Re: [SAtalk] daily / weekly reports

Tim Litwiller Tue, 16 Dec 2003 23:14:05 -0800

Jens, Thanks for this handy piece of code.

Jens Madsen wrote:

Hack away,



------------------------------------------------------------------------------------------------------------------------------

cat Report_spam.pl #!/usr/bin/perl -w #-********************************************************************************

# # File Name: Report_spam.pl # Author: Jens Madsen # # Revision history: # 2003/12/14 Jens Madsen # Initial Revision # # Description: # This program parses the file provided by the first passed argument and # generates a report by user and site. The file is typically the maillog # file. This was designed for a Linux RH 9 environment. Use at your own risk. #. # # #+********************************************************************************

use English; use strict; # # File definitions # my ($mlfile) = $ARGV[0]; # # Open mail log and process spamd messages # open (MAILLOG, "$mlfile") || die "Cant open $mlfile"; my (@maillogText) = <MAILLOG>; close (MAILLOG); my ($mailitem); my (%spamUserSummary,%spamSummary, %spamTable); $spamSummary{'spam.count'} = 0; $spamSummary{'clean.count'} = 0; $spamSummary{'spam.size'} = 0; $spamSummary{'clean.size'} = 0; $spamSummary{'spam.time'} = 0; $spamSummary{'clean.time'} = 0; my ($pid, $loginout, $user, $host, $ip, $time, $messageid); foreach $mailitem (@maillogText) { chomp $mailitem; if (my($conntime, $connpid) = ($mailitem =~ /^ (\w{3} \s+ \d{1,2} \s \d\d:\d\d:\d\d ) \s+ \w+ \s+ spamd \[ (\d+) \] : \s+ connection \s+ /xi)) { #$spamTable{$connpid}{'conntime'} = $conntime; #print "spamd connection: $conntime $spamTable{$connpid}{'conntime'} $connpid \$ mailitem\n"; } elsif (my($infotime, $infopid) = ($mailitem =~ /^ (\w{3} \s+ \d{1,2} \s \d\d:\d\d:\d\d ) \s+ \w+ \s+ spamd \[ (\d+) \] : \s+ info:\s+ /xi)) { $spamTable{$infopid}{'conntime'} = $infotime; #print "spamd info: $mailitem\n"; } elsif (my($procpid, $procmessageid, $procuser) = ($mailitem =~ /spamd \[ (\d+) \] : \s+ processing \s message \s+ (\S+) \s+ for (\s+) /xi)) { $spamTable{$procpid}{'messageid'} = $procmessageid; $spamTable{$procpid}{'procuser'} = $procuser;

#print "spamd processing: $mailitem\n"; } elsif (my($spampid, $spamtype, $spamstats, $spamuser, $spamtime, $spamsize) = ($mailitem =~ /spamd \[ (\d+) \] : \s+ (identified \s spam|clean \s message) \s+ ($[^)]*$) \s+ for \s+ (\S+) \s+ in \s+ (\S+) \s+ seconds, \s+ (\S+) /xi)) { # print "Time: $spamTable{$spampid}{'conntime'}\n"; my $spam; my ($user, $uid) = split (/:/, $spamuser); if ($spamtype =~/spam/x) { $spam = "spam"; } else { $spam = "clean"; } if (!exists ($spamUserSummary{$user})) { $spamUserSummary{$user}{'spam.count'} = 0; $spamUserSummary{$user}{'clean.count'} = 0; $spamUserSummary{$user}{'spam.size'} = 0; $spamUserSummary{$user}{'clean.size'} = 0; $spamUserSummary{$user}{'spam.time'} = 0; $spamUserSummary{$user}{'clean.time'} = 0; } $spamUserSummary{$user}{"$spam.count"}++; $spamUserSummary{$user}{"$spam.size"} = $spamUserSummary{$user}{"$spam.size"} + $spamsize; $spamUserSummary{$user}{"$spam.time"} = $spamUserSummary{$user}{"$spam.time"} + $spamtime;

$spamSummary{"$spam.count"}++; $spamSummary{"$spam.size"} = $spamSummary{"$spam.size"} + $spamsize; $spamSummary{"$spam.time"} = $spamSummary{"$spam.time"} + $spamtime;

} else { } } print "\n\nSpam Summary by User\n"; print " Spam Clean\n"; print "User Count Size Time Count Size Time Percent\n"; foreach $user (sort(keys(%spamUserSummary))) { my $percent = $spamUserSummary{$user}{'spam.count'} * 100.0 / ($spamUserSummary{$user}{'spam.count'} + $spamUserSummary{$user}{'clean.count'}); printf "%-8s %4d %9d %7.1f %4d %9d %7.1f %5.1f\n", $user, $spamUserSummary{$user}{'spam.count'}, $spamUserSummary{$user}{'spam.size'}, $spamUserSummary{$user}{'spam.time'}, $spamUserSummary{$user}{'clean.count'}, $spamUserSummary{$user}{'clean.size'}, $spamUserSummary{$user}{'clean.time'}, $percent; } print "\n\nSpam Summary\n"; print " Spam Clean\n"; print " Count Size Time Count Size Time Percent\n"; my $percent = $spamSummary{'spam.count'} * 100.0 / ($spamSummary{'spam.count'} + $spamSummary{'clean.count'}); printf " %4d %9d %7.1f %4d %9d %7.1f %5.1f\n\n", $spamSummary{'spam.count'}, $spamSummary{'spam.size'}, $spamSummary{'spam.time'}, $spamSummary{'clean.count'}, $spamSummary{'clean.size'}, $spamSummary{'clean.time'}, $percent;

_________________________________________________________________ Tired of slow downloads and busy signals? Get a high-speed Internet connection! Comparison-shop your local high-speed providers here. https://broadband.msn.com
-------------------------------------------------------
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click
_______________________________________________
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk


-------------------------------------------------------
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click
_______________________________________________
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] daily / weekly reports

Reply via email to