Lines of Log Files referenced by Logwatch Warnings (Ubuntu Server 18.04)

Question

How do I find specific lines in Log Files that are referenced by Ubuntu Logwatch like the ones marked below... within Amavis and postfix?

Going by date I can grep all the instances of "warning" or any other words (which I have been doing), but there must be a better way to identify those specific lines without guessing.

Is there a way to make the Watchlog logfile quote the exact line from the actual system logfile below the warning or state log line number?

How do you digest your Logwatch log file?

**text of the actual line** marks those lines, it seems within a codeblock there is now way to turn things Bold (at least I couldn't find it)

################### Logwatch 7.4.3 (12/07/16) #################### 
        Processing Initiated: Tue Sep 22 06:25:23 2020
        Date Range Processed: yesterday
                              ( 2020-Sep-21 )
                              Period is day.
        Detail Level of Output: 0
        Type of Output/Format: mail / text
        Logfiles for Host: mail
 ##################################################################
--------------------- Amavisd-new Begin ------------------------
  **1   *Warning: Security risk**
  **4   Miscellaneous warnings**

    9   Total messages scanned ------------------  100.00%

212.600K  Total bytes scanned                        217,702
    ...
---------------------- Amavisd-new End ------------------------- 
    ...
 --------------------- Postfix Begin ------------------------
    2   SASL authentication failed                       2
  **1   Miscellaneous warnings                           1**


363.644K  Bytes accepted                             372,371
    ...
---------------------- Postfix End -------------------------
###################### Logwatch End #########################

Andras · Answer 1 · 2020-09-30T17:03:34.440

The solution to this problem I found, does more less exactlay what I wanted, to quote the Log Line in the LogWatch Log under the Warning.

It is achieved by simply (who would have thought :) ) raising the Detail Level of Output to 5 as you can see it in the header. That caused to have a Summary and a Detail sections. Detail section quotes the original log text in case of Warnings, or clarifies what it was about.

Tha Logwatch Log gets much much longer this way, but I'll rather put up with that in return for seeing the required information without having to dig inside the original log file. On the top of that, sections of less interest can be suppressed if needed to reduce the length of the log.

 ################### Logwatch 7.4.3 (12/07/16) #################### 
        Processing Initiated: Wed Sep 30 15:47:17 2020
        Date Range Processed: 2020/09/21
                              ( 2020-Sep-21 )
                              Period is day.
        Detail Level of Output: 5
        Type of Output/Format: mail / text
        Logfiles for Host: mail
 ################################################################## 
 --------------------- Amavisd-new Begin ------------------------
****** Summary *************************************************************************************
    1   *Warning: Security risk
    4   Miscellaneous warnings 

    9   Total messages scanned ------------------  100.00%

212.600K  Total bytes scanned                        217,702
 ========   ==================================================
    9   Passed ----------------------------------  100.00%
    9     Clean passed                             100.00%

...
****** Detail (10) *********************************************************************************
    1   *Warning: Security risk -----------------------------------------------------------------
    1      Open relay? Nonlocal recips but not originating: user@domain.com

    4   Miscellaneous warnings ------------------------------------------------------------------
    4      Use of uninitialized value in subroutine entry

   47   SMTP response 


...
======================================================================================================
---------------------- Amavisd-new End -------------------------
...
--------------------- Postfix Begin ------------------------
****** Summary *************************************************************************************
    2   SASL authentication failed                       2
    1   Miscellaneous warnings                           1


363.644K  Bytes accepted                             372,371
  277.836K  Bytes sent via SMTP                        284,504
  150.715K  Bytes sent via LMTP                        154,332
 ========   ==================================================
   17   Accepted                                    94.44%
    1   Rejected                                     5.56%


   18   Total                                      100.00%

...
****** Detail (10) *********************************************************************************
    2   SASL authentication failed --------------------------------------------------------------
    2      Login: ************

    1   Miscellaneous warnings ------------------------------------------------------------------
    1      hostname zg-0915b-242.stretchoid.com does not resolve to address 192.241.239.36: Na...

    1   5xx Reject relay denied -----------------------------------------------------------------
    1      77.43.80.224     net77-43-80-224.mclink.it

   45   Connections lost (inbound)

...
============================================================================================

Lines of Log Files referenced by Logwatch Warnings (Ubuntu Server 18.04)

1 Answers1