Adding nginx to logwatch was more complicated than I’d imagined. I found a couple entries on the internets about how to do it, but I wasn’t really impressed with any of them.
And so, my list of steps to accomplish this follows. Enjoy!
First, you need to ensure that nginx is using the Combined Access Log Format. It’s the format by default, and
the format that fedora’s
nginx.conf file came with. Perfect.
Second, you need to copy a few files into the local system directory. On Fedora, the distro root directory is:
/usr/share/logwatch/ I will reference that as
DISTRO_ROOT from now on.
cp DISTRO_ROOT/scripts/services/http /etc/logwatch/scripts/services/nginx
cp DISTRO_ROOT/scripts/services/http-error /etc/logwatch/scripts/services/nginx-error
cp DISTRO_ROOT/default.conf/services/http.conf /etc/logwatch/conf/services/nginx.conf
cp DISTRO_ROOT/default.conf/services/http-error.conf /etc/logwatch/conf/services/nginx-error.conf
Edit the two .conf files and replace http with nginx as appropriate.
Last, you will need to create the
1 2 3 4 5 6 7
LogFile = /var/log/nginx/access.log Archive = /var/log/nginx/access.log-*.gz *ExpandRepeats # keep only the lines in the proper date range *ApplyhttpDate
1 2 3 4 5 6 7 8
LogFile = /var/log/nginx/error.log Archive = /var/log/nginx/error.log-*.gz # expand the repeats *ExpandRepeats # keep only the lines in the proper date range *ApplyhttpDate
Now your system, assuming your log files are in the same place as mine, will include nginx’s output!
I’ve found it to be somewhat useful in catching anomalies, and laughing at teh haxors :)