Mailserver - Logfileauswertungen unter CentOS 6.x
Damit wir uns im laufenden Betrieb regelmäßigen über den aktuellen Status ein Bildmachen können, ohne dazu extra langwierig im Logfile unseres Mailservers herumzusuchen, stehen uns mehrere Hilfsprogramme zur Verfügung.
Im Detail wollen wir uns nun drei der Varianten genauer ansehen.
pflogsumm
Mit Hilfe dieses kleinen Perlscriptes können wir uns einen täglichen Statusbericht unseres Mailservers erstellen lassen und wissen so das was unserem MX widerfahren ist. :) Das Perlscript pflogsumm wertet hierzu das Logfile /var/log/maillog unseres Mailservers aus.
Installation
Das Perlscript pflogsumm befindet sich unter CentOS 6.x im Paket postfix-perl-scripts. Die Installation dieses Paketes gestaltet sich im gewohnten Maße sehr einfach mit Hilfe von YUM.
# yum install postfix-perl-scripts -y
Was uns bei der Installation dieses Paketes alles mitgebracht wurde, zeigt uns folgender Aufruf.
# rpm -qil postfix-perl-scripts
Name : postfix-perl-scripts Relocations: (not relocatable)
Version : 2.6.6 Vendor: CentOS
Release : 2.2.el6_1 Build Date: Sat 03 Dec 2011 06:01:00 AM CET
Install Date: Sun 03 Jun 2012 07:18:19 PM CEST Build Host: c6b18n3.bsys.dev.centos.org
Group : Applications/System Source RPM: postfix-2.6.6-2.2.el6_1.src.rpm
Size : 106404 License: IBM
Signature : RSA/SHA1, Wed 07 Dec 2011 07:15:05 PM CET, Key ID 0946fca2c105b9de
Packager : CentOS BuildSystem <http://bugs.centos.org>
URL : http://www.postfix.org
Summary : Postfix utilities written in perl
Description :
This package contains perl scripts pflogsumm and qshape.
Pflogsumm is a log analyzer/summarizer for the Postfix MTA. It is
designed to provide an over-view of Postfix activity. Pflogsumm
generates summaries and, in some cases, detailed reports of mail
server traffic volumes, rejected and bounced email, and server
warnings, errors and panics.
qshape prints Postfix queue domain and age distribution.
/usr/sbin/pflogsumm
/usr/sbin/qshape
/usr/share/doc/postfix-2.6.6/pflogsumm-faq.txt
/usr/share/man/man1/pflogsumm.1.gz
/usr/share/man/man1/qshape.1.gz
Optionen beim Programmaufruf
Hinweise zur Konfiguration oder besser gesagt über die Optionen beim Aufruf des Programms zeigt ein Blick in die Manpage von pflogsumm.
PFLOGSUMM(1) User Contributed Perl Documentation PFLOGSUMM(1) NAME pflogsumm.pl - Produce Postfix MTA logfile summary Copyright (C) 1998-2007 by James S. Seymour, Release 1.1.1. SYNOPSIS pflogsumm.pl -[eq] [-d <today│yesterday>] [-h <cnt>] [-u <cnt>] [--verp_mung[=<n>]] [--verbose_msg_detail] [--iso_date_time] [-m│--uucp_mung] [-i│--ignore_case] [--smtpd_stats] [--mailq] [--problems_first] [--rej_add_from] [--no_bounce_detail] [--no_deferral_detail] [--no_reject_detail] [--no_no_msg_size] [--no_smtpd_warnings] [--zero_fill] [--syslog_name=string] [file1 [filen]] pflogsumm.pl -[help│version] If no file(s) specified, reads from stdin. Output is to stdout. DESCRIPTION Pflogsumm is a log analyzer/summarizer for the Postfix MTA. It is designed to provide an over-view of Postfix activity, with just enough detail to give the administrator a "heads up" for potential trouble spots. Pflogsumm generates summaries and, in some cases, detailed reports of mail server traffic volumes, rejected and bounced email, and server warnings, errors and panics. OPTIONS -d today generate report for just today -d yesterday generate report for just "yesterday" -e extended (extreme? excessive?) detail Emit detailed reports. At present, this includes only a per-message report, sorted by sender domain, then user-in-domain, then by queue i.d. WARNING: the data built to generate this report can quickly consume very large amounts of memory if a lot of log entries are processed! -h <cnt> top <cnt> to display in host/domain reports. 0 = none. See also: "-u" and "--no_*_detail" for further report-limiting options. --help Emit short usage message and bail out. (By happy coincidence, "-h" alone does much the same, being as it requires a numeric argument :-). Yeah, I know: lame.) -i --ignore_case Handle complete email address in a case-insensitive manner. Normally pflogsumm lower-cases only the host and domain parts, leaving the user part alone. This option causes the entire email address to be lower- cased. --iso_date_time For summaries that contain date or time information, use ISO 8601 standard formats (CCYY-MM-DD and HH:MM), rather than "Mon DD CCYY" and "HHMM". -m modify (mung?) UUCP-style bang-paths --uucp_mung This is for use when you have a mix of Internet-style domain addresses and UUCP-style bang-paths in the log. Upstream UUCP feeds sometimes mung Internet domain style address into bang-paths. This option can sometimes undo the "damage". For example: "somehost.dom!username@foo" (where "foo" is the next host upstream and "somehost.dom" was whence the email originated) will get converted to "foo!username@somehost.dom". This also affects the extended detail report (-e), to help ensure that by- domain-by-name sorting is more accurate. --mailq Run "mailq" command at end of report. Merely a convenience feature. (Assumes that "mailq" is in $PATH. See "$mailqCmd" variable to path thisi if desired.) --no_bounce_detail --no_deferral_detail --no_reject_detail Suppresses the printing of the following detailed reports, respectively: message bounce detail (by relay) message deferral detail message reject detail See also: "-u" and "-h" for further report-limiting options. --no_no_msg_size Do not emit report on "Messages with no size data". Message size is reported only by the queue manager. The message may be delivered long-enough after the (last) qmgr log entry that the information is not in the log(s) processed by a particular run of pflogsumm.pl. This throws off "Recipients by message size" and the total for "bytes delivered." These are normally reported by pflogsumm as "Messages with no size data." --no_smtpd_warnings On a busy mail server, say at an ISP, SMTPD warnings can result in a rather sizeable report. This option turns reporting them off. --problems_first Emit "problems" reports (bounces, defers, warnings, etc.) before "normal" stats. --rej_add_from For those reject reports that list IP addresses or host/domain names: append the email from address to each listing. (Does not apply to "Improper use of SMTP command pipelining" report.) -q quiet - don’t print headings for empty reports note: headings for warning, fatal, and "master" messages will always be printed. --smtpd_stats Generate smtpd connection statistics. The "per-day" report is not generated for single-day reports. For multiple-day reports: "per-hour" numbers are daily averages (reflected in the report heading). --syslog_name=name Set syslog_name to look for for Postfix log entries. By default, pflogsumm looks for entries in logfiles with a syslog name of "postfix," the default. If you’ve set a non-default "syslog_name" parameter in your Postfix configuration, use this option to tell pflogsumm what that is. See the discussion about the use of this option under "NOTES," below. -u <cnt> top <cnt> to display in user reports. 0 == none. See also: "-h" and "--no_*_detail" for further report-limiting options. --verbose_msg_detail For the message deferral, bounce and reject summaries: display the full "reason", rather than a truncated one. Note: this can result in quite long lines in the report. --verp_mung do "VERP" generated address (?) munging. Convert --verp_mung=2 sender addresses of the form "list-return-NN-someuser=some.dom@host.sender.dom" to "list-return-ID-someuser=some.dom@host.sender.dom" In other words: replace the numeric value with "ID". By specifying the optional "=2" (second form), the munging is more "aggressive", converting the address to something like: "list-return@host.sender.dom" Actually: specifying anything less than 2 does the "simple" munging and anything greater than 1 results in the more "aggressive" hack being applied. See "NOTES" regarding this option. --version Print program name and version and bail out. --zero_fill "Zero-fill" certain arrays so reports come out with data in columns that that might otherwise be blank. RETURN VALUE Pflogsumm doesn’t return anything of interest to the shell. ERRORS Error messages are emitted to stderr. EXAMPLES Produce a report of previous day’s activities: pflogsumm.pl -d yesterday /var/log/maillog A report of prior week’s activities (after logs rotated): pflogsumm.pl /var/log/maillog.0 What’s happened so far today: pflogsumm.pl -d today /var/log/maillog Crontab entry to generate a report of the previous day’s activity at 10 minutes after midnight. 10 0 * * * /usr/local/sbin/pflogsumm -d yesterday /var/log/maillog 2>&1 │/usr/bin/mailx -s "‘uname -n‘ daily mail stats" postmaster Crontab entry to generate a report for the prior week’s activity. (This example assumes one rotates ones mail logs weekly, some time before 4:10 a.m. on Sunday.) 10 4 * * 0 /usr/local/sbin/pflogsumm /var/log/maillog.0 2>&1 │/usr/bin/mailx -s "‘uname -n‘ weekly mail stats" postmaster The two crontab examples, above, must actually be a single line each. They’re broken-up into two-or-more lines due to page formatting issues. SEE ALSO The pflogsumm FAQ: pflogsumm-faq.txt. NOTES Pflogsumm makes no attempt to catch/parse non-Postfix log entries. Unless it has "postfix/" in the log entry, it will be ignored. It’s important that the logs are presented to pflogsumm in chronological order so that message sizes are available when needed. For display purposes: integer values are munged into "kilo" and "mega" notation as they exceed certain values. I chose the admittedly arbitrary boundaries of 512k and 512m as the points at which to do this--my thinking being 512x was the largest number (of digits) that most folks can comfortably grok at-a-glance. These are "computer" "k" and "m", not 1000 and 1,000,000. You can easily change all of this with some constants near the beginning of the program. "Items-per-day" reports are not generated for single-day reports. For multiple-day reports: "Items-per-hour" numbers are daily averages (reflected in the report headings). Message rejects, reject warnings, holds and discards are all reported under the "rejects" column for the Per-Hour and Per-Day traffic summaries. Verp munging may not always result in correct address and address-count reduction. Verp munging is always in a state of experimentation. The use of this option may result in inaccurate statistics with regards to the "senders" count. UUCP-style bang-path handling needs more work. Particularly if Postfix is not being run with "swap_bangpath = yes" and/or *is* being run with "append_dot_mydomain = yes", the detailed by-message report may not be sorted correctly by-domain-by-user. (Also depends on upstream MTA, I suspect.) The "percent rejected" and "percent discarded" figures are only approximations. They are calculated as follows (example is for "percent rejected"): percent rejected = (rejected / (delivered + rejected + discarded)) * 100 There are some issues with the use of --syslog_name. The problem is that, even with $syslog_name set, Postfix will sometimes still log things with "postfix" as the syslog_name. This is noted in /etc/postfix/sample-misc.cf: # Beware: a non-default syslog_name setting takes effect only # after process initialization. Some initialization errors will be # logged with the default name, especially errors while parsing # the command line and errors while accessing the Postfix main.cf # configuration file. As a consequence, pflogsumm must always look for "postfix," in logs, as well as whatever is supplied for syslog_name. Where this becomes an issue is where people are running two or more instances of Postfix, logging to the same file. In such a case: . Neither instance may use the default "postfix" syslog name and... . Log entries that fall victim to what’s described in sample-misc.cf will be reported under "postfix", so that if you’re running pflogsumm twice, once for each syslog_name, such log entries will show up in each report. The Pflogsumm Home Page is at: http://jimsun.LinxNet.com/postfix_contrib.html REQUIREMENTS For certain options (e.g.: --smtpd_stats), Pflogsumm requires the Date::Calc module, which can be obtained from CPAN at http://www.perl.com. Pflogsumm is currently written and tested under Perl 5.8.3. As of version 19990413-02, pflogsumm worked with Perl 5.003, but future compatibility is not guaranteed. LICENSE This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You may have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. An on-line copy of the GNU General Public License can be found http://www.fsf.org/copyleft/gpl.html. 1.1.1 2007-04-06 PFLOGSUMM(1)
Mit der Option -help werden die entsprechenden Optionen ebenfalls in Kurzform angezeigt.
# pflogsumm -help
usage: pflogsumm.pl -[eq] [-d <today|yesterday>] [-h <cnt>] [-u <cnt>] [--verp_mung[=<n>]] [--verbose_msg_detail] [--iso_date_time] [-m|--uucp_mung] [-i|--ignore_case] [--smtpd_stats] [--mailq] [--problems_first] [--rej_add_from] [--no_bounce_detail] [--no_deferral_detail] [--no_reject_detail] [--no_no_msg_size] [--no_smtpd_warnings] [--zero_fill] [--syslog_name=name] [file1 [filen]] pflogsumm.pl --[version|help]
manueller Programmaufruf
Wollen wir uns einen Bericht des heutigen Tages ansehen, so generieren wir diesen on-the-fly mit:
# /usr/sbin/pflogsumm -d today /var/log/maillog
Interessiert uns was gestern los war, so lautet der Aufgruf ganz einfach:
# /usr/sbin/pflogsumm -d yesterday /var/log/maillog
automatischer Programmaufruf
Für die tägliche Erstellung unserer Mailserverstatistik bemühen wir nun ganz einfach unseres cron-deamon.
Hierzu legen wir mit dem Editor unserer Wahl eine betreffende Konfigurationsdatei an, bzw. ergänzen die bereits vorhandene Datei.
# vim /etc/crontab
# Django : 2012-07-03 #täglicher Statusbericht unseres Mailservers postfix 10 0 * * * root /usr/sbin/pflogsumm -d yesterday /var/log/maillog 2>&1 | /bin/mailx -s "‘uname -n‘ daily mail stats" postmaster
Täglich um 00:10 Uhr wird die Statistik des letzten Tages erstellt und mittels mailx als eMail an den postmaster verschickt.
Date: Mon, 13 Oct 2008 00:10:03 +0200 (CEST)
From: root <root@nausch.org>
To: postmaster@nausch.org
Subject: ‘uname -n‘ daily mail stats
Postfix log summaries for Oct 12
Grand Totals
------------
messages
31 received
27 delivered
0 forwarded
0 deferred
0 bounced
339 rejected (92%)
0 reject warnings
0 held
0 discarded (0%)
353252 bytes received
353252 bytes delivered
16 senders
16 sending hosts/domains
4 recipients
1 recipient hosts/domains
Per-Hour Traffic Summary
time received delivered deferred bounced rejected
--------------------------------------------------------------------
0000-0100 0 0 0 0 0
0100-0200 0 0 0 0 0
0200-0300 0 0 0 0 0
0300-0400 0 0 0 0 0
0400-0500 1 0 0 0 3
0500-0600 1 1 0 0 24
0600-0700 0 0 0 0 10
0700-0800 0 0 0 0 2
0800-0900 4 3 0 0 7
0900-1000 3 3 0 0 18
1000-1100 3 2 0 0 18
1100-1200 2 2 0 0 29
1200-1300 2 2 0 0 25
1300-1400 2 1 0 0 20
1400-1500 0 0 0 0 37
1500-1600 0 0 0 0 22
1600-1700 0 0 0 0 24
1700-1800 2 2 0 0 31
1800-1900 3 3 0 0 12
1900-2000 3 3 0 0 10
2000-2100 4 4 0 0 19
2100-2200 1 1 0 0 2
2200-2300 0 0 0 0 19
2300-2400 0 0 0 0 7
Host/Domain Summary: Message Delivery
sent cnt bytes defers avg dly max dly host/domain
-------- ------- ------- ------- ------- -----------
27 353252 0 1.3 s 3.6 s nausch.org
...
...
Fatal Errors: none
Panics: none
Master daemon messages
----------------------
1 reload configuration /etc/postfix
mailgraph
Eine ansprechende graphische Übersicht kann mittels Mailgraph erstellt werden. Das passende Paket mailgraph installieren wir aus dem Repository epel.
Installation
Mit Hilfe von yum holen wir uns als erstes das benötigte Paket auf unser System.
# yum install mailgraph -y
Den Inhalt des Paketes inspizieren wir bei Bedarf mit folgendem Aufruf.
