QmailtoasterMain Page | About | Help | FAQ | Special pages | Log in

Printable version | Disclaimers | Privacy policy

Colorfull QMail Logging

From Qmailtoaster

Info from AM (agmsoft@gmail.com) to displaying your Qmail log in color

Add this line on your /etc/multitail.conf, if not exist create it.

# QMT COLORS
# QMT: clamd
colorscheme:clamd
cs_re:blue:^....-..-.. ..:..:..
cs_re:magenta::
cs_re:green:/var/qmail/simscan/.*(: OK)
cs_re:red:/var/qmail/simscan/.*(: [^ ]* FOUND)
cs_re:yellow:/var/qmail/simscan/.*( ERROR)
#
# QMT: qmail-smtp
colorscheme:qmail-smtp
cs_re:cyan::
cs_re:blue:^....-..-.. ..:..:..
cs_re:magenta,,bold:<=
cs_re:magenta,,bold:=>
cs_re:green,,bold:=> *[^ ]*
cs_re:green:<= *[^ ]*
cs_re:green,,bold:=> *[^ ]* <[^>]*>
cs_re:green:<= *[^ ]* <[^>]*>
cs_re:yellow:H=[^ ]*
cs_re:red:verify failed for SMTP recipient.*
cs_re:red: *[^ ]* \[[0-9\.:]*\]: Connection refused
cs_re_val_bigger:magenta,,bold:5:'('(-|)([0-9]|)([0-9]).([0-9]|)([0-9])'/'11.00')'
cs_re:red,,bold: *[^ ]*SPAM REJECT ([^ ]*).*
cs_re:red,,bold: *[^ ]*:VIRUS:.*
cs_re:red,,bold: *[^ ]*:ATTACH:.*
cs_re:red,,bold: *[^ ]*policy_check: policy_load failed
cs_re:white,,bold: *[^ ]*RELAYCLIENT:([^ ]*).*
cs_re:white,,bold: *[^ ]*CLEAN ([^ ]*).*
cs_re:white,,bold: *[^ ]*policy_check: policy allows([^ ]*).*
cs_re:yellow: *[^ ]*CHKUSER rejected rcpt: ([^ ]*).*
cs_re:yellow,,bold: *[^ ]*policy_check: policy forbid([^ ]*).*
cs_re:magenta,,bold:rblsmtpd: ([0-9\.]*)
cs_re:magenta,,bold:qmail-smtpd.*
cs_re:magenta,,bold:spf-reject.*
cs_re:magenta: *[^ ]*CHKUSER rejected intrusion: ([^ ]*).*
cs_re:magenta: *[^ ]*CHKUSER rejected relaying: ([^ ]*).*
#
# QMT: qmail-send
colorscheme:qmail-send
cs_re:cyan::
cs_re:blue:^....-..-.. ..:..:..
cs_re:white,,bold:delivery *[^ ]*: success:.*
cs_re:red,,bold:delivery *[^ ]*: failure:.*
cs_re:yellow,,bold:delivery *[^ ]*: deferral:.*
#
# QMT: SpamAssassin
colorscheme:qmtspamassassin
cs_re:magenta::
cs_re:blue:^....-..-.. ..:..:..
cs_re:yellow:autolearn=failed
cs_re:red,,blink:server killed by [^,]*, shutting down
cs_re_s:yellow,,bold:identified spam ([^ ]*) for ([^ ]*) in ([^ ]*) seconds, ([^ ]*) bytes.
cs_re_s:cyan,,bold:clean message ([^ ]*) for ([^ ]*) in ([^ ]*) seconds, ([^ ]*) bytes.
cs_re:yellow:identified spam [^ ]* for [^ ]* in [^ ]* seconds, [^ ]* bytes.
cs_re_s:yellow,,bold:result: Y ([^ ]*) .*
cs_re_s:green,,bold:server successfully spawned child process, pid (.*)
cs_re:green:server successfully spawned child process, pid
cs_re:white,,bold:processing message.*
#
# QMT: sophie
colorscheme:sophie
cs_re:cyan::
cs_re:blue:^....-..-.. ..:..:..
cs_re:white,,bold:NOTICE *[^ ]*:.*
cs_re:red,,bold:Virus present.*
cs_re:red,,bold:WARNING *[^ ]*: Scan result =.*
cs_re:yellow,,bold:WARNING *[^ ]*: error:.* 


and this is how I call multitail: (or you can create a bash script with below code in it)

