Logcheck Installation

Text: h1. Logcheck Installation h2. Unpacking Extract the file logcheck-x.x.x.tar.gz by using command @tar -xvzf logcheck-x.x.x.tar.gz@ h2. Setup Change to the created directory cd logcheck-x.x.x/ and edit files logcheck.whitelist and logcheck.logfiles. h3. logcheck.conf You will have to edit this file. Most important things you need to change are the mail addresses, and the base path. # path with trailing / to script and config $logcheckpath="/logcheck/"; # name of whitelist file $file_whitelist=$logcheckpath."logcheck.whitelist"; # name of logfile-file $file_logfilelist=$logcheckpath."logcheck.logfiles"; # receiver addresses, who receives the warning summary? $emailaddress='receiveraddress@someones.host'; # who is the sender of that mail $senderaddress='senderaddress@thishost'; h3. logcheck.whitelist Contains a list of phrases to ignore as "ok". Each single line you place here will be ignored when parsing the logfiles. A line containing @please ignore@ would result in ignoring all lines found on a logfile if the line contains please ignore . h3. logcheck.logfiles Contains the path to the logfiles which should be parsed by logcheck.pl. Each line represents one logfile with full path. When running as cron don't use relative paths! @/var/log/messages /var/log/warn@ This should be a good start on a Linux system. h3. Checking installation Run the command @/path/to/logcheck.pl debug@ to check your installation. Please note, that also the emails will be generated during the debug run. h3. Set a cronjob Use the command @crontab -e@ and put a line similar to the following into it: @*/10 * * * * /path/to/logcheck.pl@ Thats it...This will result in logfile checks every 10 minutes. → h1. Logcheck Installation h2. Unpacking Extract the file logcheck-x.x.x.tar.gz by using command @tar -xvzf logcheck-x.x.x.tar.gz@ h2. Setup Change to the created directory cd logcheck-x.x.x/ and edit files logcheck.whitelist and logcheck.logfiles. h3. logcheck.conf You will have to edit this file. Most important things you need to change are the mail addresses, and the base path. bq). # path with trailing / to script and config $logcheckpath="/logcheck/"; # name of whitelist file $file_whitelist=$logcheckpath."logcheck.whitelist"; # name of logfile-file $file_logfilelist=$logcheckpath."logcheck.logfiles"; # receiver addresses, who receives the warning summary? $emailaddress='receiveraddress@someones.host'; # who is the sender of that mail $senderaddress='senderaddress@thishost'; h3. logcheck.whitelist Contains a list of phrases to ignore as "ok". Each single line you place here will be ignored when parsing the logfiles. A line containing @please ignore@ would result in ignoring all lines found on a logfile if the line contains please ignore . h3. logcheck.logfiles Contains the path to the logfiles which should be parsed by logcheck.pl. Each line represents one logfile with full path. When running as cron don't use relative paths! @/var/log/messages /var/log/warn@ This should be a good start on a Linux system. h3. Checking installation Run the command @/path/to/logcheck.pl debug@ to check your installation. Please note, that also the emails will be generated during the debug run. h3. Set a cronjob Use the command @crontab -e@ and put a line similar to the following into it: @*/10 * * * * /path/to/logcheck.pl@ Thats it...This will result in logfile checks every 10 minutes.