# rpm -qil mailgraph
Name : mailgraph Relocations: (not relocatable) Version : 1.14 Vendor: Fedora Project Release : 8.el6 Build Date: Sat 02 Oct 2010 03:26:31 PM CEST Install Date: Tue 03 Jul 2012 03:04:16 PM CEST Build Host: ppc02.phx2.fedoraproject.org Group : System Environment/Daemons Source RPM: mailgraph-1.14-8.el6.src.rpm Size : 68312 License: GPL+ Signature : RSA/8, Mon 04 Oct 2010 10:43:13 PM CEST, Key ID 3b49df2a0608b895 Packager : Fedora Project URL : http://mailgraph.schweikert.ch/ Summary : A RRDtool frontend for Mail statistics Description : Mailgraph is a very simple mail statistics RRDtool frontend for Postfix and Sendmail that produces daily, weekly, monthly and yearly graphs of received/sent and bounced/rejected mail. /etc/httpd/conf.d/mailgraph.conf /etc/rc.d/init.d/mailgraph /etc/sysconfig/mailgraph /usr/sbin/mailgraph /usr/share/doc/mailgraph-1.14 /usr/share/doc/mailgraph-1.14/CHANGES /usr/share/doc/mailgraph-1.14/COPYING /usr/share/doc/mailgraph-1.14/README /usr/share/mailgraph /usr/share/mailgraph/mailgraph.cgi /usr/share/mailgraph/mailgraph.css /var/cache/mailgraph /var/lib/mailgraph
Konfiguration
Die Konfiguration von mailgraph selbst gestaltet sich sehr einfach. Über die Konfigurationsdatei /etc/sysconfig/mailgraph können wir angeben wo das Logfile unseres Mailservers zu finden ist. Unter CentOS ist dies /var/log/maillog. Mit der Option –ignore-localhost können wir mailgraph anweisen, Nachrichten von localhost nicht in die Statistik aufzunehmen, die Mails also nicht „doppelt“ zu zählen, wenn z.B. Postfix _und_ AMaViS auf dem gleichen Host laufen.
# vim /etc/sysconfig/mailgraph
- /etc/sysconfig/mailgraph
MAILLOG=/var/log/maillog PRIORITY=-19 OPTIONS=--ignore-localhost
Will man die Sprache bei der Webseite, oder die Farben anpassen, so nimmt man die Änderungen direkt im CGI-Script vor.
# vim /usr/share/mailgraph/mailgraph.cgi
- /usr/share/mailgraph/mailgraph.cgi
#!/usr/bin/perl -w # mailgraph -- postfix mail traffic statistics # copyright (c) 2000-2007 ETH Zurich # copyright (c) 2000-2007 David Schweikert <david@schweikert.ch> # released under the GNU General Public License use RRDs; use POSIX qw(uname); my $VERSION = "1.14"; my $host = (POSIX::uname())[1]; my $scriptname = 'mailgraph.cgi'; my $xpoints = 540; my $points_per_sample = 3; my $ypoints = 160; my $ypoints_err = 96; my $rrd = '/var/lib/mailgraph/mailgraph.rrd'; # path to where the RRD database is my $rrd_virus = '/var/lib/mailgraph/mailgraph_virus.rrd'; # path to where the Virus RRD database is my $tmp_dir = '/var/cache/mailgraph'; # temporary directory where to store the images my @graphs = ( { title => 'Letzter Tag', seconds => 3600*24, }, { title => 'Letzte Woche', seconds => 3600*24*7, }, { title => 'Letzter Monat', seconds => 3600*24*31, }, { title => 'Letztes Jahr', seconds => 3600*24*365, }, ); my %color = ( sent => '000099', # rrggbb in hex received => '009900', rejected => 'AA0000', bounced => '000000', virus => 'DDBB00', spam => '999999', ); sub rrd_graph(@) { my ($range, $file, $ypoints, @rrdargs) = @_; my $step = $range*$points_per_sample/$xpoints; # choose carefully the end otherwise rrd will maybe pick the wrong RRA: my $end = time; $end -= $end % $step; my $date = localtime(time); $date =~ s|:|\\:|g unless $RRDs::VERSION < 1.199908; my ($graphret,$xs,$ys) = RRDs::graph($file, '--imgformat', 'PNG', '--width', $xpoints, '--height', $ypoints, '--start', "-$range", '--end', $end, '--vertical-label', 'msgs/min', '--lower-limit', 0, '--units-exponent', 0, # don't show milli-messages/s '--lazy', '--color', 'SHADEA#ffffff', '--color', 'SHADEB#ffffff', '--color', 'BACK#ffffff', $RRDs::VERSION < 1.2002 ? () : ( '--slope-mode'), @rrdargs, 'COMMENT:['.$date.']\r', ); my $ERR=RRDs::error; die "ERROR: $ERR\n" if $ERR; } sub graph($$) { my ($range, $file) = @_; my $step = $range*$points_per_sample/$xpoints; rrd_graph($range, $file, $ypoints, "DEF:sent=$rrd:sent:AVERAGE", "DEF:msent=$rrd:sent:MAX", "CDEF:rsent=sent,60,*", "CDEF:rmsent=msent,60,*", "CDEF:dsent=sent,UN,0,sent,IF,$step,*", "CDEF:ssent=PREV,UN,dsent,PREV,IF,dsent,+", "AREA:rsent#$color{sent}:Sent ", 'GPRINT:ssent:MAX:total\: %8.0lf msgs', 'GPRINT:rsent:AVERAGE:avg\: %5.2lf msgs/min', 'GPRINT:rmsent:MAX:max\: %4.0lf msgs/min\l', "DEF:recv=$rrd:recv:AVERAGE", "DEF:mrecv=$rrd:recv:MAX", "CDEF:rrecv=recv,60,*", "CDEF:rmrecv=mrecv,60,*", "CDEF:drecv=recv,UN,0,recv,IF,$step,*", "CDEF:srecv=PREV,UN,drecv,PREV,IF,drecv,+", "LINE2:rrecv#$color{received}:Received", 'GPRINT:srecv:MAX:total\: %8.0lf msgs', 'GPRINT:rrecv:AVERAGE:avg\: %5.2lf msgs/min', 'GPRINT:rmrecv:MAX:max\: %4.0lf msgs/min\l', ); } sub graph_err($$) { my ($range, $file) = @_; my $step = $range*$points_per_sample/$xpoints; rrd_graph($range, $file, $ypoints_err, "DEF:bounced=$rrd:bounced:AVERAGE", "DEF:mbounced=$rrd:bounced:MAX", "CDEF:rbounced=bounced,60,*", "CDEF:dbounced=bounced,UN,0,bounced,IF,$step,*", "CDEF:sbounced=PREV,UN,dbounced,PREV,IF,dbounced,+", "CDEF:rmbounced=mbounced,60,*", "AREA:rbounced#$color{bounced}:Bounced ", 'GPRINT:sbounced:MAX:total\: %8.0lf msgs', 'GPRINT:rbounced:AVERAGE:avg\: %5.2lf msgs/min', 'GPRINT:rmbounced:MAX:max\: %4.0lf msgs/min\l', "DEF:virus=$rrd_virus:virus:AVERAGE", "DEF:mvirus=$rrd_virus:virus:MAX", "CDEF:rvirus=virus,60,*", "CDEF:dvirus=virus,UN,0,virus,IF,$step,*", "CDEF:svirus=PREV,UN,dvirus,PREV,IF,dvirus,+", "CDEF:rmvirus=mvirus,60,*", "STACK:rvirus#$color{virus}:Viruses ", 'GPRINT:svirus:MAX:total\: %8.0lf msgs', 'GPRINT:rvirus:AVERAGE:avg\: %5.2lf msgs/min', 'GPRINT:rmvirus:MAX:max\: %4.0lf msgs/min\l', "DEF:spam=$rrd_virus:spam:AVERAGE", "DEF:mspam=$rrd_virus:spam:MAX", "CDEF:rspam=spam,60,*", "CDEF:dspam=spam,UN,0,spam,IF,$step,*", "CDEF:sspam=PREV,UN,dspam,PREV,IF,dspam,+", "CDEF:rmspam=mspam,60,*", "STACK:rspam#$color{spam}:Spam ", 'GPRINT:sspam:MAX:total\: %8.0lf msgs', 'GPRINT:rspam:AVERAGE:avg\: %5.2lf msgs/min', 'GPRINT:rmspam:MAX:max\: %4.0lf msgs/min\l', "DEF:rejected=$rrd:rejected:AVERAGE", "DEF:mrejected=$rrd:rejected:MAX", "CDEF:rrejected=rejected,60,*", "CDEF:drejected=rejected,UN,0,rejected,IF,$step,*", "CDEF:srejected=PREV,UN,drejected,PREV,IF,drejected,+", "CDEF:rmrejected=mrejected,60,*", "LINE2:rrejected#$color{rejected}:Rejected", 'GPRINT:srejected:MAX:total\: %8.0lf msgs', 'GPRINT:rrejected:AVERAGE:avg\: %5.2lf msgs/min', 'GPRINT:rmrejected:MAX:max\: %4.0lf msgs/min\l', ); } sub print_html() { print "Content-Type: text/html\n\n"; print <<HEADER; <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Mail statistics for $host</title> <meta http-equiv="Refresh" content="300" /> <meta http-equiv="Pragma" content="no-cache" /> <link rel="stylesheet" href="mailgraph.css" type="text/css" /> </head> <body> HEADER print "<h1>Mail Statistik für $host</h1>\n"; print "<ul id=\"jump\">\n"; for my $n (0..$#graphs) { print " <li><a href=\"#G$n\">$graphs[$n]{title}</a> </li>\n"; } print "</ul>\n"; for my $n (0..$#graphs) { print "<h2 id=\"G$n\">$graphs[$n]{title}</h2>\n"; print "<p><img src=\"$scriptname?${n}-n\" alt=\"mailgraph\"/><br/>\n"; print "<img src=\"$scriptname?${n}-e\" alt=\"mailgraph\"/></p>\n"; } print <<FOOTER; <hr/> <table><tr><td> <a href="http://mailgraph.schweikert.ch/">Mailgraph</a> $VERSION by <a href="http://david.schweikert.ch/">David Schweikert</a></td> <td align="right"> <a href="http://oss.oetiker.ch/rrdtool/"><img src="rrdtool.gif" alt="" width="120" height="34"/></a> </td></tr></table> </body></html> FOOTER } sub send_image($) { my ($file)= @_; -r $file or do { print "Content-type: text/plain\n\nERROR: can't find $file\n"; exit 1; }; print "Content-type: image/png\n"; print "Content-length: ".((stat($file))[7])."\n"; print "\n"; open(IMG, $file) or die; my $data; print $data while read(IMG, $data, 16384)>0; } sub main() { my $uri = $ENV{REQUEST_URI} || ''; $uri =~ s/\/[^\/]+$//; $uri =~ s/\//,/g; $uri =~ s/(\~|\%7E)/tilde,/g; mkdir $tmp_dir, 0777 unless -d $tmp_dir; mkdir "$tmp_dir/$uri", 0777 unless -d "$tmp_dir/$uri"; my $img = $ENV{QUERY_STRING}; if(defined $img and $img =~ /\S/) { if($img =~ /^(\d+)-n$/) { my $file = "$tmp_dir/$uri/mailgraph_$1.png"; graph($graphs[$1]{seconds}, $file); send_image($file); } elsif($img =~ /^(\d+)-e$/) { my $file = "$tmp_dir/$uri/mailgraph_$1_err.png"; graph_err($graphs[$1]{seconds}, $file); send_image($file); } else { die "ERROR: invalid argument\n"; } } else { print_html; } } main;
Apache VHost anlegen
Damit wir bequem von unserem Browser aus, die aktuellen Graphiken abfragen können, legen wir nun einen passenden VHost an.
# vim /etc/httpd/conf.d/vhosts.conf
- /etc/httpd/conf.d/vhosts.conf
# # mail-graph.nausch.org # <VirtualHost *:80> ServerAdmin webmaster@nausch.org ServerName mail-graph.nausch.org ServerAlias www.mail-graph.nausch.org ServerPath / DocumentRoot "/usr/share/mailgraph" AddHandler cgi-script .cgi <Directory "/usr/share/mailgraph"> AllowOverride None Options +ExecCGI DirectoryIndex mailgraph.cgi Order deny,allow Deny from all Allow from 127.0.0.1 Allow from 10.0.0.0/24 Allow from 10.0.10.0/26 </Directory> ErrorLog logs/mail-graph_error.log CustomLog logs/maild-graph_access.log combined </VirtualHost>
Anschließend starten wir unseren Webserver einmal durch, damit er den weiteren VHost auch verwenden kann.
# service postfix restart
httpd beenden: [ OK ] httpd starten: [ OK ]
Programmaufruf
manueller Start des Dämon
Damit das Mail-Logfile forlaufend ausgelesen wird, starten wir nun noch den Dämon mit Hilfe des mitgelieferten Init-Scriptes /etc/rc.d/init.d/mailgraph.
# service mailgraph start
Starting mailgraph: [ OK ]
automatischer Start des Dämon
Damit beim Systemstart der mailgraph-Dämon richtig gestartet wird, setzen wir die nötigen symlinks automatisch mit:
# chkconfig mailgraph on
Das Ganze überprüfen wir dann noch mittels
# chkconfig --list | grep mailgraph
mailgraph 0:off 1:off 2:on 3:on 4:on 5:on 6:off
Webaufruf
Über unseren Vhost erhalten wir nun optisch schön ansprechende Übersichten über den Mailverkehr unseres MX.
queuegraph
Möchte man einen graphischen Überblick über die Queues haben, so greifen wir auf das Programm Queuegraph von Ralf Hildebrandt zurück.
Das aktuelle Programmpaket queuegraph installieren am einfachsten aus dem Repository epel.
Installation
Mit Hilfe von yum holen wir uns als erstes das benötigte Paket auf unser System.
# yum install queuegraph -y
Den Inhalt des Paketes inspizieren wir bei Bedarf mit folgendem Aufruf.
# rpm -qil queuegraph
Name : queuegraph Relocations: (not relocatable) Version : 1.1 Vendor: Fedora Project Release : 6.el6 Build Date: Sat 03 Jul 2010 06:23:17 PM CEST Install Date: Sat 23 Feb 2013 07:01:56 PM CET Build Host: x86-02.phx2.fedoraproject.org Group : System Environment/Daemons Source RPM: queuegraph-1.1-6.el6.src.rpm Size : 6271 License: GPL+ Signature : RSA/8, Sat 03 Jul 2010 07:05:09 PM CEST, Key ID 3b49df2a0608b895 Packager : Fedora Project URL : http://www.arschkrebs.de/postfix/queuegraph/ Summary : A RRDtool frontend for Mail statistics Description : Queuegraph is a very simple mail statistics RRDtool frontend for Postfix that produces daily, weekly, monthly and yearly graphs of Postfix's active, deferred, incoming and bounce queues. /etc/cron.d/queuegraph /etc/httpd/conf.d/queuegraph.conf /usr/sbin/queuegraph-rrd.sh /usr/share/doc/queuegraph-1.1 /usr/share/doc/queuegraph-1.1/README /usr/share/queuegraph /usr/share/queuegraph/queuegraph.cgi /var/cache/queuegraph /var/lib/queuegraph
Konfiguration
Die Konfiguration von queuegraph selbst gestaltet sich sehr einfach, da es gar nichts großartrig zu konfigurieren gibt!
Will man die Sprache bei der Webseite, oder die Farben anpassen, so nimmt man die Änderungen direkt im CGI-Script vor.
