今天的 script sample:
#!/bin/bash
#
# purpose: to process mail log for ....
# limitation: xxxx
# version:
# change log:
#
# set locale to standard
export LANG=POSIX
# mail log location
log_file=/var/log/maillog
# Month and Day for today
today=$(date "+%b %_d")
# Month, Day, Hour and Minute for 6 minutes ago
date_time_1=$(date -d "6 minutes ago" "+%b %_d %H:%M:")
# Month, Day, Hour and Minute for 1 minutes ago
date_time_2=$(date -d "1 minutes ago" "+%b %_d %H:%M:")
# convert to timestamp format in seconds since 1970-01-01
time_stamp_1=$(date -d "${date_time_1}00" +%s)
time_stamp_2=$(date -d "${date_time_2}00" +%s)
# get logs for today only
log_lines=$(grep "^${today}" $log_file)
# get all record time
all_log_time=$(echo "$log_lines" | cut -c 1-15 | uniq)
# convert to record time to tampstamp format
all_time_stamp=$(while read line; do
date -d "$line" +%s
done< <(echo "$all_log_time"))
# get the earliest timestamp since last 6 minutes
first_time_stamp=$(echo "$all_time_stamp" | awk '($1 >= '$time_stamp_1') {print $1}' | head -1 )
# get the most recent timestamp before last 1 minute
last_time_stamp=$(echo "$all_time_stamp" | awk '($1 <= '$time_stamp_2') {print $1}' | tail -1)
# exit if either of the two timestamps is missing
[ "$first_time_stamp" ] || {
echo "The first time stamp not found!"
exit 1
}
[ "$last_time_stamp" ] || {
echo "The last time stamp not found!"
exit 2
}
# where to store report
report_file=/var/www/html/test/mail_log_report.${time_stamp_2}.csv
# get lines only for last 5 minutes (except current minute)
log_lines=$(echo "$log_lines" | sed -n '/^'"$(date -d @$first_time_stamp +%b\ %_d\ %H:%M:)"'/,/^'"$(date -d @$last_time_stamp +%b\ %_d\ %H:%M:)"'/'p)
# get lines only contain 'status=sent'
key_word_sent=$(echo "${log_lines}" | grep 'status=sent')
# get lines only contain 'status=bounced', and remove everything but the postfix ID
key_word_bounced=$( echo "${log_lines}" | grep 'status=bounced' | awk -F [\]\[] '{print $2}')
# get all message ID with postfix ID
get_ID() {
for ID in $key_word_bounced; do
echo "$key_word_sent" | grep -E "\[${ID}\]" | awk '{print $6}'
done
}
MID=$(get_ID)
# generate header for report file
echo "MessageID,MailFrom,MailTo,SentFrom" > $report_file
# write report content to report file
for i in $MID; do
echo -n "$i "
echo "${log_lines}" | grep -E "${i} (from=|to=)" | grep -Eo '(from=[^,]+|to=[^,]+)|relay=[^,]+' | xargs
done | sed 's/ /,/g' >> $report_file
大家也可以從如下連結下載:
http://www.study-area.org/~netman/mail_log.sh不過,我回家後修改了一下內容:
1. 直接用 awk -F 參數抓欄位,而省略額外兩次的 cut
2. 多加了一個 get_ID 的 function,這樣才能抓到完整的 postfix ID
此外:
最後的report會寫進網站Document的目錄,參考時自行設定web service,這裡就不說明了。
然後交給 crontab 每 5 分鐘執行:
*/5 * * * * /root/scripts/mail_log.sh大致如此,時間關係未能介紹更多的script技巧有點遺憾,若有機會再跟大家介紹吧。。。 ^_^
