[Esd-l] statistitc for procmail sanitizer
John D. Hardin
jhardin at impsec.org
Fri Mar 26 06:05:58 PST 2004
On Fri, 26 Mar 2004, [iso-8859-2] Mgr Marcela Donihova wrote:
> I'm looking for statistics of procmail sanitizer?
>
> Exist that aplication?
Kind of. It's very lightweight.
If you define $SECURITY_MSGID_LOG to a file, then the sanitizer will
write the Message-ID of trapped messages to that file. You can do a
periodic "wc -l" on that file to see how many messages were trapped.
I have a little script that lets me tie this into MRTG so I get a
graph of quarantines over time. I suppose if you wanted to do more
statistical analysis you could do something like point
$SECURITY_MSGID_LOG at a named pipe and have the pipe reader log time
and so forth.
More complex analysis should probably just process the quarantine
folder directly.
What sort of statistics are you looking for?
--
John Hardin KA7OHZ ICQ#15735746 http://www.impsec.org/~jhardin/
jhardin at impsec.org FALaholic #11174 pgpk -a jhardin at impsec.org
key: 0xB8732E79 - 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
Failure to plan ahead on someone else's part does not constitute an
emergency on my part.
- David W. Barts in a.s.r
<davidb at ce.washington.edu>
-----------------------------------------------------------------------
10 days until Daylight Savings Time begins
More information about the esd-l
mailing list