Using tail:

multitail -Z red,black,inverse -T -S -x "%m %u@%h %f (%t) [%l]" \
   -m 0 -n 49 -cS qmail-send -l "tail -F -q -c 512000 /var/log/qmail/send/current | tai64nlocal" \
   -m 0 -n 49 -cS qmail-smtp -em "policy_check" -em "CHKUSER" -em "simscan" -em "rblsmtpd:" -em "qmail-smtpd: qq hard reject" -l "tail -F -q -c 1048000 /var/log/qmail/smtp/current | tai64nlocal" \
   -m 0 -n 49 -cS qmail-smtp -em "policy_check" -em "CHKUSER" -em "simscan" -em "rblsmtpd:" -em "qmail-smtpd: qq hard reject" -l "tail -F -q -c 1048000 /var/log/qmail/submission/current | tai64nlocal" \
   -m 0 -n 49 -cS qmtspamassassin -ev "prefork" -ev "(connection from localhost)" -l "tail -F -q -c 512000 /var/log/qmail/spamd/current | tai64nlocal" \
   -m 0 -n 49 -cS clamd -l "tail -F -q -c 512000 /var/log/qmail/clamd/current | tai64nlocal" \
   -m 0 -n 49 -cS sophie -l "tail -F -q -c 512000 /var/log/qmail/sophie/current | tai64nlocal"

Using qmlog (you must have QTP installed)

multitail -Z red,black,inverse -T -S -x "%m %u@%h %f (%t) [%l]" \
   -m 0 -n 49 -cS qmail-send -l "qmlog -f send" \
   -m 0 -n 49 -cS qmail-smtp -em "policy_check" -em "CHKUSER" -em "simscan" -em "rblsmtpd:" -em "qmail-smtpd: " -l "qmlog -f smtp" \
   -m 0 -n 49 -cS qmail-smtp -em "policy_check" -em "CHKUSER" -em "simscan" -em "rblsmtpd:" -em "qmail-smtpd: " -em "spf-reject" -l "qmlog -f submission" \
   -m 0 -n 49 -cS qmtspamassassin -ev "prefork" -ev "(connection from localhost)" -l "qmlog -f spamd" \
   -m 0 -n 49 -cS clamd -l "qmlog -f clamd" \
   -m 0 -n 49 -cS sophie -l "qmlog -f sophie"

A simple script to display smtpd and spamd

multitail -s 2 -M 5000 -Z red,black,inverse -T -S -x "%m %u@%h %f (%t) [%l]" \
   -m 0 -n 49 -cS qmail-smtp -em "policy_check" -em "CHKUSER" -em "simscan" -em "rblsmtpd:" -em "qmail-smtpd: " -l "qmlog -f smtp" \
   -m 0 -n 49 -cS qmtspamassassin -ev "prefork" -ev "(connection from localhost)" -l "qmlog -f spamd"

Retrieved from "http://wiki.qmailtoaster.com/index.php/Colorfull_QMail_Logging"

This page has been accessed 7,439 times. This page was last modified on 26 June 2007, at 08:41. Content is available under GNU Free Documentation License 1.2.


Find

Browse
Main page
Community portal
Current events
Recent changes
Random page
Help
Edit
View source
Editing help
This page
Discuss this page
New section
Printable version
Context
Page history
What links here
Related changes
My pages
Log in / create account
Special pages
New pages
File list
Statistics
More...