9/27/2010

Maillog Analyzer

Install maillog analyzer for Postfix because it's more useful than the one from Logwatch.
[1] Set config that let Logwatch not investigate maillog first.

[root@mail ~]#
cd /usr/share/logwatch/default.conf/logfiles

[root@mail logfiles]#
mv maillog.conf maillog.conf.bk

[root@mail logfiles]#
touch maillog.conf

[root@mail logfiles]#
/usr/sbin/logwatch
// run logwatch

Make sure there is no analyzing for maillog in the email from logwatch.

[2] Install analyzer for postfix.

[root@mail ~]#
yum -y install postfix-pflogsumm

Loading "installonlyn" plugin
Loading "fastestmirror" plugin
Setting up Install Process
Setting up repositories
base
100% |=========================| 1.1 kB 00:00

updates
100% |=========================|
951 B 00:00

addons
100% |=========================|
951 B 00:00

extras
100% |=========================| 1.1 kB 00:00

Loading mirror speeds from cached hostfile
Reading repository metadata in from local files
Parsing package install arguments
Resolving Dependencies
--> Populating transaction set with selected packages. Please wait.
---> Downloading header for postfix-pflogsumm to pack into transaction set.
postfix-pflogsumm-2.3.3-2 100% |========================| 15 kB 00:00
---> Package postfix-pflogsumm.i386 2:2.3.3-2 set to be updated
--> Running transaction check
--> Processing Dependency: perl(Date::Calc) for package: postfix-pflogsumm
--> Processing Dependency: perl-Date-Calc for package: postfix-pflogsumm
--> Restarting Dependency Resolution with new changes.
--> Populating transaction set with selected packages. Please wait.
---> Downloading header for perl-Date-Calc to pack into transaction set.
perl-Date-Calc-5.4-1.2.2. 100% |=========================| 9.7 kB 00:00
---> Package perl-Date-Calc.x86_64 0:5.4-1.2.2.1 set to be updated
--> Running transaction check
--> Processing Dependency: perl(Bit::Vector) for package: perl-Date-Calc
--> Processing Dependency: perl(Carp::Clan) for package: perl-Date-Calc
--> Processing Dependency: perl-Bit-Vector >= 6.4 for package: perl-Date-Calc
--> Restarting Dependency Resolution with new changes.
--> Populating transaction set with selected packages. Please wait.
---> Downloading header for perl-Bit-Vector to pack into transaction set.
perl-Bit-Vector-6.4-2.2.2 100% |=========================| 6.9 kB 00:00
---> Package perl-Bit-Vector.x86_64 0:6.4-2.2.2.1 set to be updated
---> Downloading header for perl-Carp-Clan to pack into transaction set.
perl-Carp-Clan-5.3-1.2.1. 100% |=========================| 3.2 kB 00:00
---> Package perl-Carp-Clan.noarch 0:5.3-1.2.1 set to be updated
--> Running transaction check

Dependencies Resolved

================================================== =========
Package
Arch
Version
Repository
Size

================================================== =========
Installing:
postfix-pflogsumm
i386
2:2.3.3-2
base
49 k

Installing for dependencies:
perl-Bit-Vector
i386
6.4-2.2.2.1
base
182 k

perl-Carp-Clan
noarch
5.3-1.2.1
base
22 k

perl-Date-Calc
i386
5.4-1.2.2.1
base
271 k


Transaction Summary
================================================== =========
Install
4 Package(s)

Update
0 Package(s)

Remove
0 Package(s)


Total download size: 524 k
Downloading Packages:
(1/4): perl-Date-Calc-5.4
100% |====================| 271 kB 00:00

(2/4): perl-Bit-Vector-6.
100% |====================| 182 kB 00:00

(3/4): postfix-pflogsumm-
100% |====================|
49 kB 00:00

(4/4): perl-Carp-Clan-5.3
100% |====================|
22 kB 00:00

Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Installing: perl-Carp-Clan
################################# [1/4]


Installing: perl-Date-Calc
################################# [2/4]


Installing: perl-Bit-Vector
################################# [3/4]


Installing: postfix-pflogsumm
################################# [4/4]


Installed: postfix-pflogsumm.i386 2:2.3.3-2
Dependency Installed: perl-Bit-Vector.i386 0:6.4-2.2.2.1 perl-Carp-Clan.noarch 0:5.3-1.2.1 perl-Date-Calc.i386 0:5.4-1.2.2.1
Complete!
// display summary of yesterday's maillogs

[root@mail ~]#
perl /usr/sbin/pflogsumm -d yesterday /var/log/maillog


Postfix log summaries for May 21

Grand Totals
------------
messages


2 received


2 delivered


0 forwarded


0 deferred


0 bounced


2 rejected (50%)


0 reject warnings


0 held


0 discarded (0%)



14379 bytes received


14379 bytes delivered


1 senders


1 sending hosts/domains


2 recipients


1 recipient hosts/domains


Per-Hour Traffic Summary

time
received
delivered
deferred
bounced
rejected


-------------------------------------------------------------------------------------------


0000-0100
0
0
0
0
0


0100-0200
0
0
0
0
0


0200-0300
0
0
0
0
0


0300-0400
0
0
0
0
0


0400-0500
0
0
0
0
0


0500-0600
2
2
0
0
0


0600-0700
0
0
0
0
0


0700-0800
0
0
0
0
0


0800-0900
0
0
0
0
0


0900-1000
0
0
0
0
1


1000-1100
0
0
0
0
0


1100-1200
0
0
0
0
0


1200-1300
0
0
0
0
0


1300-1400
0
0
0
0
0


1400-1500
0
0
0
0
0


1500-1600
0
0
0
0
0


1600-1700
0
0
0
0
1


1700-1800
0
0
0
0
0


1800-1900
0
0
0
0
0


1900-2000
0
0
0
0
0


2000-2100
0
0
0
0
0


2100-2200
0
0
0
0
0


2200-2300
0
0
0
0
0


2300-2400
0
0
0
0
0


Host/Domain Summary: Message Delivery

sent cnt
bytes
defers
avg dly
max dly
host/domain


--------
-------
-------
-------
-------
-----------


2
14379
0
2.1 s
4.1 s
server-linux.info


Host/Domain Summary: Messages Received

msg cnt
bytes
host/domain


--------
-------
-----------


2
14379
server-linux.info


Senders by message count
------------------------

2 root@server-linux.info


Recipients by message count
---------------------------

1 cent@server-linux.info


1 root@server-linux.info


Senders by message size
-----------------------

14379 root@server-linux.info


Recipients by message size
--------------------------

7214 cent@server-linux.info


7165 root@server-linux.info


message deferral detail: none

message bounce detail (by relay): none

message reject detail
---------------------
RCPT

Recipient address rejected: Access denied (total: 2)


1 all9988@gmail.com


1 candy59839@yahoo.com.tw


message reject warning detail: none

message hold detail: none

message discard detail: none

smtp delivery failures: none

Warnings: none

Fatal Errors: none

Panics: none

Master daemon messages: none

[root@mail ~]#
crontab -e


// send summary of maillog at AM 1:00 everyday to root

00 01 * * * perl /usr/sbin/pflogsumm -e -d yesterday /var/log/maillog | mail -s 'Logwatch for Postfix' root
vào lúc 2:06 PM

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)