mailscanner converter - syntax errors

Brian Murphy brian.p.murphy at gmail.com
Fri Sep 23 01:12:31 CEST 2005 

So I dropped the MailScanner log into my instance of the splunk (
http://www.splunk.com?ac=bm) log analysis engine. It seemed to process it
fine. I was then able to query for "mailscanner spam found" and it showed me
the 4 spam events and in the events by time window I was able to see where
they occured.
Hope this helps,
Brian


On 9/22/05, Wytze van der Raay <wytze at nlnet.nl> wrote:
>
> Hi Mikael,
>
> > ...
> > Thanks Wytze !
> > Alas, the converter is recognized but it does not generate any output.
>
> It's quite conceivable that my script isn't quite right, it was a proof
> of concept, but it did and does work for my mailscanner/sendmail log
> files.
> I ran it on the small sample log file you included in your message, and
> indeed the report mentions four log records, but 0 spam -- but this seems
> correct to me, since your sample does not contain any mentioning of
> detected spam.
>
> Regards,
> Wytze van der Raay
>
>
> Report generated: 2005-09-22 12:00:57 CEST
> Reporting on period:
> 2005-09-20 00:00:17 CEST - 2005-09-20 08:04:59 CEST
>
> Statistics
> ----------
>
> Messages Scanned by 1d Period
>
> Period Messages % Total
> ------------------------------------------------------- -------- -------
> 2005-09-19 1 25.0
> 2005-09-20 3 75.0
> ------------------------------------------------------- -------- -------
> Total for 4 records 4 100.0
>
>
> Total Number of Messages Tagged As SPAM by 1d Period
>
> No content in report.
>
>
> Maximum SPAM Score by 1d Period
>
> Period Max Score
> -------------------------------------------------------------- ---------
> 2005-09-19 NaN
> 2005-09-20 NaN
> -------------------------------------------------------------- ---------
> Total for 4 records NaN
>
>
> Delay by 1d Period
>
> Period Avg Delay Max Delay
> ---------------------------------------------------- --------- ---------
> 2005-09-19 0s NaN
> 2005-09-20 0s NaN
> ---------------------------------------------------- --------- ---------
> Total for 4 records 0s NaN
>
>
> Mailboxes
> ---------
>
> Top 10 People Receiving SPAM
>
> No content in report.
>
>
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.logreport.org/pipermail/questions/attachments/20050922/a50a7604/attachment.html

More information about the Questions mailing list