# vim /usr/share/queuegraph/queuegraph.cgi
- /usr/share/queuegraph/queuegraph.cgi
#!/usr/bin/perl -w # queuegraph -- a postfix queue statistics rrdtool frontend # based on mailgraph, which is # copyright (c) 2000-2002 David Schweikert <dws@ee.ethz.ch> # released under the GNU General Public License use RRDs; use POSIX qw(uname); my $VERSION = "1.1"; my $host = (POSIX::uname())[1]; my $scriptname = 'queuegraph.cgi'; my $xpoints = 800; my $points_per_sample = 3; my $ypoints = 160; my $ypoints_err = 80; my $rrd = '/var/lib/queuegraph/mailqueues.rrd'; # path to where the RRD database is my $tmp_dir = '/var/cache/queuegraph'; # temporary directory where to store the images my $rrdtool_1_0 = ($RRDs::VERSION < 1.199908); my @graphs = ( { title => 'Day Graph', seconds => 3600*24, }, { title => 'Week Graph', seconds => 3600*24*7, }, { title => 'Month Graph', seconds => 3600*24*31, }, { title => 'Year Graph', seconds => 3600*24*365, }, ); my %color = ( sent => '000099', # rrggbb in hex received => '00FF00', rejected => '999999', bounced => '993399', virus => 'FFFF00', spam => 'FF0000', ); sub graph($$$) { my $range = shift; my $file = shift; my $title = shift; my $step = $range*$points_per_sample/$xpoints; my $date = localtime(time); $date =~ s|:|\\:|g unless $rrdtool_1_0; my ($graphret,$xs,$ys) = RRDs::graph($file, '--imgformat', 'PNG', '--width', $xpoints, '--height', $ypoints, '--start', "-$range", '--end', "-".int($range*0.01), '--vertical-label', 'queuefiles', '--title', $title, '--lazy', $rrdtool_1_0 ? () : ( '--slope-mode' ), "DEF:active=$rrd:active:AVERAGE", "DEF:deferred=$rrd:deferred:AVERAGE", 'LINE2:active#00ff00:Active+Incoming+Maildrop\:', 'GPRINT:active:MAX:Maximum\: %0.0lf ', 'GPRINT:active:AVERAGE:Average\: %0.0lf/min\n', 'LINE1:deferred#0000ff:Deferred\:', 'GPRINT:deferred:MAX:Maximum\: %0.0lf ', 'GPRINT:deferred:AVERAGE:Average\: %0.0lf/min\l', 'HRULE:0#000000', 'COMMENT:\n', 'COMMENT:['.$date.']\r', ); my $ERR=RRDs::error; die "ERROR: $ERR\n" if $ERR; } sub print_html() { print "Content-Type: text/html\n\n"; print <<HEADER; <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <HTML> <HEAD> <TITLE>Queue Statistics for $host</TITLE> </HEAD> <BODY BGCOLOR="#FFFFFF"> HEADER print "<H1>Postfix Queue Statistics for $host</H1>\n"; for my $n (0..$#graphs) { print "<H2>$graphs[$n]{title}</H2>\n"; print "<P><IMG BORDER=\"0\" SRC=\"$scriptname/queuegraph_${n}.png\" ALT=\"queuegraph\">\n"; } print <<FOOTER; <table border="0" width="400"><tr><td align="left"> <A href="http://www.arschkrebs.de/postfix/queuegraph">queuegraph</A> $VERSION by <A href="http://www.arschkrebs.de/">Ralf Hildebrandt</A>, based on <A href="http://mailgraph.schweikert.ch/">mailgraph</A> by <A href="http://david.schweikert.ch/">David Schweikert</A></td> <td ALIGN="right"> <a HREF="http://oss.oetiker.ch/rrdtool/"><img border="0" src="http://tobi.oetiker.ch/webtools/rrdtool/.pics/rrdtool.gif" alt="rrdtool" width="120" height="34"></a> </td></tr></table> </BODY> FOOTER } sub send_image($) { my $file = shift; -r $file or do { print "Content-Type: text/plain\n\nERROR: can't find $file\n"; exit 1; }; print "Content-Type: image/png\n"; print "Content-Length: ".((stat($file))[7])."\n"; print "\n"; open(IMG, $file) or die; my $data; print $data while read IMG, $data, 1; } sub main() { if($ENV{PATH_INFO}) { my $uri = $ENV{REQUEST_URI}; $uri =~ s/\/[^\/]+$//; $uri =~ s/\//,/g; $uri =~ s/\~/tilde,/g; mkdir "$tmp_dir/$uri", 0777 unless -d "$tmp_dir/$uri"; my $file = "$tmp_dir/$uri$ENV{PATH_INFO}"; if($ENV{PATH_INFO} =~ /^\/queuegraph_(\d+)\.png$/) { graph($graphs[$1]{seconds}, $file, $graphs[$1]{title}); } else { print "Content-Type: text/plain\n\nERROR: unknown image $ENV{PATH_INFO}\n"; exit 1; } send_image($file); } else { print_html; } } main;
Apache VHost anlegen
Damit wir bequem von unserem Browser aus, die aktuellen Graphiken abfragen können, legen wir nun einen passenden VHost an.
# vim /etc/httpd/conf.d/vhosts.conf
- /etc/httpd/conf.d/vhosts.conf
# # queue-graph.nausch.org # <VirtualHost *:80> ServerAdmin webmaster@nausch.org ServerName queue-graph.nausch.org ServerAlias www.queue-graph.nausch.org ServerPath / DocumentRoot "/usr/share/queuegraph" AddHandler cgi-script .cgi <Directory "/usr/share/queuegraph"> AllowOverride None Options +ExecCGI DirectoryIndex queuegraph.cgi Order deny,allow Deny from all Allow from 127.0.0.1 Allow from 10.0.0.0/24 Allow from 10.0.10.0/26 </Directory> ErrorLog logs/queue-graph_error.log CustomLog logs/queue-graph_access.log combined </VirtualHost>
Anschließend starten wir unseren Webserver einmal durch, damit er den weiteren VHost auch verwenden kann.
# service postfix restart
httpd beenden: [ OK ] httpd starten: [ OK ]
Alternativ dazu können wir natürlich auch die mitgelieferte Apache-Datei /etc/httpd/conf.d/queuegraph.conf verwenden.
- /etc/httpd/conf.d/queuegraph.conf
# # Queuegraph: An postfix/sendmail queue analyzer # Alias /queuegraph /usr/share/queuegraph AddHandler cgi-script .cgi <Directory /usr/share/queuegraph/> AllowOverride None Options +ExecCGI DirectoryIndex queuegraph.cgi Order Deny,Allow Deny from all Allow from 127.0.0.1 </Directory>
Programmaufruf
Die automatische Befüllung der rrd-files übernimmt ein cronjob, der jede Minute das Script queuegraph-rrd.sh startet.
# cat /etc/cron.d/queuegraph
- /etc/cron.d/queuegraph
# Runs the queuegraph update program # # This will run every one minute * * * * * root /usr/sbin/queuegraph-rrd.sh &> /dev/null
# less /usr/sbin/queuegraph-rrd.sh
- /usr/sbin/queuegraph-rrd.sh
#!/bin/sh # output the number of messages in the incoming, active, and deferred # queues of postfix one per line suitable for use with snmpd/cricket/rrdtool # # 2003/01/24 Mike Saunders <method at method DOT cx> # mailqsize was originally written by Vivek Khera. All I did was # make it update an rrd. # 2003/04/14 Ralf Hildebrandt <ralf.hildebrandt at charite DOT de> # I bundled this with a modified mailgraph # 2007/07/28 Ralf Hildebrandt <ralf.hildebrandt at charite DOT de> # find rrdtool using "which" # change this to the location of rrdtool RRDTOOL=`which rrdtool` # change this to the location you want to store the rrd RRDFILE=/var/lib/queuegraph/mailqueues.rrd if test ! -x $RRDTOOL ; then echo "ERROR: $RRDTOOL does not exist or is not executable" exit fi if test ! -f $RRDFILE ; then echo "Creating RRD file $RRDFILE" $RRDTOOL create $RRDFILE --step 60 \ DS:active:GAUGE:900:0:U \ DS:deferred:GAUGE:900:0:U \ RRA:AVERAGE:0.5:1:1440 \ RRA:AVERAGE:0.5:30:2016 \ RRA:AVERAGE:0.5:60:105120 \ RRA:MAX:0.5:1:1440 \ RRA:MAX:0.5:30:2016 \ RRA:MAX:0.5:60:105120 fi #set -x qdir=`/usr/sbin/postconf -h queue_directory` active=`find $qdir/incoming $qdir/active $qdir/maildrop -type f -print | wc -l | awk '{print $1}'` deferred=`find $qdir/deferred -type f -print | wc -l | awk '{print $1}'` #printf "active: %d\ndeferred: %d\n" $active $deferred $RRDTOOL update $RRDFILE "N:$active:$deferred"
Webaufruf
Über unseren Vhost erhalten wir nun optisch schön ansprechende Übersichten über die Mail-Queues unseres MX.
greygraph
Möchte man einen graphischen Überblick über das Verhalten rund um unseren Greylisting-Daemon postgrey haben, dann greifen wir auf das Programm Greygraph von Markus Neubauer zurück.
Das uns hierzu (Stand Februar 2013) noch kein RPM für CentOS 6.x zur Verfügung steht, müssen wir hier ein wenig Hand anlegen.
Download
Als erstes holen wir uns das tar.gz-Archiv von der Projektseite.
Hierzu wechseln wir erst einmal in unser lokales Installationsverzeichnis.
# cd /usr/local/src/packages
Dann laden wir uns das Paket herunter.
# wget http://www.std-soft.com/images/greygraph_r0.9.4.tar.gz
Installation
Nun entpacken wir das heruntergeladene tar.gz-Archiv.
# tar xfv greygraph_r0.9.4.tar.gz
Als Ergebnis haben wir dann folgendes auf die Platte bekommen.
packages/ ├── etc │ ├── default │ │ └── greygraph │ └── init.d │ └── greygraph ├── README-greygraph ├── usr │ ├── lib │ │ └── cgi-bin │ │ └── greygraph.cgi │ └── sbin │ └── greygraph └── var ├── cache │ └── greygraph ├── lib │ └── greygraph └── www └── css └── greygraph.css
In der Datei README-greygraph finden wir ein paar Informationen, die wir aber auf unserem CentOS-Host weitgehenst ignorieren können.
# less README-greygraph
GREYGRAPH postgrey/sqlgrey Monitoring mit Hilfe von rrdtool ================================================= Die Installation auf Debian/Ubuntu erfordert noch folgende Eingabe auf der Befehlszeile: mkdir -p /var/cache/greygraph # Das Verzeichnis /var/cache/greygraph/ benötigt Schreibrechte für den Webserver chgrp www-data /var/cache/greygraph/ chmod g+w /var/cache/greygraph/ # Evtl. anpassen der Konfiguration vi /etc/default/greygraph # evtl anpassen der Pfade im cgi script: # vi /usr/lib/cgi-bin/greygraph.cgi # starten der Datensammlung update-rc.d greygraph defaults /etc/init.d/greygraph start mkdir -p /var/lib/greygraph # das Verzeichnis /var/lib/greygraph dient der Sammlung der rrddaten # welche von dem Systemtask in /etc/init.d/greygraph erstellt werden. # Jetzt muss nur noch der Browser Aufruf erfolgen mit: # # http://your.domain.here/cgi-bin/greygraph.cgi # Fertig!
Wir werden daher nun als erstes die notwendigen Verzeichnissse anlegen, deren Rechte anpassen, Teile des entpackten Archivs an Ort und Stelle verschieben und die noch fehlenden Konfigurationsdateien hinterschieben.
- Verzeichnisse anlegen und Rechte anpassen:
# mkdir /usr/share/greygraph
# mkdir /usr/share/greygraph/
# chgrp apache /var/cache/greygraph/
# chmod g+w /var/cache/greygraph/
- vorhandene und nutzbare Dateien kopieren:
# mv /usr/local/src/packages/usr/sbin/greygraph /usr/sbin/
# mv /usr/local/src/packages/usr/lib/cgi-bin/greygraph.cgi /usr/share/greygraph/
# mv /usr/local/src/packages/var/www/css/greygraph.css /usr/share/greygraph/
# mv /usr/local/src/packages/etc/default/greygraph /etc/sysconfig/
- Dateien anpassen:
# vim /etc/sysconfig/greygraph
Hier löschen wir die nicht benötigten Zeilen, do dass hier nur noch die folgenden Zeilen überigbleiben.
- /etc/sysconfig/greygraph
# Django : 2013-02-23 Anpassungen für Greygraph unter CentOS 6.x MAIL_LOG=/var/log/maillog IGNORE_LOCALHOST=false RRD_DIR=/var/lib/greygraph
- Startscript für CentOS anlegen:
Damit der Daemondie relevanten Daten aus dem Maillog in die RRD-Datenbank automatisch schreiben kann, benötigen wir nun noch ein passendes Startscript. Dieses legen wir nun an.# vim /etc/init.d/greygraph
- /etc/init.d/greygraph
#!/bin/bash # # Startup script for the greygraph service # # chkconfig: - 82 28 # description: greygraph mail log file analyzer # processname: greygraph # pidfile: /var/run/greygraph.pid # config: ### BEGIN INIT INFO # Provides: greygraph # Required-Start: $local_fs # Should-Start: # Required-Stop: # Default-Stop: 0 1 2 6 # Short-Description: Start greygraph daemon # Description: Greygraph is a very simple mail statistics RRDtool \ # frontend for Postfix and Sendmail that produces daily, \ # weekly, monthly and yearly graphs of received/sent and \ # bounced/rejected mail and greylisting statistics. ### END INIT INFO MAILLOG=/var/log/maillog PRIORITY=-19 # Source function library. . /etc/rc.d/init.d/functions if [ -f /etc/sysconfig/greygraph ]; then . /etc/sysconfig/greygraph fi # Path to the greygraph script. exe=/usr/sbin/greygraph prog=greygraph RETVAL=0 start() { echo -n $"Starting $prog: " daemon nice $PRIORITY $exe -l $MAILLOG -d \ --daemon-pid=/var/run/greygraph.pid \ --daemon-rrd=/var/lib/greygraph $OPTIONS RETVAL=$? echo [ $RETVAL -eq 0 ] && touch /var/lock/subsys/$prog return $RETVAL } stop() { echo -n $"Stopping $prog: " killproc $exe RETVAL=$? echo [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/$prog /var/run/$prog.pid } reload() { echo -n $"Reloading $prog: " killproc $exe -HUP RETVAL=$? echo } # See how we were called. case "$1" in start) start ;; stop) stop ;; status) status $exe RETVAL=$? ;; restart) stop start RETVAL=$? ;; condrestart) if [ -f /var/run/$prog.pid ] ; then stop start RETVAL=$? fi ;; reload) reload ;; *) echo $"Usage: $prog {start|stop|restart|condrestart|reload|status}" RETVAL=3 esac exit $RETVAL
Anschließend geben wir der Datei noch die eXecutable-Rechte.
# chmod +x /etc/init.d/greygraph
- Apache Konfig:
Möchte man später auf die Darstellungsseite nach dem Muster http://example.com/greygraph zugreifen, benötigen wir noch eine kleine Konfigurationsdatei.# vim /etc/httpd/conf.d/greygraph.conf
- /etc/httpd/conf.d/greygraph.conf
# # Greygraph: An postfix/sendmail log file analyzer # Alias /greygraph /usr/share/greygraph AddHandler cgi-script .cgi <Directory /usr/share/greygraph/> AllowOverride None Options +ExecCGI DirectoryIndex greygraph.cgi Order Deny,Allow Deny from all Allow from 127.0.0.1 </Directory>
Alternativ können wir natürlich dazu einen eigenen Apache-vHOST verwenden. Auf dessen Konfiguration gehen wir gleich ein.
Apache VHost anlegen
Damit wir bequem von unserem Browser aus, die aktuellen Graphiken abfragen können, legen wir nun einen passenden VHost an.
# vim /etc/httpd/conf.d/vhosts.conf
- /etc/httpd/conf.d/vhosts.conf
# # greygraph.nausch.org # <VirtualHost *:80> ServerAdmin webmaster@nausch.org ServerName greygraph.nausch.org ServerAlias www.greygraph.nausch.org ServerPath / DocumentRoot "/usr/share/greygraph" AddHandler cgi-script .cgi <Directory "/usr/share/greygraph"> AllowOverride None Options +ExecCGI DirectoryIndex greygraph.cgi Order deny,allow Deny from all Allow from 127.0.0.1 </Directory> ErrorLog logs/greygraph_error.log CustomLog logs/greygraph_access.log combined </VirtualHost>
Anschließend starten wir unseren Webserver einmal durch, damit er den weiteren VHost auch verwenden kann.
# service postfix restart
httpd beenden: [ OK ] httpd starten: [ OK ]
Programmaufruf
manueller Start des Dämon
Damit das Mail-Logfile forlaufend ausgelesen wird, starten wir nun noch den Dämon mit Hilfe des mitgelieferten Init-Scriptes /etc/rc.d/init.d/greygraph.
# service mailgraph start
Starting greygraph: [ OK ]
automatischer Start des Dämon
Damit beim Systemstart der mailgraph-Dämon richtig gestartet wird, setzen wir die nötigen symlinks automatisch mit:
# chkconfig greygraph on
Das Ganze überprüfen wir dann noch mittels
# chkconfig --list | grep greygraph
greygraph 0:off 1:off 2:on 3:on 4:on 5:on 6:off
Webaufruf
Über unseren Vhost erhalten wir nun optisch schön ansprechende Übersichten über den Mailverkehr unseres MX.
mxgraphs
Im Gegensatz zu den drei vorgenannten graphischen Darstellungen, ist mxgraphs nichts besonderes neues, da es sich bei mxgraphs lediglich um eine Zusammenführungen der drei einzel dargestellten WEB-Seiten auf einer Übersichtsseite handelt.
Installation
Die Installation gestaltet sich nicht sonderlich schwer, da wir auf die drei vorgenannten Programme mailgraph, queuegraph und greygraph zurückgreifen.
Wir werden nun als erstes die notwendigen Verzeichnisse anlegen, deren Rechte anpassen und die benötigen Dateien dort ablegen.
- Verzeichnisse anlegen und Rechte anpassen:
# mkdir /usr/share/mxgraphs
# mkdir /usr/share/mxgraphs/
# chgrp apache /var/cache/mxgraphs/
# chmod g+w /var/cache/mxgraphs/
- Konfigirationsdateien anlegen:
Als erstes legen wir die benötigte CSS-Datei an.# vim /usr/share/mxgraphs/mxgraphs.css
- /usr/share/mxgraphs/mxgraphs.css
* { margin: 0; padding: 0 } body { width: 900px; background-color: white; font-family: sans-serif; font-size: 12pt; margin: 5px } h1 { margin-top: 20px; margin-bottom: 30px; text-align: center } h2 { background-color: #ddd; padding: 2px 0 2px 4px } hr { height: 1px; border: 0; border-top: 1px solid #aaa } table { border: 0px; width: 100% } img { border: 0 } a { text-decoration: none; color: #00e } a:hover { text-decoration: underline; } #jump { margin: 0 0 10px 4px } #jump li { list-style: none; display: inline; font-size: 90%; } #jump li:after { content: "|"; } #jump li:last-child:after { content: ""; }
Die CGI-Datei, die uns die gewünschten Graphen übersichtlich auf einer Seite darstellen soll, legen wir nun im nächsten Schritt an.
