How to analyse big log files

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

How to analyse big log files

spiekey
Hello List,

i just did some changes to my mailserver and i tried to see if it
rejects or dropps any mails or if any problem/error occur.
Since the Log-File is so huge and it grows so fast its almost impossible
to analyse it.

Are there any tools to analyse mail.log?

Thanks,
Mario
Reply | Threaded
Open this post in threaded view
|

Re: How to analyse big log files

Igor Zinovik-2
On июн 12  13:22, [hidden email] wrote:
>Are there any tools to analyse mail.log?

I use pflogsumm by James S. Seymour.  It accepts maillog as input and
produces nice text reports that can be sent to postmaster.
Reply | Threaded
Open this post in threaded view
|

Re: How to analyse big log files

spiekey
Hey,

i just checked it out. It looks really small, fast and cool :)

Thanks,
Mario



Igor Zinovik schrieb:
> On июн 12  13:22, [hidden email] wrote:
>> Are there any tools to analyse mail.log?
>
> I use pflogsumm by James S. Seymour.  It accepts maillog as input and
> produces nice text reports that can be sent to postmaster.
>

Reply | Threaded
Open this post in threaded view
|

Re: How to analyse big log files

Jorey Bump
In reply to this post by spiekey
[hidden email] wrote, at 06/12/2008 07:22 AM:

> Are there any tools to analyse mail.log?

I use postfix-logwatch, and am very pleased with it:

   http://www.mikecappella.com/logwatch/

There are switches to limit output if you're overwhelmed.

Reply | Threaded
Open this post in threaded view
|

Re: How to analyse big log files

Bill Anderson-2
In reply to this post by spiekey

On Jun 12, 2008, at 5:22 AM, [hidden email] wrote:

> Hello List,
>
> i just did some changes to my mailserver and i tried to see if it  
> rejects or dropps any mails or if any problem/error occur.
> Since the Log-File is so huge and it grows so fast its almost  
> impossible to analyse it.
>
> Are there any tools to analyse mail.log?

If you are running syslog-ng you can add a destination and filter  
combo to copy rejects to their own file. Also, grep and awk are pretty  
capable ;) If testing in "real time": "tail -f /var/log/mail.log |  
grep reject" will show only mail log entries with the word reject in  
them. You could also do NOQUEUE but if you have HOLD rules they can  
show up that way, too.