[ale] Logcheck vs Logwatch
attriel
attriel at d20boards.net
Mon Dec 20 11:56:21 EST 2004
> 186 messages sent is nothing. If you had been "hacked to use as a
> spam relay" you'd see 10,000-1,000,000 messages sent. Keep an eye
> on the logs (preferably using Logcheck instead of LogWatch), but I
> don't see this as evidence of any problems.
How is Logcheck better than Logwatch? I'm setting up a system with a
loghost machine (w/o external access; it accepts ONLY syslog UDP packets,
on an internal network) and I was looking at logwatch and logcheck (and
swatch), and decided that logwatch seemed to be a better mechanism for
getting information and statistics for at least basic filtering, and
figured anything "unexpected" could be then tracked more manually
Is logcheck (that's the logsentry one right?) really better?
--attriel
More information about the Ale
mailing list