On Thu, Nov 23, 2006, Philip Hazel wrote: >>> I'm having a problem with log parsing. I'm trying to take some >>> assumptions, I'd like you to correct or confirm them.
>>> Field `H=' contains connecting host name. If host doesn't resolve and >> [...] >> your best bet is probably to read the bit of the source >> that generates those lines -- src/deliver.c looks like it >> from a quick grep. > Or how about reading the documentation? There's a whole chapter called > "Log files", which has a section called "Logging message reception". Are > these hard to find? They aren't hard to find. I made a mistake of asking without reading the docs for no real reason. Sorry. I wrote a log parser in Perl. If anyone is interested, here are recognized switches: -f <sender> -r <recipient> -s <subject> # subject header -u <luser> # authenticated sender luser -l <luser> # from/to luser -h <host> # sender host name -m <mx> # receiving host -i <id> # message ID -s <regexp> # any part -a # print everything Produces output in the following format: mesg: [1GnH2C-0007FM-LJ] at 2006-11-23 17:02:58 conn: c182-250.icpnet.pl [85.221.182.250] P=esmtpsa HELO=enkidu.local X=TLS-1.0 A=plain:sthalik S=1275 from: <[EMAIL PROTECTED]>; [EMAIL PROTECTED] subj: log parsing question sent: <[email protected]>; at 2006-11-23 17:02:58; H=sesame.csx.cam.ac.uk DT=14s QT=14s It's available at <http://tehran.lain.pl/stuff/exisearch> I'd love to hear from those who decide to use it, as well as those who see any room for improvements. -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
