On 2014-09-18 15:33, li...@rhsoft.net wrote:
Am 18.09.2014 um 16:18 schrieb James Bailey:
On 2014-09-18 14:52, li...@rhsoft.net wrote:
Am 18.09.2014 um 15:23 schrieb James Bailey:
On 2014-09-18 13:42, li...@rhsoft.net wrote:
Am 18.09.2014 um 14:36 schrieb James Bailey:
I have postfix logging certain X-headers but they are entered as a separate line under postfix/cleanup. Is it possible to log X-header info to
the postfix/smtp lines?

smtp_header_checks = outgoing = smtpd
header_checks = incoming = cleanup

you can even log the same header twice to see the
difference of incoming and outgoing in case spamd
adds a spam-mark to the subject

but keep in mind "smtp_header_checks" will only contain
the ID and the header itself while "header_checks" also
conatin From, To, Helo

anyways, it will unconditional result in a separated line

This has worked thank you but I am still struggling to get the X-header into the same line of the log as the response codes. I really want to be able to track X-header and response codes on the same line

no way - different parts of code responsible for the loglines
even if one could manage - i saw logfile-analyzers breaking in so many ways

frankly you need to point them to a seperate logfile if you don't want
"logwatch" flooded each day

Log flooding isn't a problem running a multi node ELK cluster in Rackspace cloud that I can auto scale at will.
Logs will be kept for around 1-3 months then purged

you did not understand what i wrote above

Hello,

I am sorry I am not sure you understood what I wrote, Logwatch which I have used in the past just doesn't scale and isn't realtime. My client needs to know on a per campaign basis, what is good, what is bad. I need to know in realtime, throughput performance and load per smtpd server and the system as a whole. I need to know in realtime if Hotmail or Gmail are throttling all or some of the servers and I need to respond to that quickly and politely or my clients reputation suffers.

I use Logstash Elasticsearch and Kibana and send all my logs to a single location (cluster) I also log collectd, statsd, syslog as well as any application and web logs all to the same place. if something can write to a log or talk to a websocket I can capture it, index it and display it in near realtime.

Kibana allows me and with some training non technical parts of the business to query those logs and create meaningful visualisations. In this case my client is a email marketing company with double opt-in lists and are interested in deliveries, defers and bounces on a per campaign basis. My last 3 years have been spent in VOD and IPTV completely different log content but the same solution.

Apache and Nginx and log4j give you much greater control over the format and content of your logs, I was hoping Postfix could offer the same.

Regards Jim

Reply via email to