1. Logwatch
①Install
1 |
# dnf install logwatch -y |
②Edit configuration file
1 2 |
# cat /usr/share/logwatch/default.conf/logwatch.conf >> /etc/logwatch/conf/logwatch.conf # vi /etc/logwatch/conf/logwatch.conf |
1 2 3 4 5 6 7 |
●Per line 51 Set "MailTo = root" as a comment and set the email address you want to receive notifications to the line below it. #MailTo = root MailTo = [Mail address] ●Per line 84 : Set the level of detail for log notifications #Detail = Low Detail = High |
③Output Logwatch reports
1 |
# logwatch --output stdout |
It will appear as follows
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 |
################### Logwatch 7.5.5 (01/22/21) #################### Processing Initiated: Sat Aug 24 16:27:24 2024 Date Range Processed: yesterday ( 2024-Aug-23 ) Period is day. Detail Level of Output: 10 Type of Output/Format: stdout / text Logfiles for Host: Lepard ################################################################## --------------------- Kernel Audit Begin ------------------------ Number of audit daemon starts: 3 Number of audit initializations: 3 **Unmatched Entries** auditd[709]: audit dispatcher initialized with q_depth=2000 and 1 active plugins: 1 Time(s) auditd[708]: audit dispatcher initialized with q_depth=2000 and 1 active plugins: 1 Time(s) audit: type=1403 audit(1724388330.137:3): auid=4294967295 ses=4294967295 lsm=selinux res=1: 1 Time(s) auditd[705]: audit dispatcher initialized with q_depth=2000 and 1 active plugins: 1 Time(s) ---------------------- Kernel Audit End ------------------------- ・・・<omission >・・・ --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/mapper/almalinux-root 17G 7.1G 9.9G 42% / /dev/nvme0n1p1 960M 321M 640M 34% /boot ---------------------- Disk Space End ------------------------- --------------------- lm_sensors output Begin ------------------------ No sensors found! Make sure you loaded all the kernel drivers you need. Try sensors-detect to find out which these are. ---------------------- lm_sensors output End ------------------------- ###################### Logwatch End ######################### |
④Test to see if the report arrives at the address you set. Check if you receive a log report email like the one above.
1 |
# /etc/cron.daily/0logwatch |
2. Introduce disk usage check script
2.1 Script Creation
1 2 |
# cd /var/www/system # vi disk_capacity_check.sh |
Contents of disk_capacity_check.sh
1 2 3 4 5 6 7 8 9 10 |
#!/bin/bash # Designation of e-mail address to be notified MAIL="<your mailaddress>" DVAL=`/bin/df / | /usr/bin/tail -1 | /bin/sed 's/^.* \([0-9]*\)%.*$/\1/'` if [ $DVAL -gt 80 ]; then echo "Disk usage alert: $DVAL %" | mail -s "Disk Space Alert in `hostname`" $MAIL fi |
1 |
# chmod 700 disk_capacity_check.sh |
2.2 Execution Confirmation
①Check current usage rates
1 |
# df -h |
It appears as follows
1 2 3 4 5 6 7 8 9 10 11 |
Filesystem Size Used Avail Use% Mounted on devtmpfs 4.0M 0 4.0M 0% /dev tmpfs 872M 0 872M 0% /dev/shm tmpfs 349M 5.5M 344M 2% /run /dev/mapper/almalinux-root 17G 7.1G 9.9G 42% / /dev/loop2 64M 64M 0 100% /var/lib/snapd/snap/core20/2318 /dev/loop1 105M 105M 0 100% /var/lib/snapd/snap/core/17200 /dev/loop3 128K 128K 0 100% /var/lib/snapd/snap/hello-world/29 /dev/loop0 45M 45M 0 100% /var/lib/snapd/snap/certbot/3834 /dev/nvme0n1p1 960M 321M 640M 34% /boot tmpfs 175M 8.0K 175M 1% /run/user/1000 |
②Create a dummy file to achieve at least 80% utilization
1 |
# dd if=/dev/zero of=dummyfile bs=1M count=8000 |
③check again
1 |
# df -h |
Run it and make sure it is above 80%.
④Run check scripts
1 |
# /var/www/system/disk_capacity_check.sh |
You will receive an email to the email address you have set up, stating something like "Disk usage alert: 82 %".
⑤Delete "dummyfile"
1 |
# rm dummyfile |
⑥Periodic Execution Setting
1 2 |
# crontab -e 30 2 * * * /var/www/system/disk_capacity_check.sh |