今、運用中のサイト一つにメールの送信を行う処理があり、
そろそろちゃんとpostfixのログ監視もすべきだよな・・・
という事で、pflogsumm を入れてみたのでそのメモです。
■導入
ええと、CentOS環境なのでyumで一発です・・。
気付いたらpostfixがアップデートされたりしてたので、
-y ででやらない方が良いと思います。
(いきなりrootですが気にしない。)
# yum -y install postfix-pflogsumm
中身はperlですね。
# ls -l /usr/sbin/pflogsumm -rwxr-xr-x 1 root root 54815 2月 20 19:07 2014 /usr/sbin/pflogsumm # file /usr/sbin/pflogsumm /usr/sbin/pflogsumm: a /usr/bin/perl -w script text executable
■設定
man の EXAMPLESに詳しいsampleが書いてあります。
単純に実行して試すならログファイルを指定して実行するだけでOK。
# pflogsumm /var/log/maillog
Grand Totals
------------
messages
35 received
35 delivered
0 forwarded
0 deferred
1 bounced
0 rejected (0%)
0 reject warnings
0 held
0 discarded (0%)
94533 bytes received
96481 bytes delivered
2 senders
1 sending hosts/domains
12 recipients
4 recipient hosts/domains
Per-Day Traffic Summary
date received delivered deferred bounced rejected
--------------------------------------------------------------------
Mar 2 2014 7 7
Mar 3 2014 21 21 0 1
Mar 4 2014 7 7
Per-Hour Traffic Daily Average
time received delivered deferred bounced rejected
--------------------------------------------------------------------
0000-0100 2 2 0 0 0
0100-0200 0 0 0 0 0
0200-0300 0 0 0 0 0
0300-0400 0 0 0 0 0
0400-0500 0 0 0 0 0
0500-0600 0 0 0 0 0
0600-0700 1 1 0 0 0
0700-0800 0 0 0 0 0
0800-0900 0 0 0 0 0
0900-1000 0 0 0 0 0
1000-1100 0 0 0 0 0
1100-1200 0 0 0 0 0
1200-1300 0 0 0 0 0
1300-1400 1 1 0 0 0
1400-1500 0 0 0 0 0
1500-1600 0 0 0 0 0
1600-1700 1 1 0 0 0
1700-1800 0 0 0 0 0
1800-1900 0 0 0 0 0
1900-2000 0 0 0 0 0
2000-2100 1 1 0 0 0
2100-2200 3 3 0 0 0
2200-2300 1 1 0 0 0
2300-2400 0 0 0 0 0
Host/Domain Summary: Message Delivery
sent cnt bytes defers avg dly max dly host/domain
-------- ------- ------- ------- ------- -----------
30 84766 0 2.2 s 5.1 s XXXX.com
Host/Domain Summary: Messages Received
msg cnt bytes host/domain
-------- ------- -----------
35 94533 slateblue.tk
Senders by message count
------------------------
33 xxx@XXXX.com
Recipients by message count
---------------------------
21 xxx@XXXX.com
3 xxx@xx1.com
Senders by message size
-----------------------
65158 xxx@XXXX.com
Recipients by message size
--------------------------
42128 xxx@XXXX.com
message deferral detail: none
message bounce detail (by relay)
--------------------------------
XXXX.com[192.XXX.XXX.XX]:25 (total: 1)
1 No Such User Here" (in reply to RCPT TO command)
message reject detail: none
message reject warning detail: none
message hold detail: none
message discard detail: none
smtp delivery failures: none
Warnings: none
Fatal Errors: none
Panics: none
Master daemon messages
----------------------
1 terminating on signal 15
manにある内容を参考に、この2つをcronに追加しておけば良いでしょう。
10 0 * * * /usr/sbin/pflogsumm -d yesterday /var/log/maillog 2>&1 |/usr/bin/mailx -s "`uname -n` daily mail stats" postmaster 10 4 * * 0 /usr/sbin/pflogsumm /var/log/maillog.0 2>&1 |/usr/bin/mailx -s "`uname -n` weekly mail stats" postmaster
▼manの内容を抜粋
EXAMPLES
Produce a report of previous day’s activities:
pflogsumm.pl -d yesterday /var/log/maillog
A report of prior week’s activities (after logs rotated):
pflogsumm.pl /var/log/maillog.0
What’s happened so far today:
pflogsumm.pl -d today /var/log/maillog
Crontab entry to generate a report of the previous day’s activity
at 10 minutes after midnight.
10 0 * * * /usr/local/sbin/pflogsumm -d yesterday /var/log/maillog
2>&1 │/usr/bin/mailx -s "‘uname -n‘ daily mail stats" postmaster
Crontab entry to generate a report for the prior week’s activity.
(This example assumes one rotates ones mail logs weekly, some time
before 4:10 a.m. on Sunday.)
10 4 * * 0 /usr/local/sbin/pflogsumm /var/log/maillog.0
2>&1 │/usr/bin/mailx -s "‘uname -n‘ weekly mail stats" postmaster
The two crontab examples, above, must actually be a single line
each. They’re broken-up into two-or-more lines due to page
formatting issues.