# vim /usr/share/mxgraphs/mxgraphs.cgi
- /usr/share/mxgraphs/mxgraphs.cgi
#!/usr/bin/perl -w # mxgraphs -- detailed postfix mail traffic statistics # copyright (c) 2000-2007 ETH Zurich # copyright (c) 2000-2007 David Schweikert <david@schweikert.ch> # modifed 2011 for grey Markus Neubauer <neubauer@std-service.com> # modified 2013 for mxgraphs by Django <django@it-ignorant.de> # released under the GNU General Public License use RRDs; use POSIX qw(uname); my $VERSION = "0.02"; my $host = (POSIX::uname())[1]; my $scriptname = 'mxgraphs.cgi'; my $xpoints = 800; my $points_per_sample = 3; my $ypoints = 160; my $ypoints_err = 160; my $ypoints_grey = 160; my $ypoints_greydetail = 160; my $ypoints_queue = 160; my $rrd = '/var/lib/mailgraph/mailgraph.rrd'; # path to where the Mailgraph RRD database is my $rrd_virus = '/var/lib/mailgraph/mailgraph_virus.rrd'; # path to where the Virus RRD database is my $rrd_queue = '/var/lib/queuegraph/mailqueues.rrd'; # path to where the Mailqueue RRD database is my $rrd_grey = '/var/lib/greygraph/greygraph.rrd'; # path to where the Greygraph RRD database is my $rrd_spam = '/var/lib/greygraph/greygraph_spam.rrd'; # path to where the Spam RRD database is my $tmp_dir = '/var/cache/mxgraphs'; # temporary directory where to store the images my @graphs = ( { title => 'Letzten 24 Stunden', seconds => 3600*24, }, { title => 'Letzten 7 Tage', seconds => 3600*24*7, }, { title => 'Letzten 31 Tage', seconds => 3600*24*31, }, { title => 'Letzten 12 Monate', seconds => 3600*24*365, }, ); my %color = ( sent => '000099', # rrggbb in hex received => '009900', whitelist => '999999', new => 'C1C1C1', early => 'AA0000', qspam => '000000', awl => 'DDBB00', reconnectok => '88FF00', rejected => 'AA0000', bounced => '000000', virus => 'DDBB00', spam => '999999', active => 'EFEF00', deferred => 'DD8800', ); sub rrd_graph(@) { my ($range, $file, $ypoints, @rrdargs) = @_; my $step = $range*$points_per_sample/$xpoints; my $end = time; $end -= $end % $step; my $date = localtime(time); $date =~ s|:|\\:|g unless $RRDs::VERSION < 1.199908; my ($graphret,$xs,$ys) = RRDs::graph($file, '--imgformat', 'PNG', '--width', $xpoints, '--height', $ypoints, '--start', "-$range", '--end', $end, '--vertical-label', 'msgs/min', '--lower-limit', 0, '--units-exponent', 0, # don't show milli-messages/s '--lazy', '--color', 'SHADEA#ffffff', '--color', 'SHADEB#ffffff', '--color', 'BACK#ffffff', $RRDs::VERSION < 1.2002 ? () : ( '--slope-mode'), @rrdargs, 'COMMENT:['.$date.']\r', ); my $ERR=RRDs::error; die "ERROR: $ERR\n" if $ERR; } sub graph($$) { my ($range, $file) = @_; my $step = $range*$points_per_sample/$xpoints; rrd_graph($range, $file, $ypoints, "DEF:sent=$rrd:sent:AVERAGE", "DEF:msent=$rrd:sent:MAX", "CDEF:rsent=sent,60,*", "CDEF:rmsent=msent,60,*", "CDEF:dsent=sent,UN,0,sent,IF,$step,*", "CDEF:ssent=PREV,UN,dsent,PREV,IF,dsent,+", "AREA:rsent#$color{sent}:Sent ", 'GPRINT:ssent:MAX:total\: %15.0lf msgs', 'GPRINT:rsent:AVERAGE:avg\: %12.2lf msgs/min', 'GPRINT:rmsent:MAX:max\: %11.0lf msgs/min\l', "DEF:recv=$rrd:recv:AVERAGE", "DEF:mrecv=$rrd:recv:MAX", "CDEF:rrecv=recv,60,*", "CDEF:rmrecv=mrecv,60,*", "CDEF:drecv=recv,UN,0,recv,IF,$step,*", "CDEF:srecv=PREV,UN,drecv,PREV,IF,drecv,+", "LINE2:rrecv#$color{received}:Received ", 'GPRINT:srecv:MAX:total\: %15.0lf msgs', 'GPRINT:rrecv:AVERAGE:avg\: %12.2lf msgs/min', 'GPRINT:rmrecv:MAX:max\: %11.0lf msgs/min\l', ); } sub graph_err($$) { my ($range, $file) = @_; my $step = $range*$points_per_sample/$xpoints; rrd_graph($range, $file, $ypoints_err, "DEF:bounced=$rrd:bounced:AVERAGE", "DEF:mbounced=$rrd:bounced:MAX", "CDEF:rbounced=bounced,60,*", "CDEF:dbounced=bounced,UN,0,bounced,IF,$step,*", "CDEF:sbounced=PREV,UN,dbounced,PREV,IF,dbounced,+", "CDEF:rmbounced=mbounced,60,*", "AREA:rbounced#$color{bounced}:Bounced ", 'GPRINT:sbounced:MAX:total\: %15.0lf msgs', 'GPRINT:rbounced:AVERAGE:avg\: %12.2lf msgs/min', 'GPRINT:rmbounced:MAX:max\: %11.0lf msgs/min\l', "DEF:virus=$rrd_virus:virus:AVERAGE", "DEF:mvirus=$rrd_virus:virus:MAX", "CDEF:rvirus=virus,60,*", "CDEF:dvirus=virus,UN,0,virus,IF,$step,*", "CDEF:svirus=PREV,UN,dvirus,PREV,IF,dvirus,+", "CDEF:rmvirus=mvirus,60,*", "STACK:rvirus#$color{virus}:Viruses ", 'GPRINT:svirus:MAX:total\: %15.0lf msgs', 'GPRINT:rvirus:AVERAGE:avg\: %12.2lf msgs/min', 'GPRINT:rmvirus:MAX:max\: %11.0lf msgs/min\l', "DEF:spam=$rrd_virus:spam:AVERAGE", "DEF:mspam=$rrd_virus:spam:MAX", "CDEF:rspam=spam,60,*", "CDEF:dspam=spam,UN,0,spam,IF,$step,*", "CDEF:sspam=PREV,UN,dspam,PREV,IF,dspam,+", "CDEF:rmspam=mspam,60,*", "STACK:rspam#$color{spam}:Spam ", 'GPRINT:sspam:MAX:total\: %15.0lf msgs', 'GPRINT:rspam:AVERAGE:avg\: %12.2lf msgs/min', 'GPRINT:rmspam:MAX:max\: %11.0lf msgs/min\l', "DEF:rejected=$rrd:rejected:AVERAGE", "DEF:mrejected=$rrd:rejected:MAX", "CDEF:rrejected=rejected,60,*", "CDEF:drejected=rejected,UN,0,rejected,IF,$step,*", "CDEF:srejected=PREV,UN,drejected,PREV,IF,drejected,+", "CDEF:rmrejected=mrejected,60,*", "LINE2:rrejected#$color{rejected}:Rejected ", 'GPRINT:srejected:MAX:total\: %15.0lf msgs', 'GPRINT:rrejected:AVERAGE:avg\: %12.2lf msgs/min', 'GPRINT:rmrejected:MAX:max\: %11.0lf msgs/min\l', ); } sub graph_queue($$) { my ($range, $file) = @_; my $step = $range*$points_per_sample/$xpoints; rrd_graph($range, $file, $ypoints_queue, "DEF:deferred=$rrd_queue:deferred:AVERAGE", "AREA:deferred#$color{deferred}:Deferred ", 'GPRINT:deferred:MAX:total\: %15.0lf msgs', 'GPRINT:deferred:AVERAGE:avg\: %12.2lf msgs/min', 'GPRINT:deferred:MAX:max\: %11.0lf msgs/min\l', "DEF:active=$rrd_queue:active:AVERAGE", "LINE2:active#$color{active}:Active+Incoming+Maildrop", 'GPRINT:active:MAX:total\: %15.0lf msgs', 'GPRINT:active:AVERAGE:avg\: %12.2lf msgs/min', 'GPRINT:active:MAX:max\: %11.0lf msgs/min\l', ); } sub graph_grey($$) { my ($range, $file) = @_; my $step = $range*$points_per_sample/$xpoints; rrd_graph($range, $file, $ypoints_grey, "DEF:new=$rrd_grey:new:AVERAGE", "DEF:mnew=$rrd_grey:new:MAX", "CDEF:rnew=new,60,*", "CDEF:rmnew=mnew,60,*", "CDEF:dnew=new,UN,0,new,IF,$step,*", "CDEF:snew=PREV,UN,dnew,PREV,IF,dnew,+", "LINE2:rnew#$color{new}:New ", 'GPRINT:snew:MAX:total\: %15.0lf msgs', 'GPRINT:rnew:AVERAGE:avg\: %12.2lf msgs/min', 'GPRINT:rmnew:MAX:max\: %11.0lf msgs/min\l', "DEF:reconnectok=$rrd_spam:reconnectok:AVERAGE", "DEF:mreconnectok=$rrd_spam:reconnectok:MAX", "CDEF:rreconnectok=reconnectok,60,*", "CDEF:dreconnectok=reconnectok,UN,0,reconnectok,IF,$step,*", "CDEF:sreconnectok=PREV,UN,dreconnectok,PREV,IF,dreconnectok,+", "CDEF:rmreconnectok=mreconnectok,60,*", "LINE2:rreconnectok#$color{reconnectok}:Reconnect O.K. ", 'GPRINT:sreconnectok:MAX:total\: %15.0lf msgs', 'GPRINT:rreconnectok:AVERAGE:avg\: %12.2lf msgs/min', 'GPRINT:rmreconnectok:MAX:max\: %11.0lf msgs/min\l', ); } sub graph_greydetail($$) { my ($range, $file) = @_; my $step = $range*$points_per_sample/$xpoints; rrd_graph($range, $file, $ypoints_greydetail, "DEF:whitelist=$rrd_grey:whitelist:AVERAGE", "DEF:mwhitelist=$rrd_grey:whitelist:MAX", "CDEF:rwhitelist=whitelist,60,*", "CDEF:rmwhitelist=mwhitelist,60,*", "CDEF:dwhitelist=whitelist,UN,0,whitelist,IF,$step,*", "CDEF:swhitelist=PREV,UN,dwhitelist,PREV,IF,dwhitelist,+", "LINE2:rwhitelist#$color{whitelist}:Whitelist ", 'GPRINT:swhitelist:MAX:total\: %15.0lf msgs', 'GPRINT:rwhitelist:AVERAGE:avg\: %12.2lf msgs/min', 'GPRINT:rmwhitelist:MAX:max\: %11.0lf msgs/min\l', "DEF:awl=$rrd_grey:awl:AVERAGE", "DEF:mawl=$rrd_grey:awl:MAX", "CDEF:rawl=awl,60,*", "CDEF:dawl=awl,UN,0,awl,IF,$step,*", "CDEF:sawl=PREV,UN,dawl,PREV,IF,dawl,+", "CDEF:rmawl=mawl,60,*", "LINE2:rawl#$color{awl}:Auto whitelist ", 'GPRINT:sawl:MAX:total\: %15.0lf msgs', 'GPRINT:rawl:AVERAGE:avg\: %12.2lf msgs/min', 'GPRINT:rmawl:MAX:max\: %11.0lf msgs/min\l', "DEF:spam=$rrd_spam:spam:AVERAGE", "DEF:mspam=$rrd_spam:spam:MAX", "CDEF:rspam=spam,60,*", "CDEF:dspam=spam,UN,0,spam,IF,$step,*", "CDEF:sspam=PREV,UN,dspam,PREV,IF,dspam,+", "CDEF:rmspam=mspam,60,*", "LINE2:rspam#$color{qspam}:Spam ", 'GPRINT:sspam:MAX:total\: %15.0lf msgs', 'GPRINT:rspam:AVERAGE:avg\: %12.2lf msgs/min', 'GPRINT:rmspam:MAX:max\: %11.0lf msgs/min\l', "DEF:early=$rrd_grey:early:AVERAGE", "DEF:mearly=$rrd_grey:early:MAX", "CDEF:rearly=early,60,*", "CDEF:dearly=early,UN,0,early,IF,$step,*", "CDEF:searly=PREV,UN,dearly,PREV,IF,dearly,+", "CDEF:rmearly=mearly,60,*", "STACK:rearly#$color{early}:Early connect ", 'GPRINT:searly:MAX:total\: %15.0lf msgs', 'GPRINT:rearly:AVERAGE:avg\: %12.2lf msgs/min', 'GPRINT:rmearly:MAX:max\: %11.0lf msgs/min\l', ); } sub print_html() { print "Content-Type: text/html\n\n"; print <<HEADER; <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Mailserver Statistiken auf $host</title> <meta http-equiv="Refresh" content="300" /> <meta http-equiv="Pragma" content="no-cache" /> <link rel="stylesheet" href="mxgraphs.css" type="text/css" /> </head> <body> HEADER print "<h1>Mailserver Statistiken für<br>$host</h1>\n"; print "<ul id=\"jump\">\n"; for my $n (0..$#graphs) { print " <li><a href=\"#G$n\">$graphs[$n]{title}</a> </li>\n"; } print "</ul>\n"; for my $n (0..$#graphs) { print "<h2 id=\"G$n\">$graphs[$n]{title}</h2>\n"; print "<p><img src=\"$scriptname?${n}-n\" alt=\"mxgraphs - received and sent\"/></p>\n"; print "<p><img src=\"$scriptname?${n}-e\" alt=\"mxgraphs - blocked\"/></p>\n"; print "<p><img src=\"$scriptname?${n}-g\" alt=\"mxgraphs - greylisted\"/></p>\n"; print "<p><img src=\"$scriptname?${n}-d\" alt=\"mxgraphs - greylisted (detailed)\"/></p>\n"; print "<p><img src=\"$scriptname?${n}-q\" alt=\"mxgraphs - mailqueues\"/></p>\n"; } print <<FOOTER; <hr/> <table border="0" style="font-size:12px" width="900"> <colgroup> <col width="200"> <col width="425"> <col width="123"> </colgroup> <tr class="row0"> <td class="col0 leftalign"> <a href="http://dokuwiki.nausch.org/doku.php/centos:mail_c6:mta_11#mxgraphs">MX-Graphs </a>$VERSION by <a href="mailto:django@it-ignorant.org?subject=MX-Graphs%20for%20my%20Mailserver">Django</a> based on </td> <td> <a href="http://david.schweikert.ch/">David Schweikert's</a> <a href="http://mailgraph.schweikert.ch/">Mailgraph</a>, </td> <td class="col2 rightalign" rowspan="3"> <a href="http://oss.oetiker.ch/rrdtool/"><img src="rrdtool-3dlogo.png" alt="" width="135" height="50" align="right" align="middle"/></a> </td> </tr> <tr class="row1"> <td class="col0 leftalign"> </td> <td class="col1 leftalign"> <a href="http://www.gichenbacher.de/kontakt">Markus Neubauer's </a> <a href="http://www.std-soft.com/bfaq/46-k-faq-server/117-greygraph-mail-statistik.html">Greygraph</a> and </td> </tr> <tr class="row2"> <td class="col0 leftalign"> </td> <td class="col1 leftalign"> <a href="http://www.arschkrebs.de/">Ralf Hildebrandt's </a><a href="http://www.arschkrebs.de/postfix/queuegraph">Queuegraph</a>. </td> </tr> </table> </body> </html> FOOTER } sub send_image($) { my ($file)= @_; -r $file or do { print "Content-type: text/plain\n\nERROR: can't find $file\n"; exit 1; }; print "Content-type: image/png\n"; print "Content-length: ".((stat($file))[7])."\n"; print "\n"; open(IMG, $file) or die; my $data; print $data while read(IMG, $data, 16384)>0; } sub main() { my $uri = $ENV{REQUEST_URI} || ''; $uri =~ s/\/[^\/]+$//; $uri =~ s/\//,/g; $uri =~ s/(\~|\%7E)/tilde,/g; mkdir $tmp_dir, 0777 unless -d $tmp_dir; mkdir "$tmp_dir/$uri", 0777 unless -d "$tmp_dir/$uri"; my $img = $ENV{QUERY_STRING}; if(defined $img and $img =~ /\S/) { if($img =~ /^(\d+)-n$/) { my $file = "$tmp_dir/$uri/mxgraph_$1.png"; graph($graphs[$1]{seconds}, $file); send_image($file); } elsif($img =~ /^(\d+)-e$/) { my $file = "$tmp_dir/$uri/mxgraph_$1_err.png"; graph_err($graphs[$1]{seconds}, $file); send_image($file); } elsif($img =~ /^(\d+)-g$/) { my $file = "$tmp_dir/$uri/mxgraph_$1_grey.png"; graph_grey($graphs[$1]{seconds}, $file); send_image($file); } elsif($img =~ /^(\d+)-d$/) { my $file = "$tmp_dir/$uri/mxgraph_$1_greydetail.png"; graph_greydetail($graphs[$1]{seconds}, $file); send_image($file); } elsif($img =~ /^(\d+)-q$/) { my $file = "$tmp_dir/$uri/mxgraph_$1_queue.png"; graph_queue($graphs[$1]{seconds}, $file); send_image($file); } else { die "ERROR: invalid argument\n"; } } else { print_html; } } main;
Anschließend geben wir der Datei noch die eXecutable-Rechte.
