The default locations and paths used by logwatch are:
/etc/logwatch/conf
/user/share/logwatch/default.conf
/user/share/logwatch/dist.conf
Which three statements are true logwatch installation and configuration?
A.
After installing logwatch, no configuration is required to produce reports from system logs.
B.
After installing logwatch, the /usr/share/logwatch/dist.conf directory will not exist because it is
optional.
C.
After installing logwatch, you must create /etc/logwatch/conf to produce reports from system
logs.
D.
After installing logwatch, all the default directories continue to exist.
E.
To produce a report from the previous day’s logs, the – – range yesterday parameter must be
specified.
F.
Running /usr/sbin/logwatch produces a report of the previous day’s log files.
Explanation:
A, E, F
The answer is A, D, E.
[root@OraLinux6 /]# logwatch –range yesterday –print
################### Logwatch 7.3.6 (05/19/07) ####################
Processing Initiated: Wed Jan 21 14:16:58 2015
Date Range Processed: yesterday
( 2015-Jan-20 )
Period is day.
Detail Level of Output: 0
Type of Output: unformatted
Logfiles for Host: oralinux6
##################################################################
——————— Selinux Audit Begin ————————
Number of audit daemon starts: 1
Number of audit daemon stops: 1
———————- Selinux Audit End ————————-
——————— Automount Begin ————————
**Unmatched Entries**
lookup_read_master: lookup(nisplus): couldn’t locate nis+ table auto.master: 1 Time(s)
———————- Automount End ————————-
——————— Init Begin ————————
**Unmatched Entries**
Disconnected from system bus
———————- Init End ————————-
——————— Postfix Begin ————————
3.850K Bytes accepted 3,942
3.850K Bytes delivered 3,942
======== ================================================
1 Accepted 100.00%
——– ————————————————
1 Total 100.00%
======== ================================================
1 Removed from queue
1 Delivered
1 Postfix start
1 Postfix stop
———————- Postfix End ————————-
——————— Connections (secure-log) Begin ————————
**Unmatched Entries**
polkitd(authority=local): Registered Authentication Agent for session /org/freedesktop/ConsoleKit/Session1 (system bus name :1.25 [/usr/libexec/polkit-gnome-authentication-agent-1], object path /org/gnome/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8): 1 Time(s)
polkitd(authority=local): Unregistered Authentication Agent for session /org/freedesktop/ConsoleKit/Session1 (system bus name :1.25, object path /org/gnome/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8) (disconnected from bus): 1 Time(s)
———————- Connections (secure-log) End ————————-
——————— SSHD Begin ————————
SSHD Killed: 1 Time(s)
SSHD Started: 2 Time(s)
Users logging in through sshd:
root:
192.168.56.1: 1 time
**Unmatched Entries**
Exiting on signal 15 : 1 time(s)
———————- SSHD End ————————-
——————— Disk Space Begin ————————
Filesystem Size Used Avail Use% Mounted on
/dev/sda3 48G 13G 34G 27% /
/dev/sda1 248M 55M 182M 24% /boot
/ISOs/OL6.3_x86_64_Dis.iso
3.5G 3.5G 0 100% /OL6DVD
/dev/sdd1 20G 9.6G 9.1G 52% /u01
/dev/sdb1 9.9G 5.1G 4.3G 55% /home
/dev/mapper/u02vg-u02lv
2.0G 580M 1.4G 31% /u02
———————- Disk Space End ————————-
###################### Logwatch End #########################
[root@OraLinux6 /]#
yes A, D, E
A,D,F
Is not necessary to specify –yesterday to produce a report from previous day’s logs:
[root@master ~]# logwatch -print
################### Logwatch 7.3.6 (05/19/07) ####################
Processing Initiated: Sat Feb 28 23:05:35 2015
Date Range Processed: yesterday
( 2015-Feb-27 )
Period is day.
Detail Level of Output: 0
Type of Output: unformatted
Logfiles for Host: master.xxxxxxx.it
##################################################################
——————— Disk Space Begin ————————
Filesystem Size Used Avail Use% Mounted on
/dev/sda2 14G 9.5G 3.4G 74% /
/dev/sda1 198M 114M 74M 61% /boot
/dev/sdb1 32G 4.3G 26G 15% /home
———————- Disk Space End ————————-
###################### Logwatch End #########################
Answer: ADF
http://www.linux-mag.com/id/7800/
A, D, F,