mail log parsing script in need of makeover Post: 302194896

Sponsored Content

Top Forums Shell Programming and Scripting mail log parsing script in need of makeover Post 302194896 by jjamd64 on Wednesday 14th of May 2008 01:21:42 AM

05-14-2008

Registered User

OK, this is what I have for the perl script so far. I got into trouble towards the end, and it doesn't like what i'm trying to do with the variable.

#!/usr/local/bin/perl
#use strict;
use locale;
use DBI;
use Cwd ;

my %sender_emails = () ;
my %recipient_emails = () ;
my %recipient_count = () ;

$logfile = '/data/log/maillog';

open(LOG, $logfile);
while (<LOG>)
{
($msgMon, $msgDay, $msgTime, $msgHost, $msgCmd, $QID, $from_to) = split(/\s+/, $_) ;

next if (/from=<>/) ;
next if (/from=<root>/) ;

if (($_ =~ /from=</) && ($_ =~ /qmgr/))
{
($tmpString, $from) = split("from=<", $_);
($from,$tmpString) = split(">", $from);
$sender_emails {$QID} = $from;
}
elsif (($_ =~ /to=</) && ($_ =~ /smtp/))
{
($tmpString, $to) = split("to=<", $_);
($to,$tmpString) = split(">", $to);
$recipient_emails {$QID} = $recipient_emails {$QID} . "$to " ;
$recipient_count {$QID}++ ;
}
}
close(LOG);

foreach $myQID (keys %sender_emails)
{
$myto = $recipient_emails{$myQID} ;
$myfrom = $sender_emails{$myQID} ;
$tocount = $recipient_count{$myQID} ;
next if $tocount >= 6;
foreach $rcpt_group (values %sender_emails)
{
($1, $2, $3, $4, $5) = split(/\s+/, $_);
@rcpt = ("$1", "$2", "$3", "$4", "$5");
{
foreach $rcpt (@rcpt)
{
print $myfrom . "," . $rcpt . \n;
}
}
}
}

This is a working version of the last portion of the script.

foreach $myQID (keys %sender_emails)
{
$myto = $recipient_emails{$myQID} ;
$myfrom = $sender_emails{$myQID} ;
$tocount = $recipient_count{$myQID} ;
next if $tocount >= 6;
{
print $myfrom . "," . $myto . \n;
}
}

the only problem is that it prints out lines with message recipients greater than one in the following fashion.

sender@domain,recipient1@domain recipient2@domain etc.

when I ultimately need:

sender@domain,recipient1@domain
sender@domain,recipient2@domain
sender@domain,recipient3@domain
and so on...

this is what the log entries actually look like.

May 14 01:08:38 mail11 postfix/smtpd[86997]: 21F9C17ADDEB: client=domain.com[127.0.0.1]
May 14 01:08:38 mail11 postfix/cleanup[87530]: 21F9C17ADDEB: message-id=<00ec01c8b580$73d85d60$da0ba8c0@domain>
May 14 01:08:38 mail11 postfix/qmgr[9455]: 21F9C17ADDEB: from=<user@domain>, size=18310, nrcpt=3 (queue active)
May 14 01:08:39 mail11 postfix/smtp[86884]: 21F9C17ADDEB: to=<user@domain>, relay=domain [127.0.0.1]:25, delay=1, delays=0.21/0/0.45/0.39, dsn=2.0.0, status=sent (250 ok: Message 149052398 accepted)
May 14 01:08:39 mail11 postfix/smtp[87444]: 21F9C17ADDEB: to=<user@domain>, relay=domain.com[127.0.0.1]:25, delay=1.8, delays=0.21/0/1.1/0.51, dsn=2.0.0, status=sent (250 Ok: queued as E572B24807B)
May 14 01:08:39 mail11 postfix/smtp[87444]: 21F9C17ADDEB: to=<user@domain>, relay=mail.domain.com[127.0.0.1]:25, delay=1.8, delays=0.21/0/1.1/0.51, dsn=2.0.0, status=sent (250 Ok: queued as E572B24807B)
May 14 01:08:39 mail11 postfix/qmgr[9455]: 21F9C17ADDEB: removed

As always any comments, criticisms, and questions are welcome and appreciated.
-JJ

jjamd64

View Public Profile for jjamd64

Find all posts by jjamd64

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Shell script for parsing 300mb log file..

am relatively new to Shell scripting. I have written a script for parsing a big file. The logic is: Apart from lot of other useless stuffs, there are many occurances of <abc> and corresponding </abc> tags. (All of them are properly closed) My requirement is to find a particular tag (say...

2. Shell Programming and Scripting

Help with script parsing a log file

I have a large log file, which I want to first use grep to get the specific lines then send it to awk to print out the specific column and if the result is zero, don't do anything. What I have so far is: LOGDIR=/usr/local/oracle/Transcription/log ERRDIR=/home/edixftp/errors #I want to be...

