トップ 差分 一覧 ソース 検索 ヘルプ RSS ログイン

PRG-py_postfix-log

How to use

python plog.py YourChkMailAddress 10:30
or
python plog.py test@your.mail.address 99:99
99:99 is all

tips

[A-F0-9]{11} <<< 装置毎に桁数をチェックすること

source

#!/usr/bin/env python
#
import sys
import re
 
email_pattern = sys.argv[1]
## file = '/var/log/maillog'
file = './maillog'
timestamp = sys.argv[2]
sender_stat = []
receiver_stat = []

def client(line):
   client = re.search(r'(client=)([\w\d\.-]+[\w\d\.-]\[[\d]{1,3}\.(?:[\d]{1,3})\.(?:[\d]{1,3})\.(?:[\d]{1,3}\]))', line)
   if client:
       print re.search('(\w{3}[^a-zA-Z]+)+', line).group(), re.search('([A-F0-9]{11})(:)', line).group(1), '[Client connected from ip]:' , client.group(2)

def message_id(line):
   msg_id=re.search(r'message-id=<([\w\.-]+@[\w\.-]+)>', line)
   if msg_id:
       print re.search('(\w{3}[^a-zA-Z]+)+', line).group(), re.search('([A-F0-9]{11})(:)', line).group(1), "[Header]:", msg_id.group()

def message_from(line):
   sender = re.search('(from=<)([\w\.-]+@[\w\.-]+)(>)', line)
   number_of_recepients = re.search('(nrcpt=)(\d)',line)
   if sender: print re.search('(\w{3}[^a-zA-Z]+)+', line).group(), re.search('([A-F0-9]{11})(:)', line).group(1), "[Sender]:", sender.group(2)
   if number_of_recepients: print '[Number of recepients]:', number_of_recepients.group(2)

def message_to(line):
   receiver = re.search('(to=<)([\w\.-]+@[\w\.-]+)(>)', line)
   delays = re.search(r'(delays=)([\d+.\d.]+)([\/])([\d+.\d.]+)([\/])([\d+.\d.]+)([\/])([\d+.\d.]+)',line)
   if receiver: print re.search('(\w{3}[^a-zA-Z]+)+', line).group(), re.search('([A-F0-9]{11})(:)', line).group(1), "[Receiver]:", receiver.group(2), '\n[Postfix status]:'
   if delays:
       print '\t[Time before queue manager, including message transmission]:', delays.group(2), '\n','\t[Time in queue manager]:', delays.group(4),\
           '\n','\t[Conn setup time including DNS, HELO and TLS]:', delays.group(6), '\n', '\t[Message transmission time]:',delays.group(8),'\n','\t[Status of the message]:', line.split(',')[5:]

def status(line):
   status = re.search('removed', line)
   if status:
       print re.search('(\w{3}[^a-zA-Z]+)+', line).group(), re.search('([A-F0-9]{11})(:)', line).group(1), "[Message status in postfix queue]:",  status.group()

# Find transaction id
key_ids = []
def find_transaction_id(line):
   if len(timestamp)>1:
       ##  GREEN
       # print line
       ##  GREEN
       # if re.search(timestamp, line):
       if ( re.search(timestamp, line) or ( timestamp == '99:99') ):
           ##  GREEN
           # print line
           ##  GREEN
           from_ = re.search(r'(postfix/qmgr\[\d*\]: )([A-F0-9]{11})(: from=<)([\w\.-]+@[\w\.-]+)(>)', line)
           ## to_ = re.search(r'(postfix/lmtp\[\d*\]: )([A-F0-9]{11})(: to=<)([\w\.-]+@[\w\.-]+)(>)', line)
           ## to_ = re.search(r'(postfix/virtual\[\d*\]: )([A-F0-9]{11})(: to=<)([\w\.-]+@[\w\.-]+)(>)', line)
           to_ = re.search(r'(postfix/smtp\[\d*\]: )([A-F0-9]{11})(: to=<)([\w\.-]+@[\w\.-]+)(>)', line)
           ##  GREEN
           ## print to_
           ## print from_
           ##  GREEN
           if (from_) and (from_.group(2) not in key_ids):
               key_ids.append(from_.group(2))
               sender_stat.append(from_.group(3))
           elif (to_) and (to_.group(2) not in key_ids):
               key_ids.append(to_.group(2))
               receiver_stat.append(to_.group(3))
       else:
           pass
   else:
       ## to_ = re.search(r'(postfix/virtual\[\d*\]: )([A-F0-9]{10})(: to=<)([\w\.-]+@[\w\.-]+)(>)', line)
       from_ = re.search(r'(postfix/qmgr\[\d*\]: )([A-F0-9]{11})(: from=<)([\w\.-]+@[\w\.-]+)(>)', line)
       ## to_ = re.search(r'(postfix/lmtp\[\d*\]: )([A-F0-9]{11})(: to=<)([\w\.-]+@[\w\.-]+)(>)', line)
       ## to_ = re.search(r'(postfix/virtual\[\d*\]: )([A-F0-9]{11})(: to=<)([\w\.-]+@[\w\.-]+)(>)', line)
       to_ = re.search(r'(postfix/smtp\[\d*\]: )([A-F0-9]{11})(: to=<)([\w\.-]+@[\w\.-]+)(>)', line)
       if (from_) and (from_.group(2) not in key_ids):
          key_ids.append(from_.group(2))
       elif (to_) and (to_.group(2) not in key_ids):
          key_ids.append(to_.group(2))

# Find transaction ids
fh = open(file, 'r')
for line in fh:
       # print line
       if re.search(email_pattern, line):
           find_transaction_id(line)
fh.close()

matches = len(key_ids)
if matches > 0:
   print "This mailbox was found ", matches, " times as Sender\Receiver\n"
   print '**************************************'
else:
   print sys.exit("Matches not  found")

# Find all events related to that transaction ids elem in line
for elem in key_ids:
   for line in open(file,'r'):
       current_id = re.search(r'([A-F0-9]{11})(:)', line)
       if current_id and (elem == current_id.group(1)):
           client(line)
           message_id(line)
           message_from(line)
           message_to(line)
           status(line)
   print '**************************************'


print "\nI am done!"