On Wednesday 03 January 2007 10:18 pm, Bob McClure Jr wrote: > > I run sa-stats.pl written by Dallas: > > > > # file: sa-stats.pl > > # date: 2005-07-27 > > # version: 0.9 > > # author: Dallas Engelken <[EMAIL PROTECTED]> > > # desc: SA 3.x log parser > > > > on my 3.1.7 SA version with no problems. > > -- > > Chris > > KeyID 0xE372A7DA98E6705C > > http://learn.to/quote > > So do I. In fact I use the new and improved v1.02 for SA v3.1.x. For > those just tuning in, it's here: > > http://www.rulesemporium.com/programs/sa-stats-1.0.txt > > It and the sa-stats.pl included with SA produce very different > reports, and I find both reports useful. Pity they have the same > name. I renamed Dallas' script sa-stats-sare.pl to keep them > straight. Hmm. I shoulda called it sare-stats.pl. > You didn't say if you're still having problems or not. I just downloaded, configured and ran the new version as root from the cli and had no problems:
[EMAIL PROTECTED] SAStuff]# ./sa-stats-1.0.pl Email: 148 Autolearn: 0 AvgScore: 35.43 AvgScanTime: 8.13 sec Spam: 113 Autolearn: 0 AvgScore: 48.18 AvgScanTime: 8.28 sec Ham: 35 Autolearn: 0 AvgScore: -5.74 AvgScanTime: 7.66 sec Time Spent Running SA: 0.33 hours Time Spent Processing Spam: 0.26 hours Time Spent Processing Ham: 0.07 hours TOP SPAM RULES FIRED ---------------------------------------------------------------------- RANK RULE NAME COUNT %OFMAIL %OFSPAM %OFHAM ---------------------------------------------------------------------- 1 SAGREY 110 74.32 97.35 0.00 2 BOTNET 100 68.92 88.50 5.71 3 BAYES_99 96 64.86 84.96 0.00 4 RAZOR2_CHECK 80 54.05 70.80 0.00 5 RAZOR2_CF_RANGE_51_100 79 53.38 69.91 0.00 6 RCVD_IN_XBL 76 51.35 67.26 0.00 7 DIGEST_MULTIPLE 70 47.97 61.95 2.86 8 URIBL_BLACK 70 47.30 61.95 0.00 9 PYZOR_CHECK 68 46.62 60.18 2.86 10 URIBL_WS_SURBL 67 45.27 59.29 0.00 11 RAZOR2_CF_RANGE_E8_51_100 66 44.59 58.41 0.00 12 URIBL_JP_SURBL 64 43.24 56.64 0.00 13 URIBL_OB_SURBL 64 43.24 56.64 0.00 14 UNPARSEABLE_RELAY 64 45.27 56.64 8.57 15 CLAMAV 55 37.16 48.67 0.00 16 URIBL_AB_SURBL 55 37.16 48.67 0.00 17 DCC_CHECK 43 40.54 38.05 48.57 18 SARE_CSNUMTAG 42 28.38 37.17 0.00 19 RCVD_IN_BL_SPAMCOP_NET 31 20.95 27.43 0.00 20 DRUGS_ERECTILE 29 19.59 25.66 0.00 ---------------------------------------------------------------------- TOP HAM RULES FIRED ---------------------------------------------------------------------- RANK RULE NAME COUNT %OFMAIL %OFSPAM %OFHAM ---------------------------------------------------------------------- 1 BAYES_00 35 23.65 0.00 100.00 2 AWL 30 22.30 2.65 85.71 3 DCC_CHECK 17 40.54 38.05 48.57 4 HTML_MESSAGE 8 23.65 23.89 22.86 5 NO_REAL_NAME 8 6.76 1.77 22.86 6 FORGED_RCVD_HELO 6 14.19 13.27 17.14 7 SPF_PASS 6 4.73 0.88 17.14 8 SARE_HEAD_HDR_XSEQ 4 2.70 0.00 11.43 9 FM_MULTI_ODD2 4 6.76 5.31 11.43 10 DK_SIGNED 3 2.03 0.00 8.57 11 MIME_HTML_ONLY 3 11.49 12.39 8.57 12 DBL_12_LETTER_FLDR 3 3.38 1.77 8.57 13 HTML_90_100 3 2.70 0.88 8.57 14 SARE_UNI 3 2.03 0.00 8.57 15 UNPARSEABLE_RELAY 3 45.27 56.64 8.57 16 BOTNET 2 68.92 88.50 5.71 17 DNS_FROM_RFC_POST 2 7.43 7.96 5.71 18 DNS_FROM_RFC_WHOIS 2 5.41 5.31 5.71 19 MIME_HEADER_CTYPE_ONLY 2 2.70 1.77 5.71 20 DK_POLICY_SIGNSOME 2 6.08 6.19 5.71 ---------------------------------------------------------------------- -- Chris KeyID 0xE372A7DA98E6705C http://learn.to/quote
pgpz8IUgdz2mg.pgp
Description: PGP signature
