Ok, first of all....Thank you to the many people who have contributed to these forums. Without your knowledge and willingness to share I, and several like me, would be lost.
On to my question. Having recently deployed my first Linux server, a small email server running postfix on Fedora Core with < 100 users, I am now looking at security, and preventative maintenance. My question then is what logs do you guys regularly review as opposed to having the logs available for trouble shooting, forensics, and disaster recovery? I am still very much a
so I may not even be aware of what I can monitor.
Some items I (think I) would like to monitor:
emails processed per day/week/month (I really only want to watch for spike in activity)
Seems to me that these would be more like reports and not really logs. My goal is to be able to detect problems coming before they get here! Any suggestions?