On Fri, Nov 20, 2020 at 08:01:36AM +0000, Andrew C Aitchison via mailop wrote: > > The has been a request for Exim to have the ability to save the > server mainlog in json format 'to make it easier to "consume" it' > https://bugs.exim.org/show_bug.cgi?id=2610 > > The developers would like to use a "standard" schema; > does anyone use or know of a JSON schema for mail servers logs ?
I would suggest looking at what happens in elasticsearch-land for this. The more useful approach in my opinion is to not mess with the log format at the source -- operators there will likely have scriptery to extract useful data from the existing format -- but rather parse at ingest to your logstash/ elastic/whatever-that-does-JSON I would not be terribly surprised to find that somebody has already found a way to ingest exim logs into elastic. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ "Remember to set the evil bit on all malicious network traffic" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds. _______________________________________________ mailop mailing list [email protected] https://list.mailop.org/listinfo/mailop
