logwatch (was: Tripwire Update ...)

[Karl DeBisschop]

On Tue, 2003-11-25 at 01:01, seth vidal wrote:
> > Tripwire may fit some needs, but since I to admin 20+ servers and
> > desktops in something like 5 hours per week. With user-friendly tools
> > like aide and logwatch, I can be a little proactive about security
> > within those constraints. If I have to set up tripwire for each if those
> > boxes, I don't think I can do it in that time frame.
> 
> This is off topic for this thread but:
> 
> there is NOTHING clean or user-friendly about logwatch.

some of that is in the eye of the beholder perhaps. And I submit that
there is a degree of user-friendliness shown by the fact it has reduced
some rather vast log files into something I can manage without extra
configuration. 

For me it was a value add, because the alternative was to only look at
the logs when something was going wrong. And in the few times I needed
to change the default scanning engine, I read the docs and did the work
in less than an hour. Could be better, but I'm OK with that.

> look at http://linux.duke.edu/epylog/

Having stood up to the defense of logwatch, I also admit to always being
on the lookout for a better tool. I will be clicking over to the like
you gave right after I finish catching up on my mail. Thanks for the
tip.

-- 
Karl DeBisschop <kdebisschop at alert.infoplease.com>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.fedoraproject.org/pipermail/devel/attachments/20031125/af079fbe/attachment-0002.bin