# chmod +x /usr/share/mxgraphs/mxgraphs.cgi
- Apache Konfig:
Möchte man später auf die Darstellungsseite nach dem Muster http://example.com/mxgraphs zugreifen, benötigen wir noch eine kleine Konfigurationsdatei.# vim /etc/httpd/conf.d/mxgraphs.conf
- /etc/httpd/conf.d/mxgraphs.conf
# # MX-Graph: An postfix/sendmail log file analyzer # Alias /mxgraphs /usr/share/mxgraphs AddHandler cgi-script .cgi <Directory /usr/share/mxgraphs/> AllowOverride None Options +ExecCGI DirectoryIndex mxgraphs.cgi Order Deny,Allow Deny from all Allow from 127.0.0.1 </Directory>
Alternativ können wir natürlich dazu einen eigenen Apache-vHOST verwenden. Auf dessen Konfiguration gehen wir gleich ein.
Apache VHost anlegen
Damit wir bequem von unserem Browser aus, die aktuellen Graphiken abfragen können, legen wir nun einen passenden VHost an.
# vim /etc/httpd/conf.d/vhosts.conf
- /etc/httpd/conf.d/vhosts.conf
# # mxgraphs.nausch.org # <VirtualHost *:80> ServerAdmin webmaster@nausch.org ServerName mxgraphs.nausch.org ServerAlias www.mxgraphs.nausch.org ServerPath / DocumentRoot "/usr/share/mxgraphs" AddHandler cgi-script .cgi <Directory "/usr/share/mxgraphs"> AllowOverride None Options +ExecCGI DirectoryIndex mxgraphs.cgi Order deny,allow Deny from all Allow from 127.0.0.1 </Directory> ErrorLog logs/mxgraphs_error.log CustomLog logs/mxgraphs_access.log combined </VirtualHost>
Anschließend starten wir unseren Webserver einmal durch, damit er den weiteren VHost auch verwenden kann.
# service postfix restart
httpd beenden: [ OK ] httpd starten: [ OK ]
Webaufruf
Über unseren Vhost erhalten wir nun optisch schön ansprechende Übersichten über den Mailverkehr unseres MX.
Eine aktuelle LIVE-Übersicht einer MXGraph-Seite findet man z.B. hier.
mxgraphs und DMARC & Co
Hat man bei seinem Mailserver DMARC im Einsatz, möchte man in aller Regel auch eine graphisch aufbereitete Übersicht über die Milter1) SMF-SPF, OpenDKIM und OpenDMARC haben. Angelehnt auf den Mailgraph Patch von Sebastian van de Meer erweitern wir nun unsere mxgraphs-Installation.
Installation
Für die Einbindung der Übersichtsgraphiken für SPF, DKIM und DMARC benötigen wir das Paket mailgraph, dass wir aus dem EPEL-Repository bereits installiert haben. Eine ausführliche Installationsanleitung hierzu findet sich hier.
WICHTIG:
Durch die Erweiterung, oder besser gesagt die Änderung des Daemons, wir eine neue RRD-Datei /var/lib/mailgraph/mailgraph.rrd angelegt.
Das hat zur Folge, dass ggf. vorhandenen Statistikdaten der Letzten 31 Tage und Letzten 12 Monate verloren gehen und die Daten vom Start des geänderten Daemon neu angelegt und angezeigt werden!
Bevor wir jedoch die Änderungen an unserer Konfiguration durchführen, stoppen wir den ev. bereits laufenden Daemon mailgraph.
# service mailgraph stop
Stopping mailgraph: [ OK ]
Patchen von mailgraph
Zum Anlegen der Statistikdaten müssen wir nun das Perl-Script aus dem Paket mailgraph erweitern. Hierzu verwenden wir den folgenden Patch mailgraph-1.14-8_mxgraphs_patch.
- mailgraph-1.14-8_mxgraphs_patch
-- mailgraph.orig 2007-08-29 11:06:01.000000000 +0200 +++ mailgraph 2014-05-13 19:18:24.892999883 +0200 @@ -4,6 +4,7 @@ # copyright (c) 2000-2007 ETH Zurich # copyright (c) 2000-2007 David Schweikert <david@schweikert.ch> # released under the GNU General Public License +# with dkim-, dmarc, spf-patch Sebastian van de Meer <kernel-error@kernel-error.de> ######## Parse::Syslog 1.09 (automatically embedded) ######## package Parse::Syslog; @@ -381,7 +382,7 @@ my $rrd_virus = "mailgraph_virus.rrd"; my $year; my $this_minute; -my %sum = ( sent => 0, received => 0, bounced => 0, rejected => 0, virus => 0, spam => 0 ); +my %sum = ( sent => 0, received => 0, bounced => 0, rejected => 0, spfnone => 0, spffail => 0, spfpass => 0, dmarcnone => 0, dmarcfail => 0, dmarcpass => 0, dkimnone => 0, dkimfail => 0, dkimpass => 0, virus => 0, spam => 0, greylisted => 0, delayed => 0); my $rrd_inited=0; my %opt = (); @@ -395,6 +396,15 @@ sub event_rejected($); sub event_virus($); sub event_spam($); +sub event_spfnone($); +sub event_spffail($); +sub event_spfpass($); +sub event_dmarcnone($); +sub event_dmarcfail($); +sub event_dmarcpass($); +sub event_dkimnone($); +sub event_dkimfail($); +sub event_dkimpass($); sub init_rrd($); sub update($); @@ -528,6 +538,15 @@ 'DS:recv:ABSOLUTE:'.($rrdstep*2).':0:U', 'DS:bounced:ABSOLUTE:'.($rrdstep*2).':0:U', 'DS:rejected:ABSOLUTE:'.($rrdstep*2).':0:U', + 'DS:spfnone:ABSOLUTE:'.($rrdstep*2).':0:U', + 'DS:spffail:ABSOLUTE:'.($rrdstep*2).':0:U', + 'DS:spfpass:ABSOLUTE:'.($rrdstep*2).':0:U', + 'DS:dmarcnone:ABSOLUTE:'.($rrdstep*2).':0:U', + 'DS:dmarcfail:ABSOLUTE:'.($rrdstep*2).':0:U', + 'DS:dmarcpass:ABSOLUTE:'.($rrdstep*2).':0:U', + 'DS:dkimnone:ABSOLUTE:'.($rrdstep*2).':0:U', + 'DS:dkimfail:ABSOLUTE:'.($rrdstep*2).':0:U', + 'DS:dkimpass:ABSOLUTE:'.($rrdstep*2).':0:U', "RRA:AVERAGE:0.5:$day_steps:$realrows", # day "RRA:AVERAGE:0.5:$week_steps:$realrows", # week "RRA:AVERAGE:0.5:$month_steps:$realrows", # month @@ -853,6 +872,45 @@ event($time, 'virus'); } } + elsif ($prog eq 'smf-spf') { + if ($text =~ /SPF pass:/) { + event($time, 'spfpass'); + } + elsif($text =~ /SPF none:/) { + event($time, 'spfnone'); + } + elsif($text =~ /fail:/) { + event($time, 'spffail'); + } +# elsif($text =~ /SPF fail:\b/) { +# event($time, 'spffail'); +# } +# elsif($text =~ /SPF softfail:\b/) { +# event($time, 'spffail'); +# } + } + elsif ($prog eq 'opendkim') { + if ($text =~ /DKIM verification successful/) { + event($time, 'dkimpass'); + } + elsif($text =~ /no signature data/) { + event($time, 'dkimnone'); + } + elsif($text =~ /bad signature data/) { + event($time, 'dkimfail'); + } + } + elsif ($prog eq 'opendmarc') { + if ($text =~ /pass/) { + event($time, 'dmarcpass'); + } + elsif($text =~ /none/) { + event($time, 'dmarcnone'); + } + elsif($text =~ /fail/) { + event($time, 'dmarcfail'); + } + } } sub event($$) @@ -870,13 +928,17 @@ return 1 if $m == $this_minute; return 0 if $m < $this_minute; - print "update $this_minute:$sum{sent}:$sum{received}:$sum{bounced}:$sum{rejected}:$sum{virus}:$sum{spam}\n" if $opt{verbose}; - RRDs::update $rrd, "$this_minute:$sum{sent}:$sum{received}:$sum{bounced}:$sum{rejected}" unless $opt{'only-virus-rrd'}; +# print "update $this_minute:$sum{sent}:$sum{received}:$sum{bounced}:$sum{rejected}:$sum{virus}:$sum{spam}\n" if $opt{verbose}; + print "update $this_minute:$sum{sent}:$sum{received}:$sum{bounced}:$sum{rejected}:$sum{spfnone}:$sum{spffail}:$sum{spfpass}:$sum{dmarcnone}:$sum{dmarcfail}:$sum{dmarcpass}:$sum{dkimnone}:$sum{dkimfail}:$sum{dkimpass}:$sum{virus}:$sum{spam}\n" if $opt{verbose}; +# RRDs::update $rrd, "$this_minute:$sum{sent}:$sum{received}:$sum{bounced}:$sum{rejected}" unless $opt{'only-virus-rrd'}; + RRDs::update $rrd, "$this_minute:$sum{sent}:$sum{received}:$sum{bounced}:$sum{rejected}:$sum{spfnone}:$sum{spffail}:$sum{spfpass}:$sum{dmarcnone}:$sum{dmarcfail}:$sum{dmarcpass}:$sum{dkimnone}:$sum{dkimfail}:$sum{dkimpass}" unless $opt{'no-mail-rrd'}; RRDs::update $rrd_virus, "$this_minute:$sum{virus}:$sum{spam}" unless $opt{'only-mail-rrd'}; if($m > $this_minute+$rrdstep) { for(my $sm=$this_minute+$rrdstep;$sm<$m;$sm+=$rrdstep) { - print "update $sm:0:0:0:0:0:0 (SKIP)\n" if $opt{verbose}; - RRDs::update $rrd, "$sm:0:0:0:0" unless $opt{'only-virus-rrd'}; +# print "update $sm:0:0:0:0:0:0 (SKIP)\n" if $opt{verbose}; + print "update $sm:0:0:0:0:0:0:0:0:0:0:0:0:0:0:0 (SKIP)\n" if $opt{verbose}; +# RRDs::update $rrd, "$sm:0:0:0:0" unless $opt{'only-virus-rrd'}; + RRDs::update $rrd, "$sm:0:0:0:0:0:0:0:0:0:0:0:0:0" unless $opt{'only-virus-rrd'}; RRDs::update $rrd_virus, "$sm:0:0" unless $opt{'only-mail-rrd'}; } } @@ -885,6 +947,15 @@ $sum{received}=0; $sum{bounced}=0; $sum{rejected}=0; + $sum{spfnone}=0; + $sum{spffail}=0; + $sum{spfpass}=0; + $sum{dmarcnone}=0; + $sum{dmarcfail}=0; + $sum{dmarcpass}=0; + $sum{dkimnone}=0; + $sum{dkimfail}=0; + $sum{dkimpass}=0; $sum{virus}=0; $sum{spam}=0; return 1;
Zunächst kopieren wir die vorhandene Datei mailgraph nach /tmp, um sie dort zu patchen.
# cp /usr/sbin/mailgraph /tmp
Dann wechseln wir in das Zielverzeichnis.
# cd /tmp
Und laden uns den oben aufgeführten Patch zum Ändern der vorhandenen Datei auf unseren Rechner.
Anschließend wenden wir den Patch mit nachfolgendem Aufruf an.
# patch -p0 < mailgraph-1.14-8_mxgraphs_patch
patching file mailgraph
Zu guter letzt kopieren wir nun noch das geänderte perl-Script zurück an Ort und Stelle.
# mv mailgraph /usr/sbin/ -f
Nun können wir den Daemon mailgraph wieder starten.
# service mailgraph start
Starting mailgraph: [ OK ]
Patchen von mxgraphs.cgi
Damit die zusätzlichen Statistikdaten für die drei Milter SPF, DKIM und DMARC graphisch aufbereitet werden können, müssen wir unser vorhandenes cgi-Script mxgraphs.cgi aus der bereits erfolgreichen Installation von mxgraphs austauschen. Zum Anlegen der Statistikdaten müssen wir nun das Perl-Script aus dem Paket mailgraph erweitern.
Hierzu verwenden wir den folgenden Patch mxgraphs_spf_dkim_dmarc.patch.
