So I own a VPS (if you can ever really own a VPS) which does a number of things for me. It's backed up by the hosting company, something which requires root access. Now I always worry when giving someone root access, no matter how much I trust them, so the back ups are performed through a simple script which only allows certain commands to be ran, as well as logging all attempts.
I run logwatch on my VPS in order to keep on top of important information from log files, so I went about adding a custom configuration to allow logwatch to also monitor this file. Here are the basic steps:
- Create the file /etc/logwatch/conf/services/my_service.conf and enter the coniguration information (logfile, name etc.)
- Create a script etc/logwatch/scripts/services/my_service which receives the logs on STID and outputs results to STDOUT.
Sources / More Information: