使用 logwatch 监控 rsnapshot 的日志文件

tag-icon tag-icon debian rsnapshot logwatch
使用 logwatch 监控 rsnapshot 的日志文件

如何将 rsnapshot 的日志文件包含在 logwatch 的配置中?

Logwatch 是一款可以解析日志并检查重要信息并通过电子邮件发送给某人的软件。如何让 logwatch 查看 rsnapshot 的日志文件。

答案1

必须创建一些文件才能将 rsnapshot.log 文件包含在 logwatch 报告中。Debian 的示例如下。

已编辑:最近,已向 logwatch 邮件列表提交一个补丁,该补丁添加了对 rsnapshot 的支持。以下文件已更新以反映这一点。

/etc/logwatch/conf/logfiles/rsnapshot.conf

# rsnapshot backup tool logfile

# default logfile location (relative to /var/log)
# don't forget to change this if changed in /etc/rsnapshot.conf
LogFile = rsnapshot.log
Archive = rsnapshot.log.*.gz

# parse & remove date tag
*ApplyStdDate = "\[%d/%b/%Y:%H:%M:%S\]"
*RemoveHeaders = "\[\d\d/\w{3}/\d{4}:\d\d:\d\d:\d\d\] "

/etc/logwatch/conf/services/rsnapshot.conf

# rsnapshot backup tool service

# just one logfile format
LogFile = rsnapshot

Title = "rsnapshot"

/etc/logwatch/scripts/services/rsnapshot

#!/usr/bin/perl

# rsnapshot backup tool log parsing script
# Hayden Lau, July 2016

use strict;
my $Debug = $ENV{'LOGWATCH_DEBUG'} || 0;
my $Detail = $ENV{'LOGWATCH_DETAIL_LEVEL'} || 0;
my %Error;
my %Warning;
my %Started;
my %Successful;
my %OtherList;

while (defined(my $ThisLine = <STDIN>)) {
   chomp($ThisLine);
   if ($Debug) {
      print "$ThisLine\n";
   }
   if ($ThisLine =~ /ERROR: (\N+)/) {
      $Error{$1}++;
   } elsif ($ThisLine =~ /WARNING: (\N+)/) {
      $Warning{$1}++;
   } elsif ($ThisLine =~ / (\S+): started/) {
      $Started{$1}++;
   } elsif ($ThisLine =~ / (\S+): completed successfully/) {
      $Successful{$1}++;
   } else {
      $OtherList{$ThisLine}++;
   }
}

if (keys %Error) {
   print "ERRORS:\n";
   foreach my $line (sort {$a cmp $b} keys %Error) {
      print "    $line: $Error{$line} Time(s)\n";
   }
}

if (keys %Warning) {
   print "Warnings:\n";
   foreach my $line (sort {$a cmp $b} keys %Warning) {
      print "    $line: $Warning{$line} Time(s)\n";
   }
}

if (($Detail > 5) and keys %Started) {
   print "Started:\n";
   foreach my $retain (sort { $Started{$b} <=> $Started{$a} } keys %Started) {
      print "    $retain: $Started{$retain} Time(s)\n";
   }
}

if ($Detail and keys %Successful) {
   print "Completed Successfully:\n";
   foreach my $retain (sort { $Successful{$b} <=> $Successful{$a} } keys Successful) {
      print "    $retain: $Successful{$retain} Time(s)\n";
   }
}

if (keys %OtherList) {
   print "\n**Unmatched Entries**\n";
   foreach my $line (sort {$a cmp $b} keys %OtherList) {
      print "    $line: $OtherList{$line} Time(s)\n";
   }
}

exit(0);

相关内容