Log Scanning

Log Scanning is beneficial for troubleshooting service errors and searching malicious activity

Logwatch is an excellent tool to achieve the above objective. One can refer this link to learn the same.

auditd is the daemon that has to be installed to achieve the same. One can refer this link to learn more. aureport is used for generation of report and ausearch is used for searching within the logs collected by auditd. auditctl is used for configuring log collection rules

Note: Please check the locale using command date '+%x' and then pass it to ausearch with start and end dates as:

ausearch -ts <locale-date-format> -te <locale-date-format>