[Mimedefang] RE: graphdefang and remote syslogs question
Lavoie,Alain [CMC]
Alain.Lavoie at ec.gc.ca
Wed Jun 18 08:27:01 EDT 2003
Hi,
you can use the --nomax option that will ignore the date.
--nomax Ignore the max date/time in the SummaryDB; add all lines from
the parsed file to the database.
We have 2 mail servers, i created a script that check the time stamp
in the log files and after it does a merge of the 2 log files and finally
i parse this log file.
Levoy
I have three servers running mimedefang. I would like to combine the
logs (md_logs) from all three servers in one place. To do this, I use
have two of the servers log local5 messages to the third server. So,
essentially the md_logs from mimedefang from all three machines get
logged to one mdefang.log file on one server.
The problem arises because the three servers are in three different time
zones. graphdefang creates its SummaryDB file the first time I run it
on the log file. The latest time it uses is off the server in the EST
zone (which happens to be the server that I log everything to). Now,
once that happens, anything that gets logged from the server in PST will
not show up in graphdefang... all those entries are getting logged with
their PST time.
...
So my question is, has anyone run across this or does anyone have any
suggestions? Obviously I either need to get all these servers logging
in one time format (two solaris 2.8 servers and Mandrake 9 server) or
get graphdefang to be smarter about what it does...
Any ideas appreciated.
Thank you,
Dan
More information about the MIMEDefang
mailing list