Bug 189638
| Summary: | logwatch does not handle the --logdir option correctly | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 4 | Reporter: | Allegro Consultants <support> |
| Component: | logwatch | Assignee: | Ivana Varekova <varekova> |
| Status: | CLOSED WONTFIX | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | 4.0 | CC: | support |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2006-04-24 15:29:40 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
The --logdir option seems to be right in your example.
Logwatch go through files
'/var/log/httpd/tmp/log/httpd/access_log' and
'/var/log/httpd/tmp/httpd/*access_log'
the logdir is set to 'var/log/httpd/tmp'
but the parsed files are
1/ 'log/httpd/access_log' - file '/httpd/access_log' which is in LogFile was not
found in /var/log/httpd/tmp/, so logwatch use 'log/httpd/access_log' (this is
only done for log_file_names which represent files existing in /var/log dir) and
2/ 'httpd/*access_log' ('/var/log/httpd/*access_log' is not file. Logwatch does
not add string log.)
- log file names are set in /etc/log.d/conf/logfiles/http.conf (LogFile variable).
There is necessary to add the relative path to given logdir path becouse of
different services has log files in various subdirectories. So if you want to
display logwatch output relevant to all services you can set only one logdir
path. Logwatch supposes that the log files directory has the same structure as
/var/log directory.
If there is any problem, please reopen this bug.
Thanks for the explanation. I gather, therefore, that the directory specified with the "--logdir" option on the command line is a *relative* path, not an *absolute* path. That is, logwatch will use the specified directory as a "starting point" for finding log files, rather than look for log files exactly where I tell it, and nowhere else. That's fine. I can live with that, and adjust. However, the man page on this subject is vague, and does not make it clear that the directory specified with the "--logdir" option will be used as an alternate "root" path for logwatch, and that a directory heirarchy with the same structure as /var/log is expected. Therefore, can we change this to a documentation bug, and get the man page written more clearly? |
Description of problem: According to the man page for logwatch the "--logdir" option is supposed to tell logwatch where to look for log files. In that light, please consider the following, and then see my comments at the end: [root@opus httpd]# logwatch --logfile http --mailto barry --debug 5 --logdir /var/log/ httpd/tmp export LOGWATCH_DATE_RANGE='yesterday' export LOGWATCH_TEMP_DIR='/tmp/logwatch.CQL19668/' export LOGWATCH_DEBUG='5' Preprocessing LogFile: http /var/log/httpd/tmp/log/httpd/access_log /var/log/httpd/tmp/httpd/*access_log 2>/dev/null | /etc/log.d/scripts/shared/expandrepeats ''| /etc/log.d/scripts/shared/applyhttpdate ''>/tmp/logwatch.CQL19668/http export http_fields='client_ip ident userid timestamp request http_rc bytes_transfered referrer agent' export http_format='space space space brace quote space space quote quote' export http_ignore_error_hacks='0' So you can see that I've specified the "/var/log/httpd/tmp" directory using the "--logdir" option. However, the debug display clearly shows that the script is trying to read the "/var/log/httpd/tmp/log/httpd/" directory! It would appear that the script is prepending my specified logdir to the default path that's configured in the /etc/log.d/conf/logfiles/http.conf file, rather than simply use the directory I specified. In other words, if I specify a directory using --logdir then logwatch should look in that directory for log files, and in that case the default paths should be ignored. Version-Release number of selected component (if applicable): [root@opus httpd]# ident `which logwatch` /usr/sbin/logwatch: $Id: logwatch.pl,v 1.113 2004/06/23 15:01:17 kirk Exp $ $FileName: $ How reproducible: Every time. Steps to Reproduce: 1. Copy some log files to some non-standard location 2. Run logwatch with the --logdir option to specify tht non-standard location 3. Observe that (most likely) no report will be produced. 4. Run logwatch again with debug turned on to reveal that logwatch is NOT looking in the directory specified, but has apparently used the specified directory as the relative starting point for its search for log files. Actual results: logwatch either does not produce a report, because there are no log files in the (incorrect) location where it's looking; or, it produces the wrong report because it is looking at the wrong log files. Expected results: logwatch should look in the directory I specify in order to find the log files I want it to analyze. Additional info: