doel

Deze server is onze centrale log server

ip addressen

extern

uit /etc/network/interfaces:

# The primary network interface
# This interface is only used for rsyslog purposes
# Do not install routing possibilities on this interface!
# **NON-ROUTED!!**
auto eth0
iface eth0 inet static
        address         212.72.224.44
        netmask         255.255.255.0
#       add route to ns3, running at cloudrock.nl
        up              route add -net 93.189.130.25 netmask 255.255.255.255 gw 212.72.224.1 dev eth0
        down            route del -net 93.189.130.25 netmask 255.255.255.255 gw 212.72.224.1 dev eth0
#       gateway 212.72.224.1

# This interface is only used for rsyslog purposes
# Do not install routing possibilities on this interface!

intern

uit /etc/network/interfaces:

auto eth1
iface eth1 inet static
        address 172.31.1.27
        netmask 255.255.255.0
        up route add -net 172.29.1.0/24   gw 172.31.1.254
        up route add -net 172.31.2.0/24   gw 172.31.1.254
        up route add -net 172.31.6.0/24   gw 172.31.1.254
        up route add -net 172.31.100.0/24 gw 172.31.1.254
        up route add -net 172.32.2.0/24   gw 172.31.1.254
        dns-nameservers 172.31.1.22
        dns-search hobby.nl

logwatch

Log watch draait 1 x per dag
En meldt ongebruikelijk heden , over alle logs.

Van alle servers staat alles in 1 log mail, wil weten van welke het komt moet je grep doen

ignore.conf

In de ignore.conf neem dingen op die genegeerd mogen worden zoals:

# firewall start stop negeren
=*= Start IPv4 firewall =*=
=*= Start IPv6 firewall =*=
=*= Stop IPv4 firewall =*=
=*= Stop IPv6 firewall =*=
# neger start stop regels van scripts in cron
started on server
finished on server
stoped on server
ended on server
# start en stop van sessie hoeven niet in log watch
session opened for user
session closed for user