infra:logwatch
Differences
This shows you the differences between two versions of the page.
Next revisionBoth sides next revision | |||
infra:logwatch [2019-11-13 20:53] – created Jeanjack | infra:logwatch [2019-11-13 21:01] – Jeanjack | ||
---|---|---|---|
Line 1: | Line 1: | ||
Logwatch est un outil permettant d' | Logwatch est un outil permettant d' | ||
- | Sous debian, `apt install logwatch`. Une fois installé, en fonction des services activés et des modules installés, il va compiler les logs ssh, sudo et l' | + | Sous debian, `apt install logwatch`. Une fois installé, en fonction des services activés et des modules installés, il va compiler les logs ssh, sudo et l' |
+ | |||
+ | Un exemple de log ( issu de [[https:// | ||
+ | |||
+ | '' | ||
+ | ################### | ||
+ | Processing Initiated: Wed Nov 15 15:07:00 2013 | ||
+ | Date Range Processed: today | ||
+ | ( 2013-Nov-15 ) | ||
+ | Period is day. | ||
+ | Detail Level of Output: 0 | ||
+ | Type of Output: unformatted | ||
+ | | ||
+ | ################################################################## | ||
+ | |||
+ | | ||
+ | |||
+ | 3.453K | ||
+ | 3.453K | ||
+ | | ||
+ | |||
+ | 3 | ||
+ | | ||
+ | 3 | ||
+ | | ||
+ | |||
+ | 3 | ||
+ | 2 | ||
+ | 1 Sent via SMTP | ||
+ | |||
+ | 1 | ||
+ | |||
+ | 1 | ||
+ | |||
+ | |||
+ | | ||
+ | |||
+ | |||
+ | | ||
+ | |||
+ | New Users: | ||
+ | apache (48) | ||
+ | |||
+ | New Groups: | ||
+ | apache (48) | ||
+ | |||
+ | |||
+ | | ||
+ | groupadd: group added to /etc/group: name=apache, | ||
+ | groupadd: group added to / | ||
+ | |||
+ | | ||
+ | |||
+ | | ||
+ | |||
+ | |||
+ | SSHD Started: 2 Time(s) | ||
+ | |||
+ | Users logging in through sshd: | ||
+ | root: | ||
+ | | ||
+ | |||
+ | | ||
+ | |||
+ | | ||
+ | |||
+ | |||
+ | | ||
+ | apr-1.3.9-5.el6_2.x86_64 | ||
+ | apr-util-1.3.9-3.el6_0.1.x86_64 | ||
+ | perl-YAML-Syck-1.07-4.el6.x86_64 | ||
+ | 4: | ||
+ | mailx-12.4-6.el6.x86_64 | ||
+ | 1: | ||
+ | 1: | ||
+ | 3: | ||
+ | httpd-2.2.15-29.el6.centos.x86_64 | ||
+ | 4: | ||
+ | mailcap-2.1.31-2.el6.noarch | ||
+ | perl-Date-Manip-6.24-1.el6.noarch | ||
+ | 1: | ||
+ | httpd-tools-2.2.15-29.el6.centos.x86_64 | ||
+ | apr-util-ldap-1.3.9-3.el6_0.1.x86_64 | ||
+ | logwatch-7.3.6-49.el6.noarch | ||
+ | |||
+ | | ||
+ | '' |