Colorfull QMail Logging
From Qmailtoaster
Info from AM (agmsoft@gmail.com) to displaying your Qmail log in color
Add this line on your /etc/multitail.conf, if not exist create it.
# QMT COLORS # QMT: clamd colorscheme:clamd cs_re:blue:^....-..-.. ..:..:.. cs_re:magenta:: cs_re:green:/var/qmail/simscan/.*(: OK) cs_re:red:/var/qmail/simscan/.*(: [^ ]* FOUND) cs_re:yellow:/var/qmail/simscan/.*( ERROR) # # QMT: qmail-smtp colorscheme:qmail-smtp cs_re:cyan:: cs_re:blue:^....-..-.. ..:..:.. cs_re:magenta,,bold:<= cs_re:magenta,,bold:=> cs_re:green,,bold:=> *[^ ]* cs_re:green:<= *[^ ]* cs_re:green,,bold:=> *[^ ]* <[^>]*> cs_re:green:<= *[^ ]* <[^>]*> cs_re:yellow:H=[^ ]* cs_re:red:verify failed for SMTP recipient.* cs_re:red: *[^ ]* \[[0-9\.:]*\]: Connection refused cs_re_val_bigger:magenta,,bold:5:'('(-|)([0-9]|)([0-9]).([0-9]|)([0-9])'/'11.00')' cs_re:red,,bold: *[^ ]*SPAM REJECT ([^ ]*).* cs_re:red,,bold: *[^ ]*:VIRUS:.* cs_re:red,,bold: *[^ ]*:ATTACH:.* cs_re:red,,bold: *[^ ]*policy_check: policy_load failed cs_re:white,,bold: *[^ ]*RELAYCLIENT:([^ ]*).* cs_re:white,,bold: *[^ ]*CLEAN ([^ ]*).* cs_re:white,,bold: *[^ ]*policy_check: policy allows([^ ]*).* cs_re:yellow: *[^ ]*CHKUSER rejected rcpt: ([^ ]*).* cs_re:yellow,,bold: *[^ ]*policy_check: policy forbid([^ ]*).* cs_re:magenta,,bold:rblsmtpd: ([0-9\.]*) cs_re:magenta,,bold:qmail-smtpd.* cs_re:magenta,,bold:spf-reject.* cs_re:magenta: *[^ ]*CHKUSER rejected intrusion: ([^ ]*).* cs_re:magenta: *[^ ]*CHKUSER rejected relaying: ([^ ]*).* # # QMT: qmail-send colorscheme:qmail-send cs_re:cyan:: cs_re:blue:^....-..-.. ..:..:.. cs_re:white,,bold:delivery *[^ ]*: success:.* cs_re:red,,bold:delivery *[^ ]*: failure:.* cs_re:yellow,,bold:delivery *[^ ]*: deferral:.* # # QMT: SpamAssassin colorscheme:qmtspamassassin cs_re:magenta:: cs_re:blue:^....-..-.. ..:..:.. cs_re:yellow:autolearn=failed cs_re:red,,blink:server killed by [^,]*, shutting down cs_re_s:yellow,,bold:identified spam ([^ ]*) for ([^ ]*) in ([^ ]*) seconds, ([^ ]*) bytes. cs_re_s:cyan,,bold:clean message ([^ ]*) for ([^ ]*) in ([^ ]*) seconds, ([^ ]*) bytes. cs_re:yellow:identified spam [^ ]* for [^ ]* in [^ ]* seconds, [^ ]* bytes. cs_re_s:yellow,,bold:result: Y ([^ ]*) .* cs_re_s:green,,bold:server successfully spawned child process, pid (.*) cs_re:green:server successfully spawned child process, pid cs_re:white,,bold:processing message.* # # QMT: sophie colorscheme:sophie cs_re:cyan:: cs_re:blue:^....-..-.. ..:..:.. cs_re:white,,bold:NOTICE *[^ ]*:.* cs_re:red,,bold:Virus present.* cs_re:red,,bold:WARNING *[^ ]*: Scan result =.* cs_re:yellow,,bold:WARNING *[^ ]*: error:.*
and this is how I call multitail: (or you can create a bash script with below code in it)
Using tail:
multitail -Z red,black,inverse -T -S -x "%m %u@%h %f (%t) [%l]" \ -m 0 -n 49 -cS qmail-send -l "tail -F -q -c 512000 /var/log/qmail/send/current | tai64nlocal" \ -m 0 -n 49 -cS qmail-smtp -em "policy_check" -em "CHKUSER" -em "simscan" -em "rblsmtpd:" -em "qmail-smtpd: qq hard reject" -l "tail -F -q -c 1048000 /var/log/qmail/smtp/current | tai64nlocal" \ -m 0 -n 49 -cS qmail-smtp -em "policy_check" -em "CHKUSER" -em "simscan" -em "rblsmtpd:" -em "qmail-smtpd: qq hard reject" -l "tail -F -q -c 1048000 /var/log/qmail/submission/current | tai64nlocal" \ -m 0 -n 49 -cS qmtspamassassin -ev "prefork" -ev "(connection from localhost)" -l "tail -F -q -c 512000 /var/log/qmail/spamd/current | tai64nlocal" \ -m 0 -n 49 -cS clamd -l "tail -F -q -c 512000 /var/log/qmail/clamd/current | tai64nlocal" \ -m 0 -n 49 -cS sophie -l "tail -F -q -c 512000 /var/log/qmail/sophie/current | tai64nlocal"
Using qmlog (you must have QTP installed)
multitail -Z red,black,inverse -T -S -x "%m %u@%h %f (%t) [%l]" \ -m 0 -n 49 -cS qmail-send -l "qmlog -f send" \ -m 0 -n 49 -cS qmail-smtp -em "policy_check" -em "CHKUSER" -em "simscan" -em "rblsmtpd:" -em "qmail-smtpd: " -l "qmlog -f smtp" \ -m 0 -n 49 -cS qmail-smtp -em "policy_check" -em "CHKUSER" -em "simscan" -em "rblsmtpd:" -em "qmail-smtpd: " -em "spf-reject" -l "qmlog -f submission" \ -m 0 -n 49 -cS qmtspamassassin -ev "prefork" -ev "(connection from localhost)" -l "qmlog -f spamd" \ -m 0 -n 49 -cS clamd -l "qmlog -f clamd" \ -m 0 -n 49 -cS sophie -l "qmlog -f sophie"
A simple script to display smtpd and spamd
multitail -s 2 -M 5000 -Z red,black,inverse -T -S -x "%m %u@%h %f (%t) [%l]" \ -m 0 -n 49 -cS qmail-smtp -em "policy_check" -em "CHKUSER" -em "simscan" -em "rblsmtpd:" -em "qmail-smtpd: " -l "qmlog -f smtp" \ -m 0 -n 49 -cS qmtspamassassin -ev "prefork" -ev "(connection from localhost)" -l "qmlog -f spamd"