what program do you use to analyze your logs ?
Hi,
I am using logwatch which sends an email every day with the logs of my server.
What I don't like about logwatch is that it doesn't send time stamped messages. For example I can't see when an event has occurred. Only that it has occurred....
Ex:
--------------------- SSHD Begin ------------------------
Failed logins from these:
XXX/password from ::ffff:192.168.60.1: 1 Time(s)
Users logging in through sshd:
YYYY:
server (192.168.60.1): 3 times
---------------------------------------------------------------
What do you use? I've heard about logcheck? Do you use it?
ddaas
|