- mxgraphs_spf_dkim_dmarc.patch
--- mxgraphs.cgi 2014-05-15 15:48:24.628000137 +0200 +++ mxgraphs.cgi 2014-05-15 15:31:10.293000217 +0200 @@ -5,12 +5,14 @@ # copyright (c) 2000-2007 David Schweikert <david@schweikert.ch> # modifed 2011 for grey Markus Neubauer <neubauer@std-service.com> # modified 2013 for mxgraphs by Django <django@it-ignorant.de> +# modified 2014 for mxgraphs (v2) by Django <django@it-ignorant.de> based on +# patches from Sebastian van de Meer <kernel-error@kernel-error.de> # released under the GNU General Public License use RRDs; use POSIX qw(uname); -my $VERSION = "0.02"; +my $VERSION = "0.03"; my $host = (POSIX::uname())[1]; my $scriptname = 'mxgraphs.cgi'; @@ -21,6 +23,9 @@ my $ypoints_grey = 160; my $ypoints_greydetail = 160; my $ypoints_queue = 160; +my $ypoints_spf = 160; +my $ypoints_dkim = 160; +my $ypoints_dmarc = 160; my $rrd = '/var/lib/mailgraph/mailgraph.rrd'; # path to where the Mailgraph RRD database is my $rrd_virus = '/var/lib/mailgraph/mailgraph_virus.rrd'; # path to where the Virus RRD database is my $rrd_queue = '/var/lib/queuegraph/mailqueues.rrd'; # path to where the Mailqueue RRD database is @@ -39,17 +44,26 @@ sent => '000099', # rrggbb in hex received => '009900', whitelist => '999999', - new => 'C1C1C1', + new => 'FF77EE', early => 'AA0000', qspam => '000000', awl => 'DDBB00', - reconnectok => '88FF00', + reconnectok => '7700DD', rejected => 'AA0000', bounced => '000000', virus => 'DDBB00', spam => '999999', active => 'EFEF00', deferred => 'DD8800', + spfnone => '12FF0A', + spffail => 'f80b6f', + spfpass => '2E5fEC', + dkimnone => 'E6E27A', + dkimfail => 'FF6600', + dkimpass => '3013EC', + dmarcnone => 'F0B166', + dmarcfail => 'f11717', + dmarcpass => '00FFD5', ); sub rrd_graph(@) @@ -276,6 +290,128 @@ } +sub graph_spf($$) +{ + my ($range, $file) = @_; + my $step = $range*$points_per_sample/$xpoints; + rrd_graph($range, $file, $ypoints_spf, + "DEF:spfpass=$rrd:spfpass:AVERAGE", + "DEF:mspfpass=$rrd:spfpass:MAX", + "CDEF:rspfpass=spfpass,60,*", + "CDEF:dspfpass=spfpass,UN,0,spfpass,IF,$step,*", + "CDEF:sspfpass=PREV,UN,dspfpass,PREV,IF,dspfpass,+", + "CDEF:rmspfpass=mspfpass,60,*", + "AREA:rspfpass#$color{spfpass}:SPF pass", + 'GPRINT:sspfpass:MAX:total\: %8.0lf msgs', + 'GPRINT:rspfpass:AVERAGE:avg\: %5.2lf msgs/min', + 'GPRINT:rmspfpass:MAX:max\: %4.0lf msgs/min\l', + + "DEF:spfnone=$rrd:spfnone:AVERAGE", + "DEF:mspfnone=$rrd:spfnone:MAX", + "CDEF:rspfnone=spfnone,60,*", + "CDEF:dspfnone=spfnone,UN,0,spfnone,IF,$step,*", + "CDEF:sspfnone=PREV,UN,dspfnone,PREV,IF,dspfnone,+", + "CDEF:rmspfnone=mspfnone,60,*", + "LINE2:rspfnone#$color{spfnone}:SPF none", + 'GPRINT:sspfnone:MAX:total\: %8.0lf msgs', + 'GPRINT:rspfnone:AVERAGE:avg\: %5.2lf msgs/min', + 'GPRINT:rmspfnone:MAX:max\: %4.0lf msgs/min\l', + + "DEF:spffail=$rrd:spffail:AVERAGE", + "DEF:mspffail=$rrd:spffail:MAX", + "CDEF:rspffail=spffail,60,*", + "CDEF:dspffail=spffail,UN,0,spffail,IF,$step,*", + "CDEF:sspffail=PREV,UN,dspffail,PREV,IF,dspffail,+", + "CDEF:rmspffail=mspffail,60,*", + "LINE2:rspffail#$color{spffail}:SPF fail", + 'GPRINT:sspffail:MAX:total\: %8.0lf msgs', + 'GPRINT:rspffail:AVERAGE:avg\: %5.2lf msgs/min', + 'GPRINT:rmspffail:MAX:max\: %4.0lf msgs/min\l', + ); +} + + +sub graph_dkim($$) +{ + my ($range, $file) = @_; + my $step = $range*$points_per_sample/$xpoints; + rrd_graph($range, $file, $ypoints_dkim, + "DEF:dkimpass=$rrd:dkimpass:AVERAGE", + "DEF:mdkimpass=$rrd:dkimpass:MAX", + "CDEF:rdkimpass=dkimpass,60,*", + "CDEF:ddkimpass=dkimpass,UN,0,dkimpass,IF,$step,*", + "CDEF:sdkimpass=PREV,UN,ddkimpass,PREV,IF,ddkimpass,+", + "CDEF:rmdkimpass=mdkimpass,60,*", + "AREA:rdkimpass#$color{dkimpass}:DKIM pass", + 'GPRINT:sdkimpass:MAX:total\: %8.0lf msgs', + 'GPRINT:rdkimpass:AVERAGE:avg\: %5.2lf msgs/min', + 'GPRINT:rmdkimpass:MAX:max\: %4.0lf msgs/min\l', + + "DEF:dkimnone=$rrd:dkimnone:AVERAGE", + "DEF:mdkimnone=$rrd:dkimnone:MAX", + "CDEF:rdkimnone=dkimnone,60,*", + "CDEF:ddkimnone=dkimnone,UN,0,dkimnone,IF,$step,*", + "CDEF:sdkimnone=PREV,UN,ddkimnone,PREV,IF,ddkimnone,+", + "CDEF:rmdkimnone=mdkimnone,60,*", + "LINE2:rdkimnone#$color{dkimnone}:DKIM none", + 'GPRINT:sdkimnone:MAX:total\: %8.0lf msgs', + 'GPRINT:rdkimnone:AVERAGE:avg\: %5.2lf msgs/min', + 'GPRINT:rmdkimnone:MAX:max\: %4.0lf msgs/min\l', + + "DEF:dkimfail=$rrd:dkimfail:AVERAGE", + "DEF:mdkimfail=$rrd:dkimfail:MAX", + "CDEF:rdkimfail=dkimfail,60,*", + "CDEF:ddkimfail=dkimfail,UN,0,dkimfail,IF,$step,*", + "CDEF:sdkimfail=PREV,UN,ddkimfail,PREV,IF,ddkimfail,+", + "CDEF:rmdkimfail=mdkimfail,60,*", + "LINE2:rdkimfail#$color{dkimfail}:DKIM fail", + 'GPRINT:sdkimfail:MAX:total\: %8.0lf msgs', + 'GPRINT:rdkimfail:AVERAGE:avg\: %5.2lf msgs/min', + 'GPRINT:rmdkimfail:MAX:max\: %4.0lf msgs/min\l', + ); +} + + +sub graph_dmarc($$) +{ + my ($range, $file) = @_; + my $step = $range*$points_per_sample/$xpoints; + rrd_graph($range, $file, $ypoints_dmarc, + "DEF:dmarcpass=$rrd:dmarcpass:AVERAGE", + "DEF:mdmarcpass=$rrd:dmarcpass:MAX", + "CDEF:rdmarcpass=dmarcpass,60,*", + "CDEF:ddmarcpass=dmarcpass,UN,0,dmarcpass,IF,$step,*", + "CDEF:sdmarcpass=PREV,UN,ddmarcpass,PREV,IF,ddmarcpass,+", + "CDEF:rmdmarcpass=mdmarcpass,60,*", + "AREA:rdmarcpass#$color{dmarcpass}:DMARC pass", + 'GPRINT:sdmarcpass:MAX:total\: %8.0lf msgs', + 'GPRINT:rdmarcpass:AVERAGE:avg\: %5.2lf msgs/min', + 'GPRINT:rmdmarcpass:MAX:max\: %4.0lf msgs/min\l', + + "DEF:dmarcnone=$rrd:dmarcnone:AVERAGE", + "DEF:mdmarcnone=$rrd:dmarcnone:MAX", + "CDEF:rdmarcnone=dmarcnone,60,*", + "CDEF:ddmarcnone=dmarcnone,UN,0,dmarcnone,IF,$step,*", + "CDEF:sdmarcnone=PREV,UN,ddmarcnone,PREV,IF,ddmarcnone,+", + "CDEF:rmdmarcnone=mdmarcnone,60,*", + "LINE2:rdmarcnone#$color{dmarcnone}:DMARC none", + 'GPRINT:sdmarcnone:MAX:total\: %8.0lf msgs', + 'GPRINT:rdmarcnone:AVERAGE:avg\: %5.2lf msgs/min', + 'GPRINT:rmdmarcnone:MAX:max\: %4.0lf msgs/min\l', + + "DEF:dmarcfail=$rrd:dmarcfail:AVERAGE", + "DEF:mdmarcfail=$rrd:dmarcfail:MAX", + "CDEF:rdmarcfail=dmarcfail,60,*", + "CDEF:ddmarcfail=dmarcfail,UN,0,dmarcfail,IF,$step,*", + "CDEF:sdmarcfail=PREV,UN,ddmarcfail,PREV,IF,ddmarcfail,+", + "CDEF:rmdmarcfail=mdmarcfail,60,*", + "LINE2:rdmarcfail#$color{dmarcfail}:DMARC fail", + 'GPRINT:sdmarcfail:MAX:total\: %8.0lf msgs', + 'GPRINT:rdmarcfail:AVERAGE:avg\: %5.2lf msgs/min', + 'GPRINT:rmdmarcfail:MAX:max\: %4.0lf msgs/min\l', + ); +} + sub print_html() { print "Content-Type: text/html\n\n"; @@ -293,7 +429,7 @@ <body> HEADER - print "<h1>Mailserver Statistiken für<br>$host</h1>\n"; + print "<h1>Mailserver Statistiken für mx01.nausch.org</h1>\n"; print "<ul id=\"jump\">\n"; for my $n (0..$#graphs) { @@ -308,6 +444,9 @@ print "<p><img src=\"$scriptname?${n}-g\" alt=\"mxgraphs - greylisted\"/></p>\n"; print "<p><img src=\"$scriptname?${n}-d\" alt=\"mxgraphs - greylisted (detailed)\"/></p>\n"; print "<p><img src=\"$scriptname?${n}-q\" alt=\"mxgraphs - mailqueues\"/></p>\n"; + print "<p><img src=\"$scriptname?${n}-f\" alt=\"mxgraphs - spf checked\"/></p>\n"; + print "<p><img src=\"$scriptname?${n}-m\" alt=\"mxgraphs - dkim checked\"/></p>\n"; + print "<p><img src=\"$scriptname?${n}-c\" alt=\"mxgraphs - dmarc checked\"/></p>\n"; } print <<FOOTER; @@ -321,10 +460,12 @@ <tr class="row0"> <td class="col0 leftalign"> <a href="http://dokuwiki.nausch.org/doku.php/centos:mail_c6:mta_11#mxgraphs">MX-Graphs </a>$VERSION by - <a href="mailto:django@it-ignorant.org?subject=MX-Graphs%20for%20my%20Mailserver">Django</a> based on + <a href="mailto:django@nausch.org?subject=MX-Graphs%20for%20my%20Mailserver">Django</a> based on </td> <td> <a href="http://david.schweikert.ch/">David Schweikert's</a> <a href="http://mailgraph.schweikert.ch/">Mailgraph</a>, + <a href="http://www.gichenbacher.de/kontakt">Markus Neubauer's </a> + <a href="http://www.std-soft.com/bfaq/46-k-faq-server/117-greygraph-mail-statistik.html">Greygraph</a>, </td> <td class="col2 rightalign" rowspan="3"> <a href="http://oss.oetiker.ch/rrdtool/"><img src="rrdtool-3dlogo.png" alt="" width="135" height="50" align="right" align="middle"/></a> @@ -334,15 +475,9 @@ <td class="col0 leftalign"> </td> <td class="col1 leftalign"> - <a href="http://www.gichenbacher.de/kontakt">Markus Neubauer's </a> - <a href="http://www.std-soft.com/bfaq/46-k-faq-server/117-greygraph-mail-statistik.html">Greygraph</a> and - </td> - </tr> - <tr class="row2"> - <td class="col0 leftalign"> - </td> - <td class="col1 leftalign"> - <a href="http://www.arschkrebs.de/">Ralf Hildebrandt's </a><a href="http://www.arschkrebs.de/postfix/queuegraph">Queuegraph</a>. + <a href="http://www.arschkrebs.de/">Ralf Hildebrandt's </a><a href="http://www.arschkrebs.de/postfix/queuegraph">Queuegraph</a> and + <a href="https://www.kernel-error.de/">Sebastian van de Meer's </a> + <a href="https://www.kernel-error.de/postfix/mailgraph-aufgebohrt">mailgraphpatches</a>. </td> </tr> </table> @@ -404,6 +539,21 @@ graph_queue($graphs[$1]{seconds}, $file); send_image($file); } + elsif($img =~ /^(\d+)-f$/) { + my $file = "$tmp_dir/$uri/mailgraph_$1_spf.png"; + graph_spf($graphs[$1]{seconds}, $file); + send_image($file); + } + elsif($img =~ /^(\d+)-m$/) { + my $file = "$tmp_dir/$uri/mailgraph_$1_dkim.png"; + graph_dkim($graphs[$1]{seconds}, $file); + send_image($file); + } + elsif($img =~ /^(\d+)-c$/) { + my $file = "$tmp_dir/$uri/mailgraph_$1_dmarc.png"; + graph_dmarc($graphs[$1]{seconds}, $file); + send_image($file); + } else { die "ERROR: invalid argument\n"; }
Wie auch schon zuvor bei unserem Daemon, kopieren wir zum Patchen das Perl-Script nach /tmp/.
# cp /usr/share/mxgraphs/mxgraphs.cgi /tmp/
Dann laden wir den obigen Patch auf unseren Rechner und legen diesen im Verzeichnis /tmp unter dem Dateinamen mxgraphs_spf_dkim_dmarc.patch ab.
Anschließend wenden wir den Patch an.
# patch -p0 < mxgraphs_spf_dkim_dmarc.patch
Und kopieren zu guter Letzt das geänderte Script an Ort und Stelle.
# mv /tmp/mxgraphs.cgi /usr/share/mxgraphs/ -f
Alternativ können wir auch nachfolgendes CGI-sript, bei dem der Patch schon angewandt wurde, auf unseren Rechner laden und ins Verzeichnis /usr/share/mxgraphs/ kopieren.
- /usr/share/mxgraphs/mxgraphs.cgi
