[Mimedefang] tmpfs queue directories

Cormack, Ken kcormack at acs.roadway.com
Mon Mar 29 13:12:54 EST 2004 

Everything you need to generate these numbers (and many more) is in your
sendmail log.  I run a script that greps and tallies anything I can think
of.

For example, here's a snippet of code from my script.  This code shows the
viruses stopped by MIMEDefang and my antivirus package (I use Vexira)...

  VIRUS_NAMES=`grep MDLOG ${LOG} \
  | grep "[_,]virus," \
  | awk '{ print $6 }' \
  | cut -f4 -d"," \
  | cut -f1 -d"@" \
  | sort -u`
  if [ "${VIRUS_NAMES}" != "" ]
  then
    print "\nMIMEDEFANG STOPPED THE FOLLOWING VIRUSES"
    for V_NAME in ${VIRUS_NAMES}
    do
      V_COUNT=`grep MDLOG ${LOG} \
      | grep ${V_NAME} \
      | wc -l`
      print "${V_COUNT}Hits: ${V_NAME}"
    done
  fi

The output of that piece of script looks like this:

MIMEDEFANG STOPPED THE FOLLOWING VIRUSES
      15 Hits: Heuristic/PwdRAR
       3 Hits: W32/Bagle.P.1
      48 Hits: W32/Bagle.j
       2 Hits: W32/Bugbear.b
      12 Hits: W32/Klez.gen
       1 Hits: W32/Mydoom
      37 Hits: W32/Netsky
      10 Hits: W32/Netsky.c
       2 Hits: W32/Netsky.j
      24 Hits: W32/Netsky.p
       1 Hits: W32/Sobig.f
      11 Hits: Worm/Bagle.H
       1 Hits: Worm/Bagle.Htm.11
       1 Hits: Worm/Bagle.Htm.12
      14 Hits: Worm/Bagle.J
      11 Hits: Worm/Bagle.O
      49 Hits: Worm/Bagle.U.2
       2 Hits: Worm/Mydoom.F
       2 Hits: Worm/NetSky.B.1
      27 Hits: Worm/NetSky.P
       3 Hits: Worm/Netsky.K

The code may not be optimal, but it works just fine.

KEN CORMACK, RHCE
Sr. UNIX Systems Analyst,
    Open Systems Group
Sr. Software Analyst,
    TSG Midrange Systems Group
AFFILIATED COMPUTER SERVICES, INC.

-----Original Message-----
From: mimedefang-bounces at lists.roaringpenguin.com
[mailto:mimedefang-bounces at lists.roaringpenguin.com]On Behalf Of
WBrown at e1b.org
Sent: Monday, March 29, 2004 12:52 PM
To: mimedefang at lists.roaringpenguin.com
Subject: RE: [Mimedefang] tmpfs queue directories


mimedefang-bounces at lists.roaringpenguin.com wrote on 03/29/2004 08:38:26 
AM:
> 
> For example, on my servers, I track, on a daily basis, such statistics 
as
> average and peak message flow-rates, and average and largest message 
size.
> I also take rapid (every 2-seconds) snapshots of my ramdisk utilization, 
to
> watch for the 24-hour peak.  For example, here are samples from this
> morning's reports for one of my systems.  My sendmail allows a max
> attachment size of 50MB.

How do you collect all those statistics?  I'm fairly new to this and I'd 
love to show reports like this to managgement.  It's the sort of stuff 
they drool over!  Oh, and it would help me manage the system. <g>
_______________________________________________
Visit http://www.mimedefang.org and http://www.canit.ca
MIMEDefang mailing list
MIMEDefang at lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang

More information about the MIMEDefang mailing list