----- Original Message -----
From: "Craig Tinson" <craig@xxxxxxxxxx>
To: <fedora-list@xxxxxxxxxx>
Sent: Tuesday, June 22, 2004 3:25 PM
Subject: *nice* maillog output
> this is probably asking a bit much.. but no harm in asking..
>
> I currently have a spare 14" monitor connected to the mail server so I
> can monitor whats going on..
>
> it is permanently running the following:
>
> tail -f /var/log/maillog | grcat conf.log
>
> this displays the following in various colors:
>
> Jun 22 20:19:26 www spamd[19421]: processing message
> <200406222219.09205.blogs@xxxxxxx> for craig@xxxxxxxxxx:510.
> Jun 22 20:19:27 www spamd[19421]: clean message (-4.8/5.0) for
> craig@xxxxxxxxxx:510 in 1.4 seconds, 3206 bytes.
> Jun 22 20:20:20 www spamd[2904]: connection from localhost.localdomain
> [127.0.0.1] at port 33969
> Jun 22 20:20:20 www spamd[19441]: processing message
> <200406221521.59668.joe@xxxxxxxxx> for craig@xxxxxxxxxx:510.
> Jun 22 20:20:23 www spamd[19441]: clean message (-3.9/5.0) for
> craig@xxxxxxxxxx:510 in 2.1 seconds, 3484 bytes.
>
>
> etc etc
>
> this is more info than I need and just clutters up (and wraps around) on
> the 14" monitor..
>
> is there an obvious/easy way to trim it.. for example:
>
> Jun 22 - (20:19:26) Mail From: <someone@xxxxxxxxxxxxxx> to
> <craig@xxxxxxxxxx> (Clean)
> Jun 22 - (20:20:30) Mail From: <someone@xxxxxxxxxxxxxx> to
> <craig@xxxxxxxxxx> (Spam)
>
> colored and columned?
>
> I know this is asking a bit much.. but thought I'd ask...
>
> Cheers
>
> Craig
>
You can always try using awk, sed, and grep to manipulate the output stream.
Here's something to get you started:
tail /var/log/maillog | awk '{print $1" "$2" - ("$3")"}'
Awk can automatically separate elements of a line when they are separated by
whitespace. The first element is referred to as $1, the second $2, etc.
The above command will print out the date like you wanted:
Jun 22 - (20:20:30)
Use quotation marks to create static values in the output. Grep will allow
you to easily select lines that you want in the output but you'll have to be
sure you accurately identify only those lines you want. It can also be used
in the format "grep -v" to output everything BUT the pattern that follows.
You can pipe the stream though grep first to limit the lines you process
like this:
tail /var/log/maillog | grep message | grep -v sent | awk '{print $1" "$2" -
("$3")"}'
The above will only process lines that have the word "message" in them and
also don't contain the word "sent". The solution you will need will really
depend on how many different types of line formats you need to process and
how different they are from one another with respect to the relative
positions of the pieces of the line you want to use. If the types of lines
you are looking to extract are too different, then this apporach won't work
too well. At that point you might want to look into using something like
Perl which was built for tasks like this.
Another useful command to use is sed, but regular expressions are a bit more
complicated and difficult to cover adequately in an email message.
Basically, they allow extremely complex pattern matching and replacement
once you learn the syntax. Again, your success rate will depend on the
relative differences between line formats. If you do some digging and look
up these commands, you'll find some really cool stuff even if it doesn't
help with this particular problem.
I hope this helps. :)
Shockwave
