ok.. this doesn't work...
tail -F /var/log/maillog | egrep --line-buffered -v 'imapd|connection|processing' | awk '{print $1" "$2" -("$3")"}' | grcat conf.craig
am presuming that awk doesn't like not have a finished pipe.. but the man page doesn't mention anything about buffering..
awk seems the way to go.. because...
tail -n500 -F /var/log/maillog | egrep --line-buffered -v 'imapd|connection|processing' | cut -d" " -f0,3,6,7,8,9,10 | grcat conf.craig
runs, at the moment, about 30-60 mins from the end of the log... but thats probably something completely different....which is a shame.. as it gives as close to an output as i'm looking for...
01:59:16 vchkpw-pop3: vpopmail user not found 01:59:30 vchkpw-pop3: (PLAIN) login success craig@xxxxxxxxxx:127.0.0.1 02:02:55 identified spam (19.1/5.0) for kelerion@xxxxxxxxxxxxxxxx:510 02:02:55 identified spam (9.8/5.0) for mark.laurence@xxxxxxxxxxxxxxxx:510 02:03:14 clean message (-4.9/5.0) for craig@xxxxxxxxxx:510 02:03:24 identified spam (19.4/5.0) for kelerion@xxxxxxxxxxxxxxxx:510 02:03:42 clean message (3.6/5.0) for joe@xxxxxxxxx:510
am I missing something fundamental here? I get that the pipes are not passing completed files (EOF's) to the next command.. but I can't see (apart from awk) what could be stopping the chain...
thanks for any ideas...
Craig..
