> Ok, the following example assumes that the various binaries from
> qmailanalog (0.70) are in your path; this isn't the default, but
> it makes the command lines shorter.
>
> If your qmail logs go through splogger and then to syslog (Dan's default
> at the point qmailanalog was released) you need to strip the syslog
> timestamps, and then run the results through matchup:
>
> awk '{$1="";$2="";$3="";$4="";$5="";print}' </var/log/maillog \
> | matchup \
> > processed_log
>
> You now have a preprocessed log suitable for piping through any of
> the qmailanalog z* commands for stats, as follows:
>
> For basic overall stats:
> zoverall <processed_log
>
> For info on who is sending lots of mail:
> zsuids <processed_log
>
> For who is receiving lots of mail:
> zrecipients <processed_log
>
> etc, etc.
>
> Charles
(I wish that D. J. Bernstein, the programmer of qmailanalog, reads this
mailing list so he improves the documentation)
As my logs are created using cyclog I don't need to execute the awk, I
suppose.
Well, now I have in /var/log two directories: qmail and qmail-smtpd. Even if
this seems a stupid question, the files stored in qmail are of the outgoing
mails and inside qmail-smtpd are of the incoming mails?
When I say incoming mails I'm refering to those e-mails people send using my
server or the e-mails that reach the users on my server.
In both directories I have several files starting with "@", how do I "parse"
all of them with qmailanalog?
