[Esd-l] Sanitizer and logrotate
Smart, Dan
SmartD at VMCMAIL.com
Wed Nov 6 07:07:01 PST 2002
Classification: PUBLIC
/var/log/maillog {
daily
rotate 30
prerotate
postfix check
echo "Postfix Log Summary for $(date --date=yesterday '+%m-%d-%y')"
> /var/log/pflogsumm/pf$(date --date=yesterday '+%m%d%y')
pflogsumm.pl -f -i --problems_first --rej_add_from --smtpd_stats
--verp_mung=2 -q -u 40 -h 40 /var/log/maillog >> /var/log/pflogsumm/pf$(date
--date=yesterday '+%m%d%y')
cat /var/log/pflogsumm/pf$(date --date=yesterday '+%m%d%y') |
sendEmail -f pf at dalton.vul.com -t mailadmin at domain.com -u "Postfix Mail
Summary"
endscript
postrotate
/bin/kill -HUP `cat /var/run/syslogd.pid 2> /dev/null` 2> /dev/null
|| true
compare-dnsbl /var/log/maillog.1 &
endscript
}
/var/log/procmail {
daily
rotate 30
prerotate
echo "Sanitizer Virus Summary for $(date --date=yesterday
'+%m-%d-%y')" > /var/log/pflogsumm/san$(date --date=yesterday '+%m%d%y')
echo "Number of Klez Worm Occurrences" >>
/var/log/pflogsumm/san$(date --date=yesterday '+%m%d%y')
egrep -i -c "Trapped Klez worm" /var/log/procmail >>
/var/log/pflogsumm/san$(date --date=yesterday '+%m%d%y')
echo "Number of SirCam Worm Occurrences" >>
/var/log/pflogsumm/san$(date --date=yesterday '+%m%d%y')
egrep -i -c "Trapped SirCam worm" /var/log/procmail >>
/var/log/pflogsumm/san$(date --date=yesterday '+%m%d%y')
echo "Number of BadTrans Worm Occurrences" >>
/var/log/pflogsumm/san$(date --date=yesterday '+%m%d%y')
egrep -i -c "Trapped BadTrans worm" /var/log/procmail >>
/var/log/pflogsumm/san$(date --date=yesterday '+%m%d%y')
echo "Number of Other Dangerous Executable Occurrences" >>
/var/log/pflogsumm/san$(date --date=yesterday '+%m%d%y')
egrep -i -c poisoned /var/log/procmail >>
/var/log/pflogsumm/san$(date --date=yesterday '+%m%d%y')
echo " " >> /var/log/pflogsumm/san$(date --date=yesterday '+%m%d%y')
egrep -i poisoned /var/log/procmail >> /var/log/pflogsumm/san$(date
--date=yesterday '+%m%d%y')
echo " " >> /var/log/pflogsumm/san$(date --date=yesterday '+%m%d%y')
echo "Number of Stripped Attachments" >>
/var/log/pflogsumm/san$(date --date=yesterday '+%m%d%y')
egrep -i -c stripped /var/log/procmail >>
/var/log/pflogsumm/san$(date --date=yesterday '+%m%d%y')
echo " " >> /var/log/pflogsumm/san$(date --date=yesterday '+%m%d%y')
egrep -i stripped /var/log/procmail >> /var/log/pflogsumm/san$(date
--date=yesterday '+%m%d%y')
echo " " >> /var/log/pflogsumm/san$(date --date=yesterday '+%m%d%y')
echo "Number of SPAM Messages (SA>7.0)" >>
/var/log/pflogsumm/san$(date --date=yesterday '+%m%d%y')
egrep -i -c procmail.spam /var/log/procmail >>
/var/log/pflogsumm/san$(date --date=yesterday '+%m%d%y')
echo "Number of SPAM Suspect Messages (5.1<SA<7.0)" >>
/var/log/pflogsumm/san$(date --date=yesterday '+%m%d%y')
egrep -i -c procmail.suspect /var/log/procmail >>
/var/log/pflogsumm/san$(date --date=yesterday '+%m%d%y')
echo "Number of Whitelisted SPAM Messages" >>
/var/log/pflogsumm/san$(date --date=yesterday '+%m%d%y')
egrep -i -c procmail.whitelist /var/log/procmail >>
/var/log/pflogsumm/san$(date --date=yesterday '+%m%d%y')
cat /var/log/pflogsumm/san$(date --date=yesterday '+%m%d%y') | mail
-s "Dalton Virus Summary" mailadmin at domain@vul.com
endscript
postrotate
chmod 664 /var/log/procmail
chown root:filter /var/log/procmail
endscript
}
<<Dan>>
|-----Original Message-----
|From: Informatica - Fenac [mailto:informatica at fenac.com.br]
|Sent: Wednesday, November 06, 2002 5:27 AM
|To: esd-l at spconnect.com
|Subject: [Esd-l] Sanitizer and logrotate
|
|
|I would like to take a sample of logrotate configuration to
|manager sanitizer logfiles.
|
|Thank you.
|
|
|Geovane Gongalves
|Informatica-Fenac S/A
|Novo Hamburgo - Brasil
|www.fenac.com.br _______________________________________________
|Esd-l mailing list
|Esd-l at spconnect.com http://www.spconnect.com/mailman/listinfo/esd-l
|
More information about the esd-l
mailing list