When running pflogsumm I am getting many error like this: Use of uninitialized value $domain in string eq at /usr/local/bin/pflogsumm line 1546, <> line 283375. Use of uninitialized value $domain in substitution (s///) at /usr/local/bin/pflogsumm line 1552, <> line 283375.
# awk '{if(NR==283375) print $0}’ mail.log.combined Mar 29 23:14:45 mail.covisp.net postfix/postscreen[54597] NOQUEUE: reject: RCPT from [45.155.126.14]:47867: 550 5.7.1 Service unavailable; client [45.155.126.14] blocked using zen.spamhaus.org; from=<digimsolut...@gmail.com>, to=<*munged*covisp.net>, proto=ESMTP, helo=<event8.eventproglobally.info> The combined file is generated by catting several different files bzcat /var/log/mail.0.bz2 /var/log/postscreen.0.bz2 /var/log/delivery.0.bz2|sort > /tmp/mail.log.combined && pflogsumm /tmp/mail.log.combined -q --detail 15 --verp-mung=2 --problems-first --rej-add-from I don’t get the error if I exclude the postscreen.0.bz2 file from the bzcat part of the command. I used rsyslogd to split the login of mail actions which makes my normally delving into the logs considerably easier. if $syslogtag contains 'postscreen' then /var/log/postscreen.log if $syslogtag contains 'postscreen' then stop if $syslogtag contains 'dnsblog' then /var/log/postscreen.log if $syslogtag contains 'dnsblog' then stop if $msg contains 'status=sent' then /var/log/delivery.log if $msg contains 'status=sent' then stop if $msg contains 'permit: DATA' then /var/log/delivery.log if $msg contains 'permit: DATA' then stop -- Well, we know where we're goin' But we don't know where we've been And we know what we're knowin' But we can't say what we've seen