[CentOS] CentOS-6 - LogWatch

Wed Sep 16 02:38:37 UTC 2015
Always Learning <centos at u64.u22.net>

On Tue, 2015-09-15 at 10:28 -0400, James B. Byrne wrote:


> Does anyone know of a current Logwatch script for cyrus-imapd? And
> where it can be obtained?

Tampering with an existing Logwatch script may seem daunting but, as I
have no Perl skills, it was relative easy to produced a more useful
display. Note the amended script should be placed
in /etc/logwatch/scripts/services/your-choice-of-file-name

(1)  If your cyrus-imap is similar to the Exim script, there are 2 main
parts:-

(a)  identifying the information and accumulating it; and

(b)  printing the data.


(2)  In the standard Exim script I located lines like:-

> elsif ( $ThisLine =~ /[Rr]ecipient verify fail/)
{$RecipVerify{$ThisLine}++;}

> elsif ( $ThisLine =~ /[Ss]ender verify fail/ )
{$SendVerify{$ThisLine}++;}

and inserted my own tests like these (I was testing on error messages I
created which were prefixed with a self-chosen code)

--------------------
elsif ($ThisLine =~ /A02\]/)
    { $a02++;
      $temp1 = substr($ThisLine,0,20).": ";    # date

      $temp2 = index($ThisLine," H=");         # sender's host
      $temp2+= 3;
      $temp2 = substr($ThisLine,$temp2);

      $temp3 = index($temp2,":");
      $temp1 = $temp1 . substr($temp2,0,$temp3);

      @a02   = (@a02, $temp1."\n");
      $temp1 = '';
      $temp2 = '';
      $temp3 = '';
    }
--------------------

The Perl seems similar to PHP. $a = a variable; @a = an array

The second main part prints the data. In the original Exim script it
looks like this


> if ( %SmtpConnection ) {
>          print "\n--- SMTP Connection Issues \n";
>          foreach $ThisOne (keys %SmtpConnection) {
>             $bb = $SmtpConnection{$ThisOne};
>             print "  $ThisOne: $bb Time(s)\n";
>          }
>       }

My inserted coding is this ...

if(@c01) {print "\n--- C01 : Spam rejected = $c01\n @c01";}
if(@c02) {print "\n--- C02 : Senders denied = $c02\n";}

The first line prints a heading and a total, new line and then lists the
examples. The second line prints only a heading and a total.

If your script is similar to the standard Exim script then it should be
possible to, using the log file for guidance, to construct your own
script.

You can ignore unwanted log file lines by testing like this ...

> elsif ($ThisLine =~ /xxxxxxx/) {}


-- 
Regards,

Paul.
England, EU.      England's place is in the European Union.