|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: mouss (mouss
netoyen.net)
Date: Fri Jul 04 2008 - 14:19:09 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
MrC wrote:
> mouss wrote:
>
>> Rocco Scappatura wrote:
>>
>>>>> I would like to get a report from pflogsum that summarize only
>>>>>
>>>>>
>>>> statistic
>>>>
>>>>
>>>>> for the domain 'domain.tld' and all its subdomains.
>>>>>
>
>
>> Try something like:
>>
>> egrep "(from|to)=<[^>]+example\.com>" /var/log/maillog | \
>> awk '{print $6}' | \
>> sed 's/:$//' | \
>> grep -f - /var/log/maillog | \
>> pflogsumm
>>
>>
>
> This is useful. It of course cannot pick up various access actions,
> warning/fatals/panics or work with --smtpd_stats. But the most
> problematic, is that it unfortunately does pickup every reject in the
> log (due to qid "NOQUEUE" ) if the user's domain had a single reject.
>
I indeed missed the NOQUEUE case (I did the tests with postfix.org,
which of course has no NOQUEUE!). The following is a little better
egrep "(from|to)=<[^>]+example\.com>" /var/log/maillog | \
awk '{print $6}' | \
sed 's/:$//' | \
grep -v NOQUEUE:
grep -f - /var/log/maillog | \
pflogsumm
catching rejected connections is easier with perl (at least for me).
Otherwise, it's hard to get one "connect from" for each NOQUEUE.
> Ah the travails of logging...
>
Indeed.
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]