Am 2015-05-08 15:38, schrieb Tom Johnson:
Beside the classic pflogsumm interface my goal for the project is to
be able
to output log data to ElasticSearch and counters to graphit.
That would enable live pflogsum, interactive and in color ;-)
Have you considered integrating amavisd-new log processing as well?
Consolidating all the logging info so that any given email can be
located via Elastic Search would be quite useful. I've considered
doing something like this using fluentd or some other log-collection
system to gather data from multiple mailservers, but haven't had time
to actually implement anything like this myself.
Amavis is able to output JSON structured logging. I wrote a blog post
about this some time ago:
https://markusbenning.de/blog/?p=10
I also posted a patch to the amavis list for a filtered JSON output
since the
default json logging is very verbose and storing things like subject may
not be
allowed for everyone:
http://lists.amavis.org/pipermail/amavis-users/2014-December/003371.html
It will be easy to read this JSON and to forward it into elasticsearch
together with
the postfix logs.
Markus
--
Markus Benning, https://markusbenning.de/
