Good Morning,
Thanks, but i wrote a small tool which parses the log-files to see which
patterns are most in use.
Today morning after the first coffee, I had an idea, how to save more
resources.
Declude is able to use patterns as kind of a trigger:
The first filter file looks for several strings depending on the spam theme,
lets say:
anywhere 0 pcre (?i:banana|apple|tomato|potato)
The second file, which holds the real pcre will only be active, if the first
file was triggered, using the name in the global.cfg :
testsfailed end pcre (fruits)
.
..
anywhere 10 pcre (?i:banana.{1.15}only good.{1.15}minions)
anywhere 10 pcre (?i:potato.{1.15}is not.{1.15}(fruit|meat))
The first rule of course is wrong, it would END processing. My question ist:
How can I use a rule not containing a string. Regex is always a bit
strange testing for not.
Thanks
Freundliche Grüsse
----------------------------------------------------------------------------
-------
Merlin Consulting GmbH | Martin Schaible
Bahnhofstrasse 27 | CH-8702 Zollikon | Switzerland
Tel.: +41 44 391 30 00 | Fax: +41 44 391 32 49
E-Mail: [email protected] | www.merlinconsulting.ch
Helpdesk: helpdesk.merlinconsulting.ch
GPS: N47 20.235 E8 34.226
Wird sind nun auch auf Facebook präsent:
www.facebook.com/MerlinConsultingGmbH
----------------------------------------------------------------------------
-------
News - Unsere Produkte:
.:. Astaro
.:. SmarterTools
.:. Declude AntiSpam für SmarterMail
.:. ARM Research MessageSniffer für SmarterMail
.:. delight software GmbH
.:. JMuffin CMS
.:. ESET Antivirus & Internet Security Solutions
.:. Lockstep Systems - Backup Software
.:. Paessler Network Monitoring
----------------------------------------------------------------------------
-------
Von: [email protected] [mailto:[email protected]] Im
Auftrag von Pete McNeil
Gesendet: Donnerstag, 8. August 2013 05:30
An: [email protected]
Betreff: [MBF]Re: CPU Power
On 2013-08-07 19:48, Martin Schaible wrote:
its quite hard to decide which rules are still needed
I completely understand. We have a large infrastructure built into Message
Sniffer specifically to tell us what works, and to weed out what doesn't.
Is there something that can tell you which expressions are matching? Perhaps
a histogram over the course of a day? Then you would be able to tell what
can go and what can stay.
_M
--
Pete McNeil
Chief Scientist
ARM Research Labs, LLC
www.armresearch.com
866-770-1044 x7010
twitter/codedweller
#############################################################
This message is sent to you because you are subscribed to
the mailing list <[email protected]>.
To unsubscribe, E-mail to: <[email protected]>
To switch to the DIGEST mode, E-mail to
<[email protected]>
To switch to the INDEX mode, E-mail to <[email protected]>
Send administrative queries to <[email protected]>
