vincenzobar
Verified User
- Joined
- Aug 15, 2004
- Messages
- 92
Well i did it!!!! it took for ever to learn since i am not a programmer at heart! But i did it!
What you do is in vi or favorite text editor paste this:
NEW CODE - last code only showed clean email that passed through - oops, this shows both identified and clean gives a count opf each and then totals it up to show how much email you recieved! plus sessions and imapd sessions!
chmod it
and run it
What this does is goes through the mail log and find all mail that has been cleaned and prints it to a file with its scores and at the bottom it does a total count. I also added how many vm-pop3 sessions i had which isn't an exact science yet its just vm-pop3 divided by 2 for open close sessions and the same with imapd.
I have no idea what imapd is and i wanted to see how many times it hit so i added it.
my results were:
its yours for the taking as a starter file to tweak to yur specs!!! this is going to make life so much easier when i want to page through my logs. Im going to do a few for various logs!
later!
What you do is in vi or favorite text editor paste this:
NEW CODE - last code only showed clean email that passed through - oops, this shows both identified and clean gives a count opf each and then totals it up to show how much email you recieved! plus sessions and imapd sessions!
Code:
##########################################
#mail_log_filter.awk
# Created by: Vincenzo S Barranca, Underwater Design, LLC
# 8/24/2004
# insert GNU stuff here
##########################################
BEGIN { printf("spam \t Rate\n") } # writes header
/clean/ {email++} # searches file for "clean"
/vm-pop3/ {sessions++} # searches file for pop3 sessions
/identified/ {spam++} # searches file for "identified"
/imapd/ {imapd++} # searches file for (take a guess) yep "imapd"
(($6 == "clean")) || ($6 == "identified") {field = 6 # this searches column 6 for clean and identified
while(field <= 8 ) # now while it is searching it is getting column 8
{
printf("%s\t", $field ) # this says " print it as a string with a TAB between fields (columns)
field += 2 #repeat
}
print "" # print string here
}
# END is where we get the rest of what we want to show from the variables we set in the BEGIN statement
# we assign values to the variables above here and print them to screan or file!
END {totalclean=email; # gets total clean email
printf ("Number of clean mail = %3d \n", totalclean); # prints to file total
totalspam=spam; # gets spammed emails
printf ("Number of emails considered spam = %3d \n",totalspam);
totalmail = totalclean + totalspam; #gets all emails recieved
printf ("Total email recieved = %3d \n", totalmail);
totalsessions=sessions / 2; # gets total email sessions
printf ("number of sessions = %5d \n", totalsessions)
totalimapd=imapd / 2; # gets imapd sessions
printf ("total imapd connections = %5d \n", totalimapd)
}
Code:
chmod +x filename.awk
Code:
gawk -f filename.awk maillog > results
What this does is goes through the mail log and find all mail that has been cleaned and prints it to a file with its scores and at the bottom it does a total count. I also added how many vm-pop3 sessions i had which isn't an exact science yet its just vm-pop3 divided by 2 for open close sessions and the same with imapd.
I have no idea what imapd is and i wanted to see how many times it hit so i added it.
my results were:
Code:
spam Rate
clean (4.1/5.0)
clean (0.7/5.0)
identified (6.6/5.0)
clean (1.1/5.0)
clean (0.8/5.0)
clean (4.3/5.0)
clean (1.6/5.0)
clean (0.6/5.0)
identified (6.6/5.0)
identified (8.7/5.0)
clean (0.3/5.0)
clean (3.7/5.0)
clean (0.5/5.0)
clean (2.4/5.0)
clean (2.0/5.0)
identified (6.6/5.0)
etc ... (save space -you get the idea))
Number of clean mail = 61
Number of emails considered spam = 30
Total email recieved = 91
number of sessions = 4349
total imapd connections = 487
its yours for the taking as a starter file to tweak to yur specs!!! this is going to make life so much easier when i want to page through my logs. Im going to do a few for various logs!
later!
Last edited: