How to monitor logs and notify about critical events in linux?

K

Koal Koalich2018-08-23 16:33:04

linux

Koal Koalich, 2018-08-23 16:33:04

Did you need to host 3 sites and the question arose of monitoring logs with notification by mail about accidents or hacking attempts?
How can this be done?

Reply

Answer the question

In order to leave comments, you need to log in

6 answer(s)

V

Vladimir Kuts, 2018-08-23
@tmman

monitor

K

key don, 2018-08-23
@keydon2

zabbix

V

vreitech, 2018-08-23
@fzfx

gray log

H

hx510b, 2018-08-25
@hx510b

1. To control unsuccessful login attempts, there is fail2ban , which bans the IP addresses of stubborn uninvited guests and knows how to send letters about it if necessary.
2. To analyze logs and send reports, there is logwatch , by default, it looks at logs once a day and sends a report letter to the local root, you can redirect it wherever you want.
3. To control the health of services, the state of the system, control arbitrary points of failure , zabbix was invented , but for one host this will be a difficult decision.
Perhaps the first two points will suffice to get you started.

P

pfg21, 2018-08-23
@pfg21

in the simplest case - a script that will periodically run on the site, read the logs and send a letter to someone who needs it.

D

Dark_Rider, 2018-08-23
@Dark_Rider

The logs always contain all attempts to enter the server, what is generally understood as a hacking attempt?