Easily monitor and archive your system log reports.

If you want to monitor your server logs and also like them to be emailed then just Logwatch may not be sufficient. It sends you a mail but does not archive them, so head over to epylog

Name        : epylog
Arch        : noarch
Epoch       : 0
Version     : 1.0.7
Release     : 9.fc22
Size        : 151 k
Repo        : fedora
Summary     : New logs analyzer and parser
URL         : https://fedorahosted.org/epylog/
License     : GPLv2+
Description : Epylog is a new log notifier and parser which runs periodically out of
: cron, looks at your logs, processes the entries in order to present
: them in a more comprehensive format, and then provides you with the
: output. It is written specifically with large network clusters in mind
: where a lot of machines (around 50 and upwards) log to the same
: loghost using syslog or syslog-ng.

To install :

dnf install epylog

After this you need to configure the directory for the archiving and also the means of transport, that could be just File or File with email. In the second case, the reports are archived and email sent with link to the report.

 

Here is the sample configuration that I am using

[main]
cfgdir = /etc/epylog
tmpdir = /var/tmp
vardir = /var/lib/epylog

[report]
title = [Cron] ubu  @@HOSTNAME@@ system events: @@LOCALTIME@@
template = /etc/epylog/report_template.html
include_unparsed = yes
publishers = file

[mail]
method = mail
smtpserv = /usr/sbin/sendmail -t
mailto = root
format = html
lynx = /usr/bin/lynx
include_rawlogs = no
rawlogs_limit = 200
##
# GPG encryption requires pygpgme installed
#
gpg_encrypt = no
# If gpg_keyringdir is omitted, we’ll use the default ~/.gnupg for the
# user running epylog (/root/.gnupg, usually).
#gpg_keyringdir = /etc/epylog/gpg/
# List key ids, can be emails or fingerprints. If omitted, we’ll
# encrypt to all keys found in the pubring.
#gpg_recipients = [email protected], [email protected]
# List key ids that we should use to sign the report.
# If omitted, the report will not be signed, only encrypted.
#gpg_signers = [email protected]

[file]
method = file
path = /var/www/epylog
dirmask = %Y-%b-%d_%a
filemask = %H%M
save_rawlogs = no
expire_in = 700
notify = [email protected]
smtpserv = /usr/sbin/sendmail -t
pubroot = http://example.com/cgi-bin/pager.py?

After you are done, you might want to head over to Fedora Wiki for Epylog and then download the weed_local file and parser.py file. The weed local file is a file containing the regex for common errors that you do not want to see in reports. So, feel free to add yours. And parser.py file sets up a pager. Download that and put it in the cgi-bin directory and configure the epylog data directory, and you are done.

About Amit Agarwal