Andr�s <[EMAIL PROTECTED]> wrote:
> OK, so for a newbie like me, who has the logs inside /var/log/qmail and
> qmailanalog inside /usr/local/qmailanalog, what should I execute to see the
> different addresses that I have received mails for? Or another example with
> an explanation of what it does.
>
> Just to start understanding please, an example is better than kilometers of
> theory :)
Ok, the following example assumes that the various binaries from
qmailanalog (0.70) are in your path; this isn't the default, but
it makes the command lines shorter.
If your qmail logs go through splogger and then to syslog (Dan's default
at the point qmailanalog was released) you need to strip the syslog
timestamps, and then run the results through matchup:
awk '{$1="";$2="";$3="";$4="";$5="";print}' </var/log/maillog \
| matchup \
> processed_log
You now have a preprocessed log suitable for piping through any of
the qmailanalog z* commands for stats, as follows:
For basic overall stats:
zoverall <processed_log
For info on who is sending lots of mail:
zsuids <processed_log
For who is receiving lots of mail:
zrecipients <processed_log
etc, etc.
Charles
--
----------------------------------------------------
Charles Cazabon <[EMAIL PROTECTED]>
Any opinions expressed are just that -- my opinions.
----------------------------------------------------
