infra:logwatch
Differences
This shows you the differences between two versions of the page.
Next revision | Previous revisionNext revisionBoth sides next revision | ||
infra:logwatch [2019-11-13 20:53] – created Jeanjack | infra:logwatch [2019-11-13 21:06] – Jeanjack | ||
---|---|---|---|
Line 1: | Line 1: | ||
Logwatch est un outil permettant d' | Logwatch est un outil permettant d' | ||
- | Sous debian, `apt install logwatch`. Une fois installé, en fonction des services activés et des modules installés, il va compiler les logs ssh, sudo et l' | + | Sous debian, `apt install logwatch`. Une fois installé, en fonction des services activés et des modules installés, il va compiler les logs ssh, sudo et l' |
+ | |||
+ | Un exemple de log ( issu de [[https:// | ||
+ | |||
+ | '' | ||
+ | ################### | ||
+ | Processing Initiated: Wed Nov 15 15:07:00 2013\\ | ||
+ | Date Range Processed: today\\ | ||
+ | ( 2013-Nov-15 )\\ | ||
+ | Period is day.\\ | ||
+ | Detail Level of Output: 0\\ | ||
+ | Type of Output: unformatted\\ | ||
+ | | ||
+ | ################################################################## | ||
+ | \\ | ||
+ | | ||
+ | \\ | ||
+ | 3.453K | ||
+ | 3.453K | ||
+ | | ||
+ | \\ | ||
+ | 3 | ||
+ | | ||
+ | 3 | ||
+ | | ||
+ | \\ | ||
+ | 3 | ||
+ | 2 | ||
+ | 1 Sent via SMTP\\ | ||
+ | \\ | ||
+ | 1 | ||
+ | \\ | ||
+ | 1 | ||
+ | \\ | ||
+ | \\ | ||
+ | | ||
+ | \\ | ||
+ | \\ | ||
+ | | ||
+ | \\ | ||
+ | New Users:\\ | ||
+ | apache (48)\\ | ||
+ | \\ | ||
+ | New Groups:\\ | ||
+ | apache (48)\\ | ||
+ | \\ | ||
+ | \\ | ||
+ | | ||
+ | groupadd: group added to /etc/group: name=apache, | ||
+ | groupadd: group added to / | ||
+ | |||
+ | \\ | ||
+ | | ||
+ | \\ | ||
+ | | ||
+ | \\ | ||
+ | \\ | ||
+ | SSHD Started: 2 Time(s)\\ | ||
+ | \\ | ||
+ | Users logging in through sshd:\\ | ||
+ | root:\\ | ||
+ | | ||
+ | \\ | ||
+ | | ||
+ | \\ | ||
+ | | ||
+ | \\ | ||
+ | \\ | ||
+ | | ||
+ | apr-1.3.9-5.el6_2.x86_64\\ | ||
+ | apr-util-1.3.9-3.el6_0.1.x86_64\\ | ||
+ | perl-YAML-Syck-1.07-4.el6.x86_64\\ | ||
+ | 4: | ||
+ | mailx-12.4-6.el6.x86_64\\ | ||
+ | 1: | ||
+ | 1: | ||
+ | 3: | ||
+ | httpd-2.2.15-29.el6.centos.x86_64\\ | ||
+ | 4: | ||
+ | mailcap-2.1.31-2.el6.noarch\\ | ||
+ | perl-Date-Manip-6.24-1.el6.noarch\\ | ||
+ | 1: | ||
+ | httpd-tools-2.2.15-29.el6.centos.x86_64\\ | ||
+ | apr-util-ldap-1.3.9-3.el6_0.1.x86_64\\ | ||
+ | logwatch-7.3.6-49.el6.noarch\\ | ||
+ | \\ | ||
+ | | ||
+ | |||
+ | '' |