LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices

Reply
 
Search this Thread
Old 07-14-2005, 05:14 AM   #1
shadowknight
LQ Newbie
 
Registered: Jul 2005
Posts: 2

Rep: Reputation: 0
Logwatch - and NT Servers


Here's a very odd, and interesting problem... it appears that Logwatch is bypassing Syslog Entries by two NT servers that I have.

I guess I need to explain a bit more. Using a program called ntsyslog (available from sourceforge) I managed to get the Event viewer to send to our logging server. This logging server runs logwatch nightly, and merrily produces output for all our servers. That bit works fine.

The information is arriving at the Logging server, and I have written a "service" script to pick up all the services run by those two and add them to the email (currently it'll just produce a mess, but that'll be a start). This script runs when I cat the message log through it, but fails when I run it with logwatch. Well, actually, it fails to output anything by the two servers when I run it with logwatch, it picks up NMBD errrors sent out by unix servers, thus happily proving that at least part of the script is running.

I'm wondering if the events are being pulled out by logwatch (as I notice that it automatically pulls out a lot of stuff), and I was just wondering if it is possible that the Event Log messages are part of it.

Having scoured the logwatch code, I can't find where it's pulling the messages out, however I have a feeling that I've been staring at the code so long that it's staring me in the face.

Thanks,

SK
 
Old 07-14-2005, 03:50 PM   #2
Kahless
Member
 
Registered: Jul 2003
Location: Pennsylvainia
Distribution: Slackware / Debian / *Ubuntu / Opensuse / Solaris uname: Brian Cooney
Posts: 503

Rep: Reputation: 30
logwatch works by looking for keywords in the log files that may be of interest to you. it was written for linux


It may simply be a matter of it not finding anyting interesting in the NT files, such as failed ssh login attmpts, ect.

you can customise what it looks for, that may be what you need to do to get yoru expected results.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Logwatch?? Palula Linux - Newbie 2 08-02-2005 08:14 PM
logwatch I keep getting this help please lildrummerboy Linux - Newbie 1 08-01-2004 01:57 PM
logwatch lildrummerboy Linux - Newbie 1 07-29-2004 07:38 PM
LogWatch exyst Linux - Software 0 03-13-2004 06:04 PM
Logwatch miguel Linux - General 0 11-08-2002 05:15 AM


All times are GMT -5. The time now is 10:04 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration