On Tue, 2002-10-15 at 12:33, Stewart, John wrote:
>
> > A few days ago, someone mentioned graphing stats from
> > spamassassin using
> > MRTG and others. Well, I got that working, and it's pretty slick.
>
> Care to share the recipe for this? I didn't see anything in the SAtalk
> archive...
>
> 'twould be excellent to show a graph to management so they can actually
> *see* it working. =)
To see it working, you can point your web browser at:
http://gateway1.oc.edu/mrtg/spam.html .
I've attached 3 scripts:
mrtg.cfg is part of the mrtg configuration file. I have mrtg run as a
cron job every 5 minutes.
mrtgspam is a shell script that is called from mrtg.conf. It returns
the required numbers for mrtg.
glmrtg.pl is a perl script that I think was posted a few days ago on
this list. It ran okay, except for a problem that I had with str2time,
but I think I fixed it.
Jeremy
#!/usr/bin/perl
#----------------------------------------------------------------------------#
#glmrtg - Grab Logs from syslog files for MRTG
#Copyright (C) 2002 Chadwick L. Sorrell ([EMAIL PROTECTED])
#
#This program is free software; you can redistribute it and/or
#modify it under the terms of the GNU General Public License
#as published by the Free Software Foundation; either version 2
#of the License, or (at your option) any later version.
#
#This program is distributed in the hope that it will be useful,
#but WITHOUT ANY WARRANTY; without even the implied warranty of
#MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
#GNU General Public License for more details.
#
#You should have received a copy of the GNU General Public License
#along with this program; if not, write to the Free Software
#Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#----------------------------------------------------------------------------#
#
#Version: 0.3
#
#
#Based on which facility you use in syslog and what interval you have set in mrtg
#you might need to modify the default variables $interval and $facility
#
#Syntax: glmrtg logfile 'unique phrase' [interval]
#
#Example: glmrtg /var/log/maillog 'sendmail'
# -This would give you the number of messages sendmail sent/received during the last 5 minutes.
#
#MRTG Example:
#...
#Target[spam]: `perl glmrtg.pl /var/log/maillog identified && perl glmrtg.pl /var/log/maillog clean`
#...
#
use Date::Parse;
use POSIX qw(strftime);
# Default interval is 5 minutes #
$interval = 300;
# Default facility in syslog #
$facility = "spamd";
# Initialize start time and end time #
$edate = time();
# If specified via commandline change the default interval #
if($ARGV[2])
{
$interval = $ARGV[2];
}
$sdate = $edate - $interval;
$count=0;
# End Initialize #
# Narrow the grep to just the recent and current hour. #
if($interval < 3600)
{
$pg1 = strftime '%H', localtime $sdate;
$pg2 = strftime '%H', localtime ($sdate - 3600);
$grep_add = "| grep -E '( $pg2| $pg1)'";
}
# Generate the filtered log #
#print "grep '$ARGV[1]' $ARGV[0] $grep_add > spamd.ml\n";
system("grep '$ARGV[1]' $ARGV[0] $grep_add > spamd.ml");
#
# Iterate through the file and if the line is between the start and end time increment the count #
open(GDATA, "<spamd.ml") or die "couldn't open spamd.ml for reading\n";
while($line = <GDATA>)
{
# $line = $_;;
$line =~ s/$facility (.*)$//;
# print "$line\n";
$curtime = str2time(substr("$line",0,15));
# print "curtime - $curtime\n";
# print "sdate - $sdate\n";
# print "edate - $edate\n";
# print "if (curtime >= sdate && curtime < edate)\n";
if($curtime >= $sdate && $curtime < $edate)
{
$count++;
}
}
close(GDATA);
# Print total #
print "$count\n";
######################################################################
# Multi Router Traffic Grapher -- Sample Configuration File
######################################################################
# This file is for use with mrtg-2.5.4c
# Global configuration
WorkDir: /var/www/mrtg
WriteExpires: Yes
#Title[^]: Traffic Analysis for
# 128K leased line
# ----------------
#Title[leased]: a 128K leased line
#PageTop[leased]: <H1>Our 128K link to the outside world</H1>
#Target[leased]: 1:[EMAIL PROTECTED]
#MaxBytes[leased]: 16000
Target[spam]: `/usr/local/bin/mrtgspam`
Options[spam]: nopercent,growright,gauge,noinfo
Title[spam]: Spam Found
PageTop[spam]: <font face=verdana size=2><B>SPAM Messages Found</B></font><br><font
face=arial size=1>
MaxBytes[spam]: 100
YLegend[spam]: Messages
ShortLegend[spam]: msgs
LegendI[spam]: Messages
LegendO[spam]:
Legend1[spam]: Number of Messages
Legend3[spam]: Max Number of Messages
WithPeak[spam]: ymwd
Target[mail]: `/usr/local/bin/mrtgexim`
Options[mail]: nopercent,growright,gauge,noinfo
Title[mail]: Internet Email Processed
PageTop[mail]: <font face=verdana size=2><B>Total Internet Emails
Routed</B></font><br><font face=arial size=1>
MaxBytes[mail]: 100
YLegend[mail]: Messages
ShortLegend[mail]: msgs
LegendI[mail]: Messages
LegendO[mail]:
Legend1[mail]: Number of Messages
Legend3[mail]: Max Number of Messages
WithPeak[mail]: ymwd
#!/bin/sh
perl /usr/local/bin/glmrtg.pl /var/log/mail.log identified
perl /usr/local/bin/glmrtg.pl /var/log/mail.log clean
echo "Spam Count"
echo "unused"