#!/usr/bin/perl -w # mxgraphs -- detailed postfix mail traffic statistics # copyright (c) 2000-2007 ETH Zurich # copyright (c) 2000-2007 David Schweikert <david@schweikert.ch> # modifed 2011 for grey Markus Neubauer <neubauer@std-service.com> # modified 2013 for mxgraphs by Django <django@it-ignorant.de> # released under the GNU General Public License use RRDs; use POSIX qw(uname); my $VERSION = "0.02"; my $host = (POSIX::uname())[1]; my $scriptname = 'mxgraphs.cgi'; my $xpoints = 800; my $points_per_sample = 3; my $ypoints = 160; my $ypoints_err = 160; my $ypoints_grey = 160; my $ypoints_greydetail = 160; my $ypoints_queue = 160; my $rrd = '/var/lib/mailgraph/mailgraph.rrd'; # path to where the Mailgraph RRD database is my $rrd_virus = '/var/lib/mailgraph/mailgraph_virus.rrd'; # path to where the Virus RRD database is my $rrd_queue = '/var/lib/queuegraph/mailqueues.rrd'; # path to where the Mailqueue RRD database is my $rrd_grey = '/var/lib/greygraph/greygraph.rrd'; # path to where the Greygraph RRD database is my $rrd_spam = '/var/lib/greygraph/greygraph_spam.rrd'; # path to where the Spam RRD database is my $tmp_dir = '/var/cache/mxgraphs'; # temporary directory where to store the images my @graphs = ( { title => 'Letzten 24 Stunden', seconds => 3600*24, }, { title => 'Letzten 7 Tage', seconds => 3600*24*7, }, { title => 'Letzten 31 Tage', seconds => 3600*24*31, }, { title => 'Letzten 12 Monate', seconds => 3600*24*365, }, ); my %color = ( sent => '000099', # rrggbb in hex received => '009900', whitelist => '999999', new => 'C1C1C1', early => 'AA0000', qspam => '000000', awl => 'DDBB00', reconnectok => '88FF00', rejected => 'AA0000', bounced => '000000', virus => 'DDBB00', spam => '999999', active => 'EFEF00', deferred => 'DD8800', ); sub rrd_graph(@) { my ($range, $file, $ypoints, @rrdargs) = @_; my $step = $range*$points_per_sample/$xpoints; my $end = time; $end -= $end % $step; my $date = localtime(time); $date =~ s|:|\\:|g unless $RRDs::VERSION < 1.199908; my ($graphret,$xs,$ys) = RRDs::graph($file, '--imgformat', 'PNG', '--width', $xpoints, '--height', $ypoints, '--start', "-$range", '--end', $end, '--vertical-label', 'msgs/min', '--lower-limit', 0, '--units-exponent', 0, # don't show milli-messages/s '--lazy', '--color', 'SHADEA#ffffff', '--color', 'SHADEB#ffffff', '--color', 'BACK#ffffff', $RRDs::VERSION < 1.2002 ? () : ( '--slope-mode'), @rrdargs, 'COMMENT:['.$date.']\r', ); my $ERR=RRDs::error; die "ERROR: $ERR\n" if $ERR; } sub graph($$) { my ($range, $file) = @_; my $step = $range*$points_per_sample/$xpoints; rrd_graph($range, $file, $ypoints, "DEF:sent=$rrd:sent:AVERAGE", "DEF:msent=$rrd:sent:MAX", "CDEF:rsent=sent,60,*", "CDEF:rmsent=msent,60,*", "CDEF:dsent=sent,UN,0,sent,IF,$step,*", "CDEF:ssent=PREV,UN,dsent,PREV,IF,dsent,+", "AREA:rsent#$color{sent}:Sent ", 'GPRINT:ssent:MAX:total\: %15.0lf msgs', 'GPRINT:rsent:AVERAGE:avg\: %12.2lf msgs/min', 'GPRINT:rmsent:MAX:max\: %11.0lf msgs/min\l', "DEF:recv=$rrd:recv:AVERAGE", "DEF:mrecv=$rrd:recv:MAX", "CDEF:rrecv=recv,60,*", "CDEF:rmrecv=mrecv,60,*", "CDEF:drecv=recv,UN,0,recv,IF,$step,*", "CDEF:srecv=PREV,UN,drecv,PREV,IF,drecv,+", "LINE2:rrecv#$color{received}:Received ", 'GPRINT:srecv:MAX:total\: %15.0lf msgs', 'GPRINT:rrecv:AVERAGE:avg\: %12.2lf msgs/min', 'GPRINT:rmrecv:MAX:max\: %11.0lf msgs/min\l', ); } sub graph_err($$) { my ($range, $file) = @_; my $step = $range*$points_per_sample/$xpoints; rrd_graph($range, $file, $ypoints_err, "DEF:bounced=$rrd:bounced:AVERAGE", "DEF:mbounced=$rrd:bounced:MAX", "CDEF:rbounced=bounced,60,*", "CDEF:dbounced=bounced,UN,0,bounced,IF,$step,*", "CDEF:sbounced=PREV,UN,dbounced,PREV,IF,dbounced,+", "CDEF:rmbounced=mbounced,60,*", "AREA:rbounced#$color{bounced}:Bounced ", 'GPRINT:sbounced:MAX:total\: %15.0lf msgs', 'GPRINT:rbounced:AVERAGE:avg\: %12.2lf msgs/min', 'GPRINT:rmbounced:MAX:max\: %11.0lf msgs/min\l', "DEF:virus=$rrd_virus:virus:AVERAGE", "DEF:mvirus=$rrd_virus:virus:MAX", "CDEF:rvirus=virus,60,*", "CDEF:dvirus=virus,UN,0,virus,IF,$step,*", "CDEF:svirus=PREV,UN,dvirus,PREV,IF,dvirus,+", "CDEF:rmvirus=mvirus,60,*", "STACK:rvirus#$color{virus}:Viruses ", 'GPRINT:svirus:MAX:total\: %15.0lf msgs', 'GPRINT:rvirus:AVERAGE:avg\: %12.2lf msgs/min', 'GPRINT:rmvirus:MAX:max\: %11.0lf msgs/min\l', "DEF:spam=$rrd_virus:spam:AVERAGE", "DEF:mspam=$rrd_virus:spam:MAX", "CDEF:rspam=spam,60,*", "CDEF:dspam=spam,UN,0,spam,IF,$step,*", "CDEF:sspam=PREV,UN,dspam,PREV,IF,dspam,+", "CDEF:rmspam=mspam,60,*", "STACK:rspam#$color{spam}:Spam ", 'GPRINT:sspam:MAX:total\: %15.0lf msgs', 'GPRINT:rspam:AVERAGE:avg\: %12.2lf msgs/min', 'GPRINT:rmspam:MAX:max\: %11.0lf msgs/min\l', "DEF:rejected=$rrd:rejected:AVERAGE", "DEF:mrejected=$rrd:rejected:MAX", "CDEF:rrejected=rejected,60,*", "CDEF:drejected=rejected,UN,0,rejected,IF,$step,*", "CDEF:srejected=PREV,UN,drejected,PREV,IF,drejected,+", "CDEF:rmrejected=mrejected,60,*", "LINE2:rrejected#$color{rejected}:Rejected ", 'GPRINT:srejected:MAX:total\: %15.0lf msgs', 'GPRINT:rrejected:AVERAGE:avg\: %12.2lf msgs/min', 'GPRINT:rmrejected:MAX:max\: %11.0lf msgs/min\l', ); } sub graph_queue($$) { my ($range, $file) = @_; my $step = $range*$points_per_sample/$xpoints; rrd_graph($range, $file, $ypoints_queue, "DEF:deferred=$rrd_queue:deferred:AVERAGE", "AREA:deferred#$color{deferred}:Deferred ", 'GPRINT:deferred:MAX:total\: %15.0lf msgs', 'GPRINT:deferred:AVERAGE:avg\: %12.2lf msgs/min', 'GPRINT:deferred:MAX:max\: %11.0lf msgs/min\l', "DEF:active=$rrd_queue:active:AVERAGE", "LINE2:active#$color{active}:Active+Incoming+Maildrop", 'GPRINT:active:MAX:total\: %15.0lf msgs', 'GPRINT:active:AVERAGE:avg\: %12.2lf msgs/min', 'GPRINT:active:MAX:max\: %11.0lf msgs/min\l', ); } sub graph_grey($$) { my ($range, $file) = @_; my $step = $range*$points_per_sample/$xpoints; rrd_graph($range, $file, $ypoints_grey, "DEF:new=$rrd_grey:new:AVERAGE", "DEF:mnew=$rrd_grey:new:MAX", "CDEF:rnew=new,60,*", "CDEF:rmnew=mnew,60,*", "CDEF:dnew=new,UN,0,new,IF,$step,*", "CDEF:snew=PREV,UN,dnew,PREV,IF,dnew,+", "LINE2:rnew#$color{new}:New ", 'GPRINT:snew:MAX:total\: %15.0lf msgs', 'GPRINT:rnew:AVERAGE:avg\: %12.2lf msgs/min', 'GPRINT:rmnew:MAX:max\: %11.0lf msgs/min\l', "DEF:reconnectok=$rrd_spam:reconnectok:AVERAGE", "DEF:mreconnectok=$rrd_spam:reconnectok:MAX", "CDEF:rreconnectok=reconnectok,60,*", "CDEF:dreconnectok=reconnectok,UN,0,reconnectok,IF,$step,*", "CDEF:sreconnectok=PREV,UN,dreconnectok,PREV,IF,dreconnectok,+", "CDEF:rmreconnectok=mreconnectok,60,*", "LINE2:rreconnectok#$color{reconnectok}:Reconnect O.K. ", 'GPRINT:sreconnectok:MAX:total\: %15.0lf msgs', 'GPRINT:rreconnectok:AVERAGE:avg\: %12.2lf msgs/min', 'GPRINT:rmreconnectok:MAX:max\: %11.0lf msgs/min\l', ); } sub graph_greydetail($$) { my ($range, $file) = @_; my $step = $range*$points_per_sample/$xpoints; rrd_graph($range, $file, $ypoints_greydetail, "DEF:whitelist=$rrd_grey:whitelist:AVERAGE", "DEF:mwhitelist=$rrd_grey:whitelist:MAX", "CDEF:rwhitelist=whitelist,60,*", "CDEF:rmwhitelist=mwhitelist,60,*", "CDEF:dwhitelist=whitelist,UN,0,whitelist,IF,$step,*", "CDEF:swhitelist=PREV,UN,dwhitelist,PREV,IF,dwhitelist,+", "LINE2:rwhitelist#$color{whitelist}:Whitelist ", 'GPRINT:swhitelist:MAX:total\: %15.0lf msgs', 'GPRINT:rwhitelist:AVERAGE:avg\: %12.2lf msgs/min', 'GPRINT:rmwhitelist:MAX:max\: %11.0lf msgs/min\l', "DEF:awl=$rrd_grey:awl:AVERAGE", "DEF:mawl=$rrd_grey:awl:MAX", "CDEF:rawl=awl,60,*", "CDEF:dawl=awl,UN,0,awl,IF,$step,*", "CDEF:sawl=PREV,UN,dawl,PREV,IF,dawl,+", "CDEF:rmawl=mawl,60,*", "LINE2:rawl#$color{awl}:Auto whitelist ", 'GPRINT:sawl:MAX:total\: %15.0lf msgs', 'GPRINT:rawl:AVERAGE:avg\: %12.2lf msgs/min', 'GPRINT:rmawl:MAX:max\: %11.0lf msgs/min\l', "DEF:spam=$rrd_spam:spam:AVERAGE", "DEF:mspam=$rrd_spam:spam:MAX", "CDEF:rspam=spam,60,*", "CDEF:dspam=spam,UN,0,spam,IF,$step,*", "CDEF:sspam=PREV,UN,dspam,PREV,IF,dspam,+", "CDEF:rmspam=mspam,60,*", "LINE2:rspam#$color{qspam}:Spam ", 'GPRINT:sspam:MAX:total\: %15.0lf msgs', 'GPRINT:rspam:AVERAGE:avg\: %12.2lf msgs/min', 'GPRINT:rmspam:MAX:max\: %11.0lf msgs/min\l', "DEF:early=$rrd_grey:early:AVERAGE", "DEF:mearly=$rrd_grey:early:MAX", "CDEF:rearly=early,60,*", "CDEF:dearly=early,UN,0,early,IF,$step,*", "CDEF:searly=PREV,UN,dearly,PREV,IF,dearly,+", "CDEF:rmearly=mearly,60,*", "STACK:rearly#$color{early}:Early connect ", 'GPRINT:searly:MAX:total\: %15.0lf msgs', 'GPRINT:rearly:AVERAGE:avg\: %12.2lf msgs/min', 'GPRINT:rmearly:MAX:max\: %11.0lf msgs/min\l', ); } sub print_html() { print "Content-Type: text/html\n\n"; print <<HEADER; <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Mailserver Statistiken auf $host</title> <meta http-equiv="Refresh" content="300" /> <meta http-equiv="Pragma" content="no-cache" /> <link rel="stylesheet" href="mxgraphs.css" type="text/css" /> </head> <body> HEADER print "<h1>Mailserver Statistiken für<br>$host</h1>\n"; print "<ul id=\"jump\">\n"; for my $n (0..$#graphs) { print " <li><a href=\"#G$n\">$graphs[$n]{title}</a> </li>\n"; } print "</ul>\n"; for my $n (0..$#graphs) { print "<h2 id=\"G$n\">$graphs[$n]{title}</h2>\n"; print "<p><img src=\"$scriptname?${n}-n\" alt=\"mxgraphs - received and sent\"/></p>\n"; print "<p><img src=\"$scriptname?${n}-e\" alt=\"mxgraphs - blocked\"/></p>\n"; print "<p><img src=\"$scriptname?${n}-g\" alt=\"mxgraphs - greylisted\"/></p>\n"; print "<p><img src=\"$scriptname?${n}-d\" alt=\"mxgraphs - greylisted (detailed)\"/></p>\n"; print "<p><img src=\"$scriptname?${n}-q\" alt=\"mxgraphs - mailqueues\"/></p>\n"; } print <<FOOTER; <hr/> <table border="0" style="font-size:12px" width="900"> <colgroup> <col width="200"> <col width="425"> <col width="123"> </colgroup> <tr class="row0"> <td class="col0 leftalign"> <a href="http://dokuwiki.nausch.org/doku.php/centos:mail_c6:mta_11#mxgraphs">MX-Graphs </a>$VERSION by <a href="mailto:django@it-ignorant.org?subject=MX-Graphs%20for%20my%20Mailserver">Django</a> based on </td> <td> <a href="http://david.schweikert.ch/">David Schweikert's</a> <a href="http://mailgraph.schweikert.ch/">Mailgraph</a>, </td> <td class="col2 rightalign" rowspan="3"> <a href="http://oss.oetiker.ch/rrdtool/"><img src="rrdtool-3dlogo.png" alt="" width="135" height="50" align="right" align="middle"/></a> </td> </tr> <tr class="row1"> <td class="col0 leftalign"> </td> <td class="col1 leftalign"> <a href="http://www.gichenbacher.de/kontakt">Markus Neubauer's </a> <a href="http://www.std-soft.com/bfaq/46-k-faq-server/117-greygraph-mail-statistik.html">Greygraph</a> and </td> </tr> <tr class="row2"> <td class="col0 leftalign"> </td> <td class="col1 leftalign"> <a href="http://www.arschkrebs.de/">Ralf Hildebrandt's </a><a href="http://www.arschkrebs.de/postfix/queuegraph">Queuegraph</a>. </td> </tr> </table> </body> </html> FOOTER } sub send_image($) { my ($file)= @_; -r $file or do { print "Content-type: text/plain\n\nERROR: can't find $file\n"; exit 1; }; print "Content-type: image/png\n"; print "Content-length: ".((stat($file))[7])."\n"; print "\n"; open(IMG, $file) or die; my $data; print $data while read(IMG, $data, 16384)>0; } sub main() { my $uri = $ENV{REQUEST_URI} || ''; $uri =~ s/\/[^\/]+$//; $uri =~ s/\//,/g; $uri =~ s/(\~|\%7E)/tilde,/g; mkdir $tmp_dir, 0777 unless -d $tmp_dir; mkdir "$tmp_dir/$uri", 0777 unless -d "$tmp_dir/$uri"; my $img = $ENV{QUERY_STRING}; if(defined $img and $img =~ /\S/) { if($img =~ /^(\d+)-n$/) { my $file = "$tmp_dir/$uri/mxgraph_$1.png"; graph($graphs[$1]{seconds}, $file); send_image($file); } elsif($img =~ /^(\d+)-e$/) { my $file = "$tmp_dir/$uri/mxgraph_$1_err.png"; graph_err($graphs[$1]{seconds}, $file); send_image($file); } elsif($img =~ /^(\d+)-g$/) { my $file = "$tmp_dir/$uri/mxgraph_$1_grey.png"; graph_grey($graphs[$1]{seconds}, $file); send_image($file); } elsif($img =~ /^(\d+)-d$/) { my $file = "$tmp_dir/$uri/mxgraph_$1_greydetail.png"; graph_greydetail($graphs[$1]{seconds}, $file); send_image($file); } elsif($img =~ /^(\d+)-q$/) { my $file = "$tmp_dir/$uri/mxgraph_$1_queue.png"; graph_queue($graphs[$1]{seconds}, $file); send_image($file); } else { die "ERROR: invalid argument\n"; } } else { print_html; } } main;
Webaufruf
Über unseren Vhost erhalten wir nun optisch schön ansprechende Übersichten über den Mailverkehr unseres MX.
AWStats
Mit Hilfe zweier Perlscripte erstellen wir nun täglich einen Statusbericht über das was unserem MX widerfahren ist, und rufen später diese Information via Firefox/Konqueror ab. :)
Installation
Die Grundinstallation von AWStats ist Logfileanalyse und -Auswertung mit AWStats unter CentOS 6.x ausfürlich beschrieben.
WICHTG:
Damit eine erfolgreiche LOG-Datei-Auswertung mit Hilfe von AWStats durchgeführt werden kann, müssen auf die Dateien /var/log/maillog* mit nachfolgendem Befehl die Zugriffsrechte angepasst werden.
# chmod 644 /var/log/maillog*
Konfiguration
Zur eigentlichen Logfileauswertung legen wir uns nun eine eigene Konfigurationdatei für AWStats an. Als Vorlage nutzen wir hier die, im RPM mitgelieferte default-Datei /etc/awstats/awstats.localhost.localdomain.conf.
# cp /etc/awstats/awstats.localhost.localdomain.conf /etc/awstats/awstats.mx1.nausch.org.conf
Darin passen wir nun alle Konfigurationsoptionen, die für das maillog von Postfix relevant sind, an.
