Analysis tool for Postfix log in /var/log/maillog
- Load maillog file
- Identify text or gzip automatically
- Parse maillog
- Use regex
- Convert to Python dictionary
- Output the parsed maillog to files
- Supported data format is CSV, TSV and JSON
- Compression (gzip) is possible
pip install mailloggerusage: maillogger [-h] [-f {csv,tsv,json}] [-c] [-V] source_file target_file
Analysis tool for Postfix log in /var/log/maillog
positional arguments:
source_file Specify Postfix maillog file
target_file Specify the filename to write parsed maillog. The file
extension is automatically added to the end of
filename.
optional arguments:
-h, --help show this help message and exit
-f {csv,tsv,json}, --format {csv,tsv,json}
File data format to write the parsed maillog (Default:
csv)
-c, --compress Compress the output file with gzip
-V, --version Show maillogger command version
maillogger /var/log/maillog resultor
maillogger /var/log/maillog result -f csvThen, result.csv is generated in current working directory.
maillogger /var/log/maillog result -f jsonmaillogger /var/log/maillog result -f tsvmaillogger /var/log/maillog result -f csv -cThen, result.csv.gz is generated in current working directory.
- Convert maillog text to CSV file
maillogger /var/log/maillog /path/to/any -f csv- Create Table
CREATE TABLE maillog
(
mail_id VARCHAR(15) NOT NULL,
to_address VARCHAR(50) NOT NULL,
relay text,
delay VARCHAR(10),
delays VARCHAR(20),
dsn VARCHAR(10),
status VARCHAR(10),
description text,
datetime DATETIME NOT NULL,
PRIMARY KEY (mail_id, datetime),
INDEX i_status(status)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;- Load CSV file
LOAD DATA INFILE '/path/to/any.csv'
IGNORE INTO TABLE maillog
FIELDS TERMINATED BY ',' OPTIONALLY ENCLOSED BY '"'
LINES TERMINATED BY '\r\n'
IGNORE 1 LINES;