I save correlated logs from postfix (and milter daemons) in mongodb.
https://www.balabit.com/documents/syslog-ng-ose-latest-guides/en/syslog-ng-ose-guide-admin/html/configuring-destinations-mongodb.html
https://www.balabit.com/documents/syslog-ng-ose-latest-guides/en/syslog-ng-ose-guide-admin/html/configuring-pattern-databases.html
In one registry I can get all information about delivery that I need and
nothing more:
{
"_id" : ObjectId("5991fbb0c2544d511c3a5290"),
"TO" : "xxx...@domain.com",
"SUBJECT" :
"KEdSVVBPIE1QRSkgQXJxdWl2byBkZSBSZW1lc3NhIGRvIGRpYTogMTAvMDgvMjAxNw==",
"STATUS_AT" : ISODate("2017-08-14T19:36:16.000Z"),
"STATUS" : "sent",
"SIZE" : 2918,
"SERVER" : "submitter31.zyx.net",
"SASLAUTH" : "a...@o62.xyz.net",
"RETURNPATH" : "sup...@xyz.com",
"RELAY_IP" : "168.0.0.0",
"RELAY_HOST" : "relay.xxxx.com.br",
"REASON" : "(250 OK id=1dhLEB-03037zm-MD)",
"QUEUEID_CUST" : "None",
"QUEUEID" : "024D781B27AC",
"FROM" : "sup...@xyz.com",
"DSN" : "2.0.0",
"DELAY" : "8.6",
"CLIENTIP" : "177.7.7.7",
"BEGIN_AT" : ISODate("2017-08-14T19:36:08.000Z")
}
much cleaner and simpler than logstash, either rsyslog and syslog-ng
clients connect to the log server without any other external software
and it is working very well.
Joao Reis.
On 08/29/2017 05:51 AM, Kev wrote:
You might want to look into something like the Logstash
(https://www.elastic.co/products/logstash).
looks promising! thanks you!
On Mon, 28 Aug 2017 10:11:14 -0600
James Reynolds <reyno...@biology.utah.edu> wrote:
You might want to look into something like the Logstash
(https://www.elastic.co/products/logstash).
James
On Aug 27, 2017, at 9:51 PM, Kev <savage-gar...@hanikamail.com> wrote:
Hi postfixers,
We have spam filter servers for our down, 5 of them to be exact. we use
amavisd, bitdefender & clamav for spam and virus filter.
we have a self help portal done in php/mysql for users to manage
whitelist/blacklist etc, now i want to allow users to check there email
logs to they can find if any wanted email is blocked,
so the question is, how can i log postfix to a mysql db where i can write
an interface for users to search for email and see what did the
blocking, such as rbl, amavis etc ?
ive seen some solutions to use syslog in to mysql but i was thinking
something much simpler where i will still have logs in place even if
mysql fails.
rgds