Logwatch is a customizable log analysis system.
Logwatch parses through your system’s logs for a given period of time and creates a report analyzing areas that you specify, in as much detail as you require. Logwatch is easy to use and will work right out of the package on most systems.
1. Login to your server as root via SSH.
2. Load the logwatch configuration file
Type: pico -w /etc/log.d/conf/logwatch.conf
3. Search for where the log files are mailed too.
Press: CTRL-W
Type: MailTo
Set the e-mail address to an off server account so incase you get
hacked they can not delete the mail without hacking atleast 2 servers.
4. Now lets change what actions you are alerted of.
CTRL-W
Type: Detail
5. Detail = Low
Change that to Medium, or High.
I suggest high, because you will get more detailed logs with all actions.
6. Once you are done lets Exit & Save
CTRL-X then Y then Enter
Monkey business for the geek in you!