On Thu, Jan 12, 2017 at 04:51:22PM -0700, James Reynolds wrote: > So I've been working on this script for about a year or so. I know > about pflogsumm but it is pretty inaccurate for my logs. > > https://github.com/magnusviri/postfix_log_parse > > I've probably made most of the changes I'm going to for awhile (other > projects are calling my attention) so I wanted to put it up to see if > it's useful to anyone else.
I'll give it a try. And do you take patches? ;-) Groeten Geert Stappers -- Leven en laten leven
>From e8977283e801e9e19ab3729fe467b0062ef5f788 Mon Sep 17 00:00:00 2001 From: Geert Stappers <stapp...@nero.gpm.stappers.nl> Date: Fri, 13 Jan 2017 06:32:25 +0100 Subject: [PATCH] README.md: typo fix --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 14aad58..57b6d07 100644 --- a/README.md +++ b/README.md @@ -6,7 +6,7 @@ It's a work in progress full of lots of debugging code and other messes, includi The first major thing this script does is group log lines by related message id's. So if a message is queued or forwarded then those are all grouped together. The script also attempts to link log lines that don't have id's by the pid of various processes. Not sure if this is very accurate, but it's better than nothing. -Seciond, this script divides the emails into those sent by local users, those sent to local users, and undelivered email (disconnects, rejects, discards, etc). It shows statistics relevant to each group. For example, it shows where authenticated users are logging in from, and what IP's are trying to brute force into user accounts. It breaks down email sent to local users by domains so that some reasonable tld blocking can be added. +Second, this script divides the emails into those sent by local users, those sent to local users, and undelivered email (disconnects, rejects, discards, etc). It shows statistics relevant to each group. For example, it shows where authenticated users are logging in from, and what IP's are trying to brute force into user accounts. It breaks down email sent to local users by domains so that some reasonable tld blocking can be added. Edit these 2 lines to make it work better for you. -- 2.0.0
