get more details in JSON logs
Damian
amavis at arcsin.de
Thu Oct 31 23:57:08 CET 2019
> For about 5 years now I'm using JSON log output of Amavisd to feed logs into a Splunk indexer. It's incredibly useful on a daily basis and I would like to extend this a little bit: is it possible to get in the JSON log entry of a message the listing of files names attached to the message?
If you are logging via a $log_templ macro, this is not possible as far
as I can tell. If you log into redis, this "config" snippet might work
for you. No guarantees, though.
> package Amavis::Custom {
> use strict;
> use warnings;
> no warnings qw(uninitialized redefine);
>
> sub new { bless {}, shift }
>
> sub mail_done {
>
> return unless $Amavis::report_ref;
>
> my ($self, $conn, $msginfo) = @_;
> my $part;
>
> for (my(@unvisited)=($msginfo->parts_root);
> @unvisited and $part=shift(@unvisited);
> push(@unvisited,@{$part->children})
> ){
> if ($part->mime_placement and
> $part->mime_placement =~ '^\d+/\d+$' and
> $part->name_declared
> ){
> push @{$Amavis::report_ref->{file_names}}, $part->name_declared;
> }
> }
> }
> }
>
> 1;
More information about the amavis-users
mailing list