Last modified: Nov. 21 2011

CIS 191B
Lab 10x: Configuring logwatch

The purpose of this lab is to configure logwatch to summarize the information in the idle log created in lab 10. However, you will need to do this lab on the CentOS virtual machine.

Part I: Idle Daemon

In this section, you will enable the idled daemon to collect data about idle uses by scheduling it with the cron daemon.
  1. Log on as root on tty1 and tty2.
  2. Log on as guest on tty3 and tty4.
  3. On the tty1 root login terminal, download the idled program to root's home directory (/root):
    scp logname@opus.cabrillo.edu:/home/cis191/bin/idled /root/
    Verify that it has execute permissions.
  4. Verify that your syslog daemon is logging user.alert to the file /var/log/idle.
  5. Setup a cron schedule as you did in lab10 to run the idled program every minute of the day you are doing this lab. Do not invoke the idled command with the -d option.
  6. Sit back and wait a while for the idle daemon to do its work, i.e. log off guest and the idle root sessions.

Part II: Logwatch

Now that you have collected several log statements in the /var/log/idle file, you will configure logwatch to summarize this information by creatinig three files in the /etc/logwatch directory and running the logwatch command.
  1. As root, change directory to /etc/logwatch/scripts.
  2. Create a subdirectory here called services, and cd into that subdirectory.
  3. In this directory, create a file called idleout that contains the following lines of code, (or scp this file from the cis191/bin directory on opus): 
    #!/bin/bash
echo "--------------------- Idleout Begin -----------------------
"
ALL=$(cat)
NROOT=$(echo "$ALL" | grep "root" | wc -l)
NCIS191=$(echo "$ALL" | grep "guest" | wc -l)
echo "root was logged out $NROOT time(s)."
echo "guest was logged out $NCIS191 time(s)."
echo "
--------------------- Idleout End -----------------------"
  4. Now change directory to /etc/logwatch/conf where you will create two text files in the logfiles and services subdirectories.
  5. Create a text file in the services subdirectory called idleout.conf that contains the single line:
    Logfile = idle
  6. Create a text file in the logfiles subdirectory called idle.conf that contains the two lines:
    Logfile = /var/log/idle
    Archive = idle.?
  7. Now run the following command to see a summary of your idle log file:
    logwatch --range today --service idleout --print

To turn in

lab10x should be a collection of the idle log file from part I and the output of the logwatch command from part II:
cat /var/log/idle > lab10x
logwatch --range today --service idleout --print >> lab10x
Now copy the lab10x file to your account on opus.cabrillo.edu using the following command:
scp lab10x logname@opus.cabrillo.edu:lab10x
 
After you have submitted your lab, don't forget to remove your cron job for idled.