This guide will explain how to set up ssmtp (a simple SMTP delivery agent) for emailing logs to an email address using logwatch.

Firstly in a terminal, enter

yum install ssmtp

After the ssmtp has installed edit the configuration file with

vim /etc/ssmtp/ssmtp.conf

and edit the configuration file

#
# Config file for sSMTP sendmail
#
# The person who gets all mail for userids < 1000
# Make this empty to disable rewriting.
root=!!!insert outgoing email address here!!!

# The place where the mail goes. The actual machine name is required no
# MX records are consulted. Commonly mailhosts are named mail.domain.com
mailhub=smtp.gmail.com:587

# Where will the mail seem to come from?
rewriteDomain=!!!enter your domain name here!!!

# The full hostname
hostname=!!!insert outgoing email address here!!!

# Are users allowed to set their own From: address? Not recommended with gmail
# YES - Allow the user to specify their own From: address
# NO - Use the system generated From: address
#FromLineOverride=YES

# Username and password for Google's Gmail servers
# From addresses are settled by Mutt's rc file, so
# with this setup one can still achieve multi-user SMTP
AuthUser=!!!email user name!!!
AuthPass=!!!email password!!!

#Uncomment these settings for use with gmail
#UseTLS=YES
#UseSTARTTLS=YES
#mailhub=smtp.gmail.com:587

You can now test that ssmtp is working with

cat - | /usr/sbin/ssmtp -v <your-email-address>

enter ctrl+D to send the test message

If the message has been received we can go on and configure logwatch

 

Edit logwatch to change mailer

# vim /etc/logwatch/conf/logwatch.conf
mailer = "ssmtp -v <your-email-address>"

To test it works send the security log with

sudo logwatch --logfile secure --detail high --mailto <your-email-address> --range yesterday