![[PukiWiki]](image/pukiwiki.png "[PukiWiki]")
#author("2018-08-29T13:10:48+09:00","","") #author("2018-08-29T13:11:40+09:00","","") [[CentOS7]] *Postfixログ解析ツール導入(pflogsumm) [#l748c81e] [[Postfix>Postfix+Dovecotインストール]]のログ解析ツールである''[[pflogsumm>http://jimsun.linxnet.com/postfix_contrib.html]]''を導入する。 ここでは、毎日自動的に前日分の''Postfix''ログを解析して結果をメールサーバー管理者(''postmaster'')宛にメール送信するようにする。 *pflogsummインストール [#k748496b] |BGCOLOR(black):COLOR(white):|c |[root@centos ~]# yum -y install postfix-pflogsumm &color(lime){← pflogsummインストール};| |[root@localhost ~]# yum -y install postfix-pflogsumm &color(lime){← pflogsummインストール};| *pflogsumm確認 [#gd52f33a] |BGCOLOR(black):COLOR(white):|c |[root@centos ~]# vi pflogsumm_report &color(lime){← pflogsumm実行スクリプト作成};| |[root@localhost ~]# vi pflogsumm_report &color(lime){← pflogsumm実行スクリプト作成};| |#!/bin/bash &br; &br; MAILLOG=`mktemp` &br; for log in `ls /var/log/maillog-*|sort` &br; do &br; cat $log >> $MAILLOG &br; done &br; cat /var/log/maillog >> $MAILLOG &br; REPORT=`mktemp` &br; pflogsumm --problems_first --verbose_msg_detail --mailq -d yesterday $MAILLOG > $REPORT &br; cat $REPORT | mail -s "`head -1 $REPORT` in `uname -n`" postmaster &br; rm -f $MAILLOG $REPORT| |[root@centos ~]# chmod 700 pflogsumm_report &color(lime){← pflogsumm実行スクリプトへ実行権限付加};| |[root@centos ~]# ./pflogsumm_report &color(lime){← pflogsumm実行スクリプト実行};| |[root@localhost ~]# chmod 700 pflogsumm_report &color(lime){← pflogsumm実行スクリプトへ実行権限付加};| |[root@localhost ~]# ./pflogsumm_report &color(lime){← pflogsumm実行スクリプト実行};| 以下のようなメールがpostmaster宛に送られてくることを確認 Postfix log summaries for Feb 16 Grand Totals ------------ messages 4 received 4 delivered 0 forwarded 0 deferred 0 bounced 4 rejected (50%) 0 reject warnings 0 held 0 discarded (0%) 31578 bytes received 31578 bytes delivered 2 senders 2 sending hosts/domains 2 recipients 1 recipient hosts/domains message deferral detail: none message bounce detail (by relay): none message reject detail --------------------- RCPT 550 : Recipient address rejected: User unknown in local recipient table; from= to= proto=SMTP helo= (total: 1) 1 xxxxxxxx.com 550 : Recipient address rejected: User unknown in local recipient table; from= to= proto=SMTP helo= (total: 1) 1 62.63.187.136 554 : Relay access denied; from= to= proto=SMTP helo= (total: 1) 1 dyxnet.com 554 : Relay access denied; from= to= proto=SMTP helo= (total: 1) 1 210.200.18.153 message reject warning detail: none message hold detail: none message discard detail: none smtp delivery failures: none Warnings: none Fatal Errors: none Panics: none Master daemon messages: none Per-Hour Traffic Summary time received delivered deferred bounced rejected -------------------------------------------------------------------- 0000-0100 0 0 0 0 0 0100-0200 0 0 0 0 0 0200-0300 0 0 0 0 0 0300-0400 0 0 0 0 0 0400-0500 2 2 0 0 0 0500-0600 0 0 0 0 0 0600-0700 0 0 0 0 0 0700-0800 0 0 0 0 1 0800-0900 0 0 0 0 0 0900-1000 0 0 0 0 1 1000-1100 0 0 0 0 0 1100-1200 0 0 0 0 0 1200-1300 0 0 0 0 0 1300-1400 0 0 0 0 1 1400-1500 0 0 0 0 0 1500-1600 0 0 0 0 0 1600-1700 2 2 0 0 0 1700-1800 0 0 0 0 0 1800-1900 0 0 0 0 0 1900-2000 0 0 0 0 0 2000-2100 0 0 0 0 0 2100-2200 0 0 0 0 1 2200-2300 0 0 0 0 0 2300-2400 0 0 0 0 0 Host/Domain Summary: Message Delivery sent cnt bytes defers avg dly max dly host/domain -------- ------- ------- ------- ------- ----------- 4 31578 0 26.5 s 1.2 m xxxxxxxx.com Host/Domain Summary: Messages Received msg cnt bytes host/domain -------- ------- ----------- 2 27078 xxxxxxxx.com 2 4500 xxxxxxxx.jp Senders by message count ------------------------ 2 root@xxxxxxxx.com 2 apache@xxxxxxxx.jp Recipients by message count --------------------------- 2 root@xxxxxxxx.com 2 webmaster@xxxxxxxx.com Senders by message size ----------------------- 27078 root@xxxxxxxx.com 4500 apache@xxxxxxxx.jp Recipients by message size -------------------------- 16517 webmaster@xxxxxxxx.com 15061 root@xxxxxxxx.com Current Mail Queue ------------------ Mail queue is empty *pflogsumm定期自動実行設定 [#k9a56514] |BGCOLOR(black):COLOR(white):|c |[root@centos ~]# mv pflogsumm_report /etc/cron.daily/ &color(lime){← ''pflogsumm''実行スクリプトを毎日自動実行されるディレクトリへ移動};| |[root@localhost ~]# mv pflogsumm_report /etc/cron.daily/ &color(lime){← ''pflogsumm''実行スクリプトを毎日自動実行されるディレクトリへ移動};|