3. Shell Programming and Scripting

Shell script to parsing log

Hi I Have log like this : 0 234: { 3 2: 04 EE 7 14: '20081114081' 23 1: 00 79 10: '38809' 91 15: '528111510010159' 143 29: 'Streaming/downloading service' 174 3: 'MTV' 179 43: 'rtsp://172.28/MTV2GO-Loop.sdp' 224 1: 05 ...

4. Shell Programming and Scripting

Performance of log parsing shell script very slow

Hello, I am an absolute newbie and whatever I've written in the shell script (below) has all been built with generous help from googling the net and this forum. Please forgive any schoolboy mistakes. Now to the qn, my input file looks like this - 2009:04:03 08:21:41:513,INFO...

5. Shell Programming and Scripting

Script for Parsing Log File

Working on a script that inputs an IP, parses and outputs to another file. A Sample of the log is as follows: I need the script to be able to input IP and print the data in an output file in the following format or something similar: Thanks for any help you can give me!

6. Shell Programming and Scripting

Log parsing script

Hello, I have a script that parses logs and sends the output via digitally signed and encrypted email. This script uses grep -v to exclude patterns in a file. The problem I have is if this is run via cron none of the pattern matching seems to occur. If I run it by hand it runs exactly as it is...

7. Shell Programming and Scripting

Script for parsing vertical log into horizontal

Hi, I have log like this : And i want the output like below : I have try using awk but doesn't work awk ' /ffff /{ts=$1} f && /SectorAntenna\=1/{sa1=$3} f && /SectorAntenna\=2/{sa2=$3} f && /SectorAntenna\=3/{sa3=$3} { s= ts "|" sa1 "|" sa2 "|" sa3 print s f=0 }'

8. Shell Programming and Scripting

Issue with awk script parsing log file

Hello All, I am trying to parse a log file and i got this code from one of the good forum colleagues, However i realised later there is a problem with this awk script, being naive to awk world wanted to see if you guys can help me out. AWK script: awk '$1 ~ "^WRITER_" {p=1;next}...

9. Shell Programming and Scripting

Bash Script - Mail Secure.log

I'm putting together a fairly simple script, to check "secure.log" for content and email the results in a cron, nightly. The script runs fine upon manual execution, it's a problem when ran in cron. This is on a Mac server. Any thoughts? #!bin/bash #Email secure.log, nightly. Subject="Secure...

10. Shell Programming and Scripting

Parsing a log file and creating a report script

The log file is huge and lot of information, i would like to parse and make a report . below is the log file looks like: REPORT DATE: Mon Aug 10 04:16:17 CDT 2017 SYSTEN VER: v1.3.0.9 TERMINAL TYPE: prod SYSTEM: nb11cu51 UPTIME: 04:16AM up 182 days 57 mins min MODEL, TYPE, and SN:...

LEARN ABOUT MINIX

mail

MAIL(1) 						      General Commands Manual							   MAIL(1)

NAME

       mail - send and receive electronic mail

SYNOPSIS

       mail [-dpqrv] [-f file] [user]

OPTIONS

       -d     Force use of the shell variable MAILER

       -f     Use file instead of /usr/spool/mail/user as mailbox

       -p     Print all mail and then exit

       -q     Quit program if SIGINT received

       -r     Reverse print order, i.e., print oldest first

       -v     Verbose mode

EXAMPLES

       mail ast 	   # Send a message to ast

       mail		   # Read your mail

DESCRIPTION

       Mail  is  an  extremely simple electronic mail program.	It can be used to send or receive email on a single MINIX system, in which case it
       functions as user agent and local delivery agent.  If the flag MAILER is defined in mail.c, it can also call a transport  agent	to  handle
       remote mail as well.  No such agent is supplied with MINIX.

       When  called  by  user  with no arguments, it examines the mailbox /usr/spool/mail/user, prints one message (depending on the -r flag), and
       waits for one of the following commands:

	 <newline> Go to the next message
	 -	   Print the previous message
	 !command  Fork off a shell and execute command
	 CTRL-D    Update the mailbox and quit (same as q)
	 d	   Delete the current message and go to the next one
	 q	   Update the mailbox and quit (same as CTRL-D)
	 p	   Print the current message again
	 s [file]  Save message in the named file
	 x	   Exit without updating the mailbox

       To send mail, the program is called with the name of the recipient as an
       argument.  The mail is sent, along with a postmark line containing the date.
       For local delivery, a file named after the recipient in the directory
       /usr/spool/mail must be writable.

       If the directory /usr/spool/mail does not exist then the mail is
       dumped on the console, so that system programs have a way to notify
       a user on a system that does not have a mail spool.

																	   MAIL(1)