[Mimedefang] tmpfs queue directories
Cormack, Ken
kcormack at acs.roadway.com
Mon Mar 29 13:12:54 EST 2004
Everything you need to generate these numbers (and many more) is in your
sendmail log. I run a script that greps and tallies anything I can think
of.
For example, here's a snippet of code from my script. This code shows the
viruses stopped by MIMEDefang and my antivirus package (I use Vexira)...
VIRUS_NAMES=`grep MDLOG ${LOG} \
| grep "[_,]virus," \
| awk '{ print $6 }' \
| cut -f4 -d"," \
| cut -f1 -d"@" \
| sort -u`
if [ "${VIRUS_NAMES}" != "" ]
then
print "\nMIMEDEFANG STOPPED THE FOLLOWING VIRUSES"
for V_NAME in ${VIRUS_NAMES}
do
V_COUNT=`grep MDLOG ${LOG} \
| grep ${V_NAME} \
| wc -l`
print "${V_COUNT}Hits: ${V_NAME}"
done
fi
The output of that piece of script looks like this:
MIMEDEFANG STOPPED THE FOLLOWING VIRUSES
15 Hits: Heuristic/PwdRAR
3 Hits: W32/Bagle.P.1
48 Hits: W32/Bagle.j
2 Hits: W32/Bugbear.b
12 Hits: W32/Klez.gen
1 Hits: W32/Mydoom
37 Hits: W32/Netsky
10 Hits: W32/Netsky.c
2 Hits: W32/Netsky.j
24 Hits: W32/Netsky.p
1 Hits: W32/Sobig.f
11 Hits: Worm/Bagle.H
1 Hits: Worm/Bagle.Htm.11
1 Hits: Worm/Bagle.Htm.12
14 Hits: Worm/Bagle.J
11 Hits: Worm/Bagle.O
49 Hits: Worm/Bagle.U.2
2 Hits: Worm/Mydoom.F
2 Hits: Worm/NetSky.B.1
27 Hits: Worm/NetSky.P
3 Hits: Worm/Netsky.K
The code may not be optimal, but it works just fine.
KEN CORMACK, RHCE
Sr. UNIX Systems Analyst,
Open Systems Group
Sr. Software Analyst,
TSG Midrange Systems Group
AFFILIATED COMPUTER SERVICES, INC.
-----Original Message-----
From: mimedefang-bounces at lists.roaringpenguin.com
[mailto:mimedefang-bounces at lists.roaringpenguin.com]On Behalf Of
WBrown at e1b.org
Sent: Monday, March 29, 2004 12:52 PM
To: mimedefang at lists.roaringpenguin.com
Subject: RE: [Mimedefang] tmpfs queue directories
mimedefang-bounces at lists.roaringpenguin.com wrote on 03/29/2004 08:38:26
AM:
>
> For example, on my servers, I track, on a daily basis, such statistics
as
> average and peak message flow-rates, and average and largest message
size.
> I also take rapid (every 2-seconds) snapshots of my ramdisk utilization,
to
> watch for the 24-hour peak. For example, here are samples from this
> morning's reports for one of my systems. My sendmail allows a max
> attachment size of 50MB.
How do you collect all those statistics? I'm fairly new to this and I'd
love to show reports like this to managgement. It's the sort of stuff
they drool over! Oh, and it would help me manage the system. <g>
_______________________________________________
Visit http://www.mimedefang.org and http://www.canit.ca
MIMEDefang mailing list
MIMEDefang at lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
More information about the MIMEDefang
mailing list