The hostname
|
|
|
114 |
# can also be overridden on the commandline (with --hostname option). This
|
|
|
115 |
# can allow a log host to process only its own logs, or Logwatch can be
|
|
|
116 |
# run once per host included in the logfiles.
|
|
|
117 |
#
|
|
|
118 |
# The default is to report on all log entries, regardless of its source host.
|
|
|
119 |
# Note that some logfiles do not include host information and will not be
|
|
|
120 |
# influenced by this setting.
|
|
|
121 |
#
|
|
|
122 |
#HostLimit = Yes
|
|
|
123 |
|
|
|
124 |
# By default the cron daemon generates daily logwatch report
|
|
|
125 |
# if you want to switch it off uncomment DailyReport tag.
|
|
|
126 |
# The implicit value is Yes
|
|
|
127 |
#
|
|
|
128 |
# DailyReport = No
|
|
|
129 |
|
|
|
130 |
# vi: shiftwidth=3 tabstop=3 et
|