Wow, it’s been a while since I posted here! Over a year and three months!
I have been working on my workspace code a lot recently, and covering automation and other areas.
Logwatch is a small, simple mail-based system logging solution that I enable on all my servers, big or small. I typically then archive/delete any messages older than x days old.
Logwatch can be useful as a fallback solution for figuring out vaguely when things have changed, or packages installed, or simply to provide any other information (HTTP responses, fail2ban, vnstat, etc)
Adding vnstat support to logwatch
By default vnstat is not supported with logwatch, so here is an easy way to add support.
Automating an entire logwatch install
If you are using ansible, chef, or some other configuration management software then you will of course need to either adapt, or interface with this script in your own way.
One thing that I do is have logwatch installed, configured, and additional logwatch services created from provisioning… the script below doesn’t handle apt-get install logwatch, so you’ll need to make sure that is done somewhere else.