logsentry
logfile auditing tool
WWW CVSWeb GITHub-
Package versionlogsentry-1.1.1p8
-
MaintainerThe OpenBSD ports mailing-list
Logsentry is a scheduled auditing tool that scans system log files
for security violations and unusual activity. Reports of suspicious
log entries are mailed to a specified user (usually root).
Logsentry was formerly known as logcheck. This OpenBSD port has renamed
the script files used by logsentry to reflect this change. However,
documentation located in ${DOC_DIR} may still use the old names.
+-----------------------------------------------------------------------
| Running ${PKGSTEM} on OpenBSD
+-----------------------------------------------------------------------
You need to configure your crontab as indicated by
${DOC_DIR}/INSTALL so that logsentry is run
regularly.
By default logcheck will parse the following files:
/var/log/messages
/var/log/maillog
/var/log/authlog
/var/log/secure
/var/log/daemon
/var/log/xferlog
Edit ${SYSCONFDIR}/logsentry/logsentry.sh if you want to add more files.