Logcheck is a program that automatically monitors your system logfiles on
a regular basis and emails security violations to you. It looks for messages
generated by various programs (including Portsentry and Hostsentry) that
indicate a hacking attempt, and generates a report which is emailed to
the chosen address.
The options on this page are :
- Email reports to
The email address to which security violation reports and sent.
- Hacking log messages
A list of messages which if found in one of the system log files indicate
a hacking attempt.
- Violation log messages
A list of messages that indicate a potential security violation. Any message
that is on this list but also in the 'Except for' list below it will be
ignored.
- Ignored log messages
Any log message listed in this field will always be ignored, even if it
matches one of the hacking or violation message strings.
At the bottom of the page is a form for choosing exactly when Logcheck
should be run. However, if your Logcheck install uses a Cron script that
forces it to be run hourly or daily, this form will not be displayed.