On 4/7/2012 3:55 PM, Mail Lists wrote:
> On 04/07/2012 10:09 AM, Bob Hoffman wrote:
>> Logwatch file shows last upgrade to the code was 2007.
>> The unmatched entries are killing me in the reports.
>> I figure there must be a newer utility centos has in the repo but I
>> cannot find one.
>>
>> Is logwatch the only one that is included?
>>
>> thanks
>> _______________________________________________
>> CentOS mailing list
>> CentOS@xxxxxxxxxx
>> http://lists.centos.org/mailman/listinfo/centos
>>
> Have you tried editing the files in
>
> /usr/share/logwatch/default.conf/services/
>
> or
>
> /usr/share/logwatch/default.conf/ignore.conf
>
> ?
Using customizations to logwatch helps greatly with unmatched entries. I
was spending too much time looking through the logwatch email due to
unmatched entries that I did not need to see. So, I used customizations
to eliminate or consolidate into one line the unmatched entries.
Customizations are placed in /etc/logwatch under the appropriate
directory (e.g. conf or scripts). Logwatch will use both the default and
the custom configurations. Settings in the custom file override default
settings. A custom script will be executed in place of the default
(standard) script.
For customizations, I included one custom setting to direct logwatch to
ignore entries from specific hosts. I created a new configuration file
in /etc/logwatch/conf/logfiles for the service (dovecot.conf in my
case), adding the one setting I needed ($dovecot_ignore_host in my case.)
For scripts, I copied the default script from
/usr/share/logwatch/scripts/services (dovecot in my case) into the
/etc/logwatch/scripts/services directory, then modified it to meet my
requirements. (I added elsif clauses to check for the unmatched entries
and handle them as needed.)
Also, updates to logwatch do not remove my custom changes.
It took a couple of hours for me to get it working.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
