Central Logging Question

Markus Benning ich at markusbenning.de
Tue Dec 2 13:20:30 CET 2014


Hi,

just use json log format and rsyslog.

In amavis config:

$logline_maxlen = ( 32*1024 ) - 50; # 32k max message size, keep 50 bytes for syslog
$log_templ = <<'EOD';
[:report_json]
EOD

You may want to increase the maximum message size in rsyslog:

$MaxMessageSize 32k

The default is afair 2k.

Then use a reliable logging to forward your log to a central log server:

http://www.rsyslog.com/doc/rsyslog_reliable_forwarding.html

On the central log server you can easily extract the data from your
logs with a log processor like logstash:

http://www.logstash.net/

If you want to build some kind of log statistic web site then elasticsearch
and kibana may be of intresst for you. Google for "ELK stack"

 Markus

On Sun, Nov 30, 2014 at 08:03:33PM +0100, Guido Kuehler wrote:
> Hello,
> 
> exists in Amavis a way to log information about an EMail-Transaction (Sender, Recipient,SenderIP,SpamCount,Attachments,Size,..)
> via HTTP or HTTPS Posting to a central System?OK, we can post all informations to a syslog and here parse but the parsing by
> this way is very hard.
> 
> Best Regards
> Guido Kuehler


More information about the amavis-users mailing list