The Latest
How to Install Logwatch on Ubuntu 22.04 LTS

How to Install Logwatch on Ubuntu 22.04 LTS

May 30, 2023

Learning how to install Logwatch on Ubuntu 22.04 LTS is crucial for monitoring your system, and we’re here to help you do just that. 

Logwatch is an open-source log analysis and monitoring tool developed for Linux and its distributions. For beginners, Logwatch scans and analyzes the system log files and generates a shareable summarized report that is concise and readable.

In this article, we will explain the use of Logwatch and provide a detailed guide on how to install Logwatch on Ubuntu 22.04 LTS. Additionally, you can test, run, and automate Logwatch through the simple steps provided and gain complete control over logs.

Why Install Logwatch on Ubuntu 22.04 LTS?

Logs play a key role in monitoring and troubleshooting system activities. Usually, analyzing and understanding logs need knowledge and skill, and not everyone can achieve it.

Through the Logwatch, users can gain a convenient way to review system activity. Here are some reasons why installing Logwatch on Ubuntu can be beneficial:

  • It helps analyze log files from different sources.
  • Gain insights on several system activities.
  • Useful for identifying potential security threats or suspicious activities.
  • It makes troubleshooting easier.
  • It generates detailed reports on system activities.

Steps on How to Install Logwatch on Ubuntu 22.04 LTS   

Before proceeding with the installation of Logwatch, please ensure that you meet the following requirements:

  1. You’ll need a server running Ubuntu 22.04 LTS or a compatible Linux distribution with an Internet connection.
  2. Ensure you have root access, but we recommend making changes using a “non-root sudo” user to avoid permanent modifications.
  3. Ensure you have access to a Terminal, or if you’re working with a server, ensure SSH access is available.

Step 1: Update and Upgrade your Ubuntu 22.04 LTS

The best practice is to update and upgrade the Ubuntu 22.04 LTS before installing anything. To do this, enter the below command inside the Terminal and ensure the Internet is turned on.

sudo apt update
sudo apt update

The update command updates the local package index by obtaining the most recent details about the packages that are currently accessible from the software repositories set up on your Ubuntu system.

Before beginning any package installations or upgrades, running this command ensures you have the most recent package information.

sudo apt upgrade
sudo apt upgrade

The upgrade command is used to upgrade the installed packages on your device running Ubuntu 22.04 LTS. Using this command, you may ensure that the installed packages on your system have the most recent security updates, bug fixes, and feature upgrades.

To proceed with the upgrades, enter ‘Y’ when prompted. In doing so, it starts downloading and upgrading the necessary packages.  

Step 2: Install Logwatch on Ubuntu 22.04 LTS

APT (Advanced Package Tool) is Ubuntu’s default package manager, which helps install any packages easily through a few commands. To understand how to install Logwatch on Ubuntu 22.04 LTS, enter the following commands:

sudo apt install logwatch
sudo apt install logwatch

During the installation of Logwatch, you have to deal with the Postfix server’s setup and select the mail server configuration type that matches your requirement.

mail server configuration type

Upon selecting your desired mail server configuration type, click Enter to proceed. When prompted, enter the mail address, and you have successfully installed Logwatch on your device running Ubuntu 22.04 LTS.

successfully installed Logwatch

Once you’re done with the installation, check for the logwatch version using the command: 

logwatch --version
check for the logwatch version

If the Terminal doesn’t display the version, repeat steps 1 and 2.

Step 3: Configuring Logwatch on Ubuntu 22.04 LTS

The Postfix configuration is a great way to configure Logwatch. However, sometimes the changes aren’t reflected. To counter this issue, the best approach is configuring Logwatch through the Logwatch configuration file, located at “/usr/share/logwatch/default.conf/logwatch.conf“.

You can use any editor to edit the Logwatch configuration file. Here is the command to edit the Logwatch config file through Vim:

sudo vim /usr/share/logwatch/default.conf/logwatch.conf
Logwatch config file

Modify values for the line “MailTo” and update it with the email address to which you want to receive reports. Also, modify the lines “Range and Detail” to manage the frequency and detail level.

Step 4: Test and Schedule Logwatch on Ubuntu 22.04 LTS

Testing Logwatch can be done using a Terminal by typing the given command:

sudo logwatch --detail High --mailto <your-email-address>

If there are no issues with Postfix and Logwatch config file, you will receive emails from Logwatch. 

receive emails from Logwatch

You can also schedule reports to run automatically using a cron job. To do this, create a new file in the “/etc/cron.daily/” directory.

Once the file is created, edit it using the command:

sudo vim /etc/cron.daily/logwatch

After the file is opened on Vim, add the following lines:

#!/bin/sh
/usr/bin/logwatch --output mail --mailto <your-email-address> --detail High

Step 5: Manually Run Logwatch on Ubuntu 22.04 LTS

After following the steps from 1 to 4, your device must have an installed Logwatch that is tested, scheduled, and verified. Manually running Logwatch helps you check if the logs are being properly generated.

To manually run Logwatch, use the command:

sudo logwatch
sudo logwatch

If the command doesn’t generate any output or throw an error, you might have made a mistake with the installation process.

Hence, analyze steps 2-5 to realize the mistake, and if it persists, type in the below command to remove Logwatch and start with the fresh installation.

sudo apt-get purge --autoremove logwatch

Also, refer to logwatch help using the command “logwatch –help” to prevent making mistakes while entering the commands.

logwatch –help

The installation of Logwatch on Ubuntu 22.04 LTS gives all users a strong tool for tracking and examining system logs. This guide teaches you to quickly how to install Logwatch on Ubuntu 22.04 LTS through the package manager and schedule reports using “cron”.

With the help of Logwatch, log files can be automatically scanned and analyzed, providing useful information about system activity, error detection, security incidents, and general system performance.

Logwatch makes system administration on Ubuntu 22.04 LTS easier by streamlining the log monitoring process and providing the opportunity to schedule routine log analysis.

Note:  We suggest creating backups of the config files to restore them in case of an irreversible modification. 

If this guide helped you, please share it.

Author
Husain Parvez
Husain is a staff writer at Distroid and has been writing on all things Linux and cybersecurity for over 10 years. He previously worked as a technical writer for wikiHow. In his past time, he loves taking tech apart and see what makes them tick, without necessarily putting it all back together. LinkedIn
Related Posts