Monitoring systemd / journald like logwatch

Osiris · 2024-01-08 09:18:37

Hello,

for my home-server I am looking for an approach to monitor the logs, more or less like the venerable logwatch. To my great surprise, I found no real replacement for it that works together with journald. Some solution approaches:

- Use the OnFailure field in the unit file to trigger a unit that sends a mail or alike -> only triggers on unit failure, manual configuration for each unit.
- check_systemd is a part of nagios and has potentially heave dependencies. Also integration in non-nagios environment is a question. Anyone has experience with it?
- https://github.com/kylemanna/systemd-utils is a dormant project that has some approach to it, but seems incomplete to me (notification only via mail, not many filtering options).
- Other approaches involve prometheus, grafana and alert plugins.

How do you handle that?

What I envision:
- Filter by unit, severity, grep, ...
- Notify via mail, telegram, slack, MS teams, ...
- Include log output in the notification

Best Regards and happy new year!

seth · 2024-01-09 08:36:37

Logwatch can use journalctl as feed?
https://unix.stackexchange.com/question … d-journald
https://sourceforge.net/p/logwatch/bugs/114/

You can then use the journactl filters for severity and grep (next to the unit)

Arch Linux

#1 2024-01-08 09:18:37

Monitoring systemd / journald like logwatch

#2 2024-01-09 08:36:37

Re: Monitoring systemd / journald like logwatch

Board footer