# vim /etc/awstats/awstats.mx1.nausch.org.conf
- /etc/awstats/awstats.mx1.nausch.org.conf
# AWSTATS CONFIGURE FILE 7.0 #----------------------------------------------------------------------------- # Copy this file into awstats.www.mydomain.conf and edit this new config file # to setup AWStats (See documentation in docs/ directory). # The config file must be in /etc/awstats, /usr/local/etc/awstats or /etc (for # Unix/Linux) or same directory than awstats.pl (Windows, Mac, Unix/Linux...) # To include an environment variable in any parameter (AWStats will replace # it with its value when reading it), follow the example: # Parameter="__ENVNAME__" # Note that environment variable AWSTATS_CURRENT_CONFIG is always defined with # the config value in an AWStats running session and can be used like others. #----------------------------------------------------------------------------- # $Revision: 1.350 $ - $Author: eldy $ - $Date: 2010/09/29 19:16:21 $ #----------------------------------------------------------------------------- # MAIN SETUP SECTION (Required to make AWStats work) #----------------------------------------------------------------------------- # "LogFile" contains the web, ftp or mail server log file to analyze. # Possible values: A full path, or a relative path from awstats.pl directory. # Example: "/var/log/apache/access.log" # Example: "../logs/mycombinedlog.log" # You can also use tags in this filename if you need a dynamic file name # depending on date or time (Replacement is made by AWStats at the beginning # of its execution). This is available tags : # %YYYY-n is replaced with 4 digits year we were n hours ago # %YY-n is replaced with 2 digits year we were n hours ago # %MM-n is replaced with 2 digits month we were n hours ago # %MO-n is replaced with 3 letters month we were n hours ago # %DD-n is replaced with day we were n hours ago # %HH-n is replaced with hour we were n hours ago # %NS-n is replaced with number of seconds at 00:00 since 1970 # %WM-n is replaced with the week number in month (1-5) # %Wm-n is replaced with the week number in month (0-4) # %WY-n is replaced with the week number in year (01-52) # %Wy-n is replaced with the week number in year (00-51) # %DW-n is replaced with the day number in week (1-7, 1=sunday) # use n=24 if you need (1-7, 1=monday) # %Dw-n is replaced with the day number in week (0-6, 0=sunday) # use n=24 if you need (0-6, 0=monday) # Use 0 for n if you need current year, month, day, hour... # Example: "/var/log/access_log.%YYYY-0%MM-0%DD-0.log" # Example: "C:/WINNT/system32/LogFiles/W3SVC1/ex%YY-24%MM-24%DD-24.log" # You can also use a pipe if log file come from a pipe : # Example: "gzip -d </var/log/apache/access.log.gz |" # If there are several log files from load balancing servers : # Example: "/pathtotools/logresolvemerge.pl *.log |" # # Django : 2012-07-03 # default: LogFile="/var/log/httpd/access_log" LogFile="perl /usr/bin/maillogconvert.pl standard < /var/log/maillog |" # Enter the log file type you want to analyze. # Possible values: # W - For a web log file # S - For a streaming log file # M - For a mail log file # F - For a ftp log file # Example: W # Default: W # # Django : 2012-07-03 # default: LogType=W LogType=M # Enter here your log format (Must match your web server config. See setup # instructions in documentation to know how to configure your web server to # have the required log format). # Possible values: 1,2,3,4 or "your_own_personalized_log_format" # 1 - Apache or Lotus Notes/Domino native combined log format (NCSA combined/XLF/ELF log format) # 2 - IIS or ISA format (IIS W3C log format). See FAQ-COM115 For ISA. # 3 - Webstar native log format. # 4 - Apache or Squid native common log format (NCSA common/CLF log format) # With LogFormat=4, some features (browsers, os, keywords...) can't work. # "your_own_personalized_log_format" = If your log is ftp, mail or other format, # you must use following keys to define the log format string (See FAQ for # ftp, mail or exotic web log format examples): # %host Client hostname or IP address (or Sender host for mail log) # %host_r Receiver hostname or IP address (for mail log) # %lognamequot Authenticated login/user with format: "john" # %logname Authenticated login/user with format: john # %time1 Date and time with format: [dd/mon/yyyy:hh:mm:ss +0000] or [dd/mon/yyyy:hh:mm:ss] # %time2 Date and time with format: yyyy-mm-dd hh:mm:ss # %time3 Date and time with format: Mon dd hh:mm:ss or Mon dd hh:mm:ss yyyy # %time4 Date and time with unix timestamp format: dddddddddd # %methodurl Method and URL with format: "GET /index.html HTTP/x.x" # %methodurlnoprot Method and URL with format: "GET /index.html" # %method Method with format: GET # %url URL only with format: /index.html # %query Query string (used by URLWithQuery option) # %code Return code status (with format for web log: 999) # %bytesd Size of document in bytes # %refererquot Referer page with format: "http://from.com/from.htm" # %referer Referer page with format: http://from.com/from.htm # %uabracket User agent with format: [Mozilla/4.0 (compatible, ...)] # %uaquot User agent with format: "Mozilla/4.0 (compatible, ...)" # %ua User agent with format: Mozilla/4.0_(compatible...) # %gzipin mod_gzip compression input bytes: In:XXX # %gzipout mod_gzip compression output bytes & ratio: Out:YYY:ZZpct. # %gzipratio mod_gzip compression ratio: ZZpct. # %deflateratio mod_deflate compression ratio with format: (ZZ) # %email EMail sender (for mail log) # %email_r EMail receiver (for mail log) # %virtualname Web sever virtual hostname. Use this tag when same log # contains data of several virtual web servers. AWStats # will discard records not in SiteDomain nor HostAliases # %cluster If log file is provided from several computers (merged by # logresolvemerge.pl), use this to define cluster id field. # %extraX Another field that you plan to use for building a # personalized report with ExtraSection feature (See later). # If your log format has some fields not included in this list, use: # %other Means another not used field # %otherquot Means another not used double quoted field # # Examples for Apache combined logs (following two examples are equivalent): # LogFormat = 1 # LogFormat = "%host %other %logname %time1 %methodurl %code %bytesd %refererquot %uaquot" # # Example for IIS: # LogFormat = 2 # # Django : 2012-07-03 # default: LogFormat=1 LogFormat="%time2 %email %email_r %host %host_r %method %url %code %bytesd" # If your log field's separator is not a space, you can change this parameter. # This parameter is not used if LogFormat is a predefined value (1,2,3,4) # Backslash can be used as escape character. # Example: " " # Example: "\t" # Example: "\|" # Example: "," # Default: " " # LogSeparator=" " # "SiteDomain" must contain the main domain name, or the main intranet web # server name, used to reach the web site. # If you share the same log file for several virtual web servers, this # parameter is used to tell AWStats to filter record that contains records for # this virtual host name only (So check that this virtual hostname can be # found in your log file and use a personalized log format that include the # %virtualname tag). # But for multi hosting a better solution is to have one log file for each # virtual web server. In this case, this parameter is only used to generate # full URL's links when ShowLinksOnUrl option is set to 1. # If analyzing mail log, enter here the domain name of mail server. # Example: "myintranetserver" # Example: "www.domain.com" # Example: "ftp.domain.com" # Example: "domain.com" # # Django : 2012-07-03 # default: SiteDomain="localhost.localdomain" SiteDomain="mx1.nausch.org" # Enter here all other possible domain names, addresses or virtual host # aliases someone can use to access your site. Try to keep only the minimum # number of possible names/addresses to have the best performances. # You can repeat the "SiteDomain" value in this list. # This parameter is used to analyze referer field in log file and to help # AWStats to know if a referer URL is a local URL of same site or an URL of # another site. # Note: Use space between each value. # Note: You can use regular expression values writing value with REGEX[value]. # Note: You can also use @/mypath/myfile if list of aliases are in a file. # Example: "www.myserver.com localhost 127.0.0.1 REGEX[mydomain\.(net|org)$]" # # Django : 2012-07-03 # default: HostAliases="localhost 127.0.0.1" HostAliases=„localhost 127.0.0.1 REGEX[nausch\.org$] REGEX[www\.nausch\.org$]“ # If you want to have hosts reported by name instead of ip address, AWStats # need to make reverse DNS lookups (if not already done in your log file). # With DNSLookup to 0, all hosts will be reported by their IP addresses and # not by the full hostname of visitors (except if names are already available # in log file). # If you want/need to set DNSLookup to 1, don't forget that this will reduce # dramatically AWStats update process speed. Do not use on large web sites. # Note: Reverse DNS lookup is done on IPv4 only (Enable ipv6 plugin for IPv6). # Note: Result of DNS Lookup can be used to build the Country report. However # it is highly recommanded to enable the plugin 'geoip' or 'geoipfree' to # have an accurate Country report with no need of DNS Lookup. # Possible values: # 0 - No DNS Lookup # 1 - DNS Lookup is fully enabled # 2 - DNS Lookup is made only from static DNS cache file (if it exists) # Default: 2 # DNSLookup=2 # When AWStats updates its statistics, it stores results of its analysis in # files (AWStats database). All those files are written in the directory # defined by the "DirData" parameter. Set this value to the directory where # you want AWStats to save its database and working files into. # Warning: If you want to be able to use the "AllowToUpdateStatsFromBrowser" # feature (see later), you need "Write" permissions by web server user on this # directory (and "Modify" for Windows NTFS file systems). # Example: "/var/lib/awstats" # Example: "../data" # Example: "C:/awstats_data_dir" # Default: "." (means same directory as awstats.pl) # DirData="/var/www/awstats" # Relative or absolute web URL of your awstats cgi-bin directory. # This parameter is used only when AWStats is run from command line # with -output option (to generate links in HTML reported page). # Example: "/awstats" # Default: "/cgi-bin" (means awstats.pl is in "/yourwwwroot/cgi-bin") # DirCgi="/awstats" # Relative or absolute web URL of your awstats icon directory. # If you build static reports ("... -output > outputpath/output.html"), enter # path of icon directory relative to the output directory 'outputpath'. # Example: "/awstatsicons" # Example: "../icon" # Default: "/icon" (means you must copy icon directories in "/mywwwroot/icon") # DirIcons="/awstats/icon" # When this parameter is set to 1, AWStats adds a button on report page to # allow to "update" statistics from a web browser. Warning, when "update" is # made from a browser, AWStats is run as a CGI by the web server user defined # in your web server (user "nobody" by default with Apache, "IUSR_XXX" with # IIS), so the "DirData" directory and all already existing history files # awstatsMMYYYY[.xxx].txt must be writable by this user. Change permissions if # necessary to "Read/Write" (and "Modify" for Windows NTFS file systems). # Warning: Update process can be long so you might experience "time out" # browser errors if you don't launch AWStats frequently enough. # When set to 0, update is only made when AWStats is run from the command # line interface (or a task scheduler). # Possible values: 0 or 1 # Default: 0 # # Django : 2012-07-03 # default: AllowToUpdateStatsFromBrowser=0 AllowToUpdateStatsFromBrowser=1 # AWStats saves and sorts its database on a month basis (except if using # databasebreak option from command line). # However, if you choose the -month=all from command line or # value '-Year-' from CGI combo form to have a report for all year, AWStats # needs to reload all data for full year (each month), and sort them, # requiring a large amount of time, memory and CPU. This might be a problem # for web hosting providers that offer AWStats for large sites, on shared # servers, to non CPU cautious customers. # For this reason, the 'full year' is only enabled on Command Line by default. # You can change this by setting this parameter to 0, 1, 2 or 3. # Possible values: # 0 - Never allowed # 1 - Allowed on CLI only, -Year- value in combo is not visible # 2 - Allowed on CLI only, -Year- value in combo is visible but not allowed # 3 - Possible on CLI and CGI # Default: 2 # AllowFullYearView=2 #----------------------------------------------------------------------------- # OPTIONAL SETUP SECTION (Not required but increase AWStats features) #----------------------------------------------------------------------------- # When the update process runs, AWStats can set a lock file in TEMP or TMP # directory. This lock is to avoid to have 2 update processes running at the # same time to prevent unknown conflicts problems and avoid DoS attacks when # AllowToUpdateStatsFromBrowser is set to 1. # Because, when you use lock file, you can experience sometimes problems in # lock file not correctly removed (killed process for example requires that # you remove the file manualy), this option is not enabled by default (Do # not enable this option with no console server access). # Change : Effective immediatly # Possible values: 0 or 1 # Default: 0 # EnableLockForUpdate=1 # AWStats can do reverse DNS lookups through a static DNS cache file that was # previously created manually. If no path is given in static DNS cache file # name, AWStats will search DirData directory. This file is never changed. # This option is not used if DNSLookup=0. # Note: DNS cache file format is 'minsince1970 ipaddress resolved_hostname' # or just 'ipaddress resolved_hostname' # Change : Effective for new updates only # Example: "/mydnscachedir/dnscache" # Default: "dnscache.txt" # DNSStaticCacheFile="dnscache.txt" # AWStats can do reverse DNS lookups through a DNS cache file that was created # by a previous run of AWStats. This file is erased and recreated after each # statistics update process. You don't need to create and/or edit it. # AWStats will read and save this file in DirData directory. # This option is used only if DNSLookup=1. # Note: If a DNSStaticCacheFile is available, AWStats will check for DNS # lookup in DNSLastUpdateCacheFile after checking into DNSStaticCacheFile. # Change : Effective for new updates only # Example: "/mydnscachedir/dnscachelastupdate" # Default: "dnscachelastupdate.txt" # DNSLastUpdateCacheFile="dnscachelastupdate.txt" # You can specify specific IP addresses that should NOT be looked up in DNS. # This option is used only if DNSLookup=1. # Note: Use space between each value. # Note: You can use regular expression values writing value with REGEX[value]. # Change : Effective for new updates only # Example: "123.123.123.123 REGEX[^192\.168\.]" # Default: "" # SkipDNSLookupFor="" # The following two parameters allow you to protect a config file from being # read by AWStats when called from a browser if web user has not been # authenticated. Your AWStats program must be in a web protected "realm" (With # Apache, you can use .htaccess files to do so. With other web servers, see # your server setup manual). # Change : Effective immediatly # Possible values: 0 or 1 # Default: 0 # # Django : 2012-07-03 # default: AllowAccessFromWebToAuthenticatedUsersOnly=0 #AllowAccessFromWebToAuthenticatedUsersOnly=1 AllowAccessFromWebToAuthenticatedUsersOnly=0 # This parameter gives the list of all authorized authenticated users to view # statistics for this domain/config file. This parameter is used only if # AllowAccessFromWebToAuthenticatedUsersOnly is set to 1. # Change : Effective immediatly # Example: "user1 user2" # Example: "__REMOTE_USER__" # Default: "" # # Django : 2012-07-03 # default: AllowAccessFromWebToFollowingAuthenticatedUsers="" # AllowAccessFromWebToFollowingAuthenticatedUsers="django bigchief" AllowAccessFromWebToFollowingAuthenticatedUsers="" # When this parameter is defined to something, the IP address of the user that # reads its statistics from a browser (when AWStats is used as a CGI) is # checked and must match one of the IP address values or ranges. # Change : Effective immediatly # Example: "127.0.0.1 123.123.123.1-123.123.123.255" # Default: "" # AllowAccessFromWebToFollowingIPAddresses="" # If the "DirData" directory (see above) does not exist, AWStats return an # error. However, you can ask AWStats to create it. # This option can be used by some Web Hosting Providers that has defined a # dynamic value for DirData (for example DirData="/home/__REMOTE_USER__") and # don't want to have to create a new directory each time they add a new user. # Change : Effective immediatly # Possible values: 0 or 1 # Default: 0 # CreateDirDataIfNotExists=0 # You can choose in which format the Awstats history database is saved. # Note: Using "xml" format make AWStats building database files three times # larger than using "text" format. # Change : Database format is switched after next update # Possible values: text or xml # Default: text # BuildHistoryFormat=text # If you prefer having the report output pages be built as XML compliant pages # instead of simple HTML pages, you can set this to 'xhtml' (May not work # properly with old browsers). # Change : Effective immediatly # Possible values: html or xhtml # Default: html # BuildReportFormat=html # AWStats databases can be updated from command line of from a browser (when # used as a cgi program). So AWStats database files need write permission # for both command line user and default web server user (nobody for Unix, # IUSR_xxx for IIS/Windows,...). # To avoid permission problems between update process (run by an admin user) # and CGI process (ran by a low level user), AWStats can save its database # files with read and write permissions for everyone. # By default, AWStats keeps default user permissions on updated files. If you # set AllowToUpdateStatsFromBrowser to 1, you can change this parameter to 1. # Change : Effective for new updates only # Possible values: 0 or 1 # Default: 0 # # Django : 2012-07-03 # default: SaveDatabaseFilesWithPermissionsForEveryone=0 SaveDatabaseFilesWithPermissionsForEveryone=1 # AWStats can purge log file, after analyzing it. Note that AWStats is able # to detect new lines in a log file, to process only them, so you can launch # AWStats as often as you want, even with this parameter to 0. # With 0, no purge is made, so you must use a scheduled task or a web server # that make this purge frequently. # With 1, the purge of the log file is made each time AWStats update is run. # This parameter doesn't work with IIS (This web server doesn't let its log # file to be purged). # Change : Effective for new updates only # Possible values: 0 or 1 # Default: 0 # PurgeLogFile=0 # When PurgeLogFile is setup to 1, AWStats will clean your log file after # processing it. You can however keep an archive file of all processed log # records by setting this parameter (For example if you want to use another # log analyzer). The archived log file is saved in "DirData" with name # awstats_archive.configname[.suffix].log # This parameter is not used if PurgeLogFile=0 # Change : Effective for new updates only # Possible values: 0, 1, or tags (See LogFile parameter) for suffix # Example: 1 # Example: %YYYY%MM%DD # Default: 0 # ArchiveLogRecords=0 # Each time you run the update process, AWStats overwrites the 'historic file' # for the month (awstatsMMYYYY[.*].txt) with the updated one. # When write errors occurs (IO, disk full,...), this historic file can be # corrupted and must be deleted. Because this file contains information of all # past processed log files, you will loose old stats if removed. So you can # ask AWStats to save last non corrupted file in a .bak file. This file is # stored in "DirData" directory with other 'historic files'. # Change : Effective for new updates only # Possible values: 0 or 1 # Default: 0 # KeepBackupOfHistoricFiles=1 # Default index page name for your web server. # Change : Effective for new updates only # Example: "index.php index.html default.html" # Default: "index.php index.html" # DefaultFile="index.php index.html" # Do not include access from clients that match following criteria. # If your log file contains IP addresses in host field, you must enter here # matching IP addresses criteria. # If DNS lookup is already done in your log file, you must enter here hostname # criteria, else enter ip address criteria. # The opposite parameter of "SkipHosts" is "OnlyHosts". # Note: Use space between each value. This parameter is not case sensitive. # Note: You can use regular expression values writing value with REGEX[value]. # Change : Effective for new updates only # Example: "127.0.0.1 REGEX[^192\.168\.] REGEX[^10\.]" # Example: "localhost REGEX[^.*\.localdomain$]" # Default: "" # # Django : 2012-07-03 # default: SkipHosts="127.0.0.1 SkipHosts="" # Do not include access from clients with a user agent that match following # criteria. If you want to exclude a robot, you should update the robots.pm # file instead of this parameter. # The opposite parameter of "SkipUserAgents" is "OnlyUserAgents". # Note: Use space between each value. This parameter is not case sensitive. # Note: You can use regular expression values writing value with REGEX[value]. # Change : Effective for new updates only # Example: "konqueror REGEX[ua_test_v\d\.\d]" # Default: "" # SkipUserAgents="" # Use SkipFiles to ignore access to URLs that match one of following entries. # You can enter a list of not important URLs (like framed menus, hidden pages, # etc...) to exclude them from statistics. You must enter here exact relative # URL as found in log file, or a matching REGEX value. Check apply on URL with # all its query paramaters. # For example, to ignore /badpage.php, just add "/badpage.php". To ignore all # pages in a particular directory, add "REGEX[^\/directorytoexclude]". # The opposite parameter of "SkipFiles" is "OnlyFiles". # Note: Use space between each value. This parameter is or not case sensitive # depending on URLNotCaseSensitive parameter. # Note: You can use regular expression values writing value with REGEX[value]. # Change : Effective for new updates only # Example: "/badpage.php /page.php?param=x REGEX[^\/excludedirectory]" # Default: "" # SkipFiles="" # Use SkipReferrersBlackList if you want to exclude records coming from a SPAM # referrer. Parameter must receive a local file name containing rules applied # on referrer field. If parameter is empty, no filter is applied. # An example of such a file is available in lib/blacklist.txt # Change : Effective for new updates only # Example: "/mylibpath/blacklist.txt" # Default: "" # # WARNING!! Using this feature make AWStats running very slower (5 times slower # with black list file provided with AWStats ! # SkipReferrersBlackList="" # Include in stats, only accesses from hosts that match one of following # entries. For example, if you want AWStats to filter access to keep only # stats for visits from particular hosts, you can add those host names in # this parameter. # If DNS lookup is already done in your log file, you must enter here hostname # criteria, else enter ip address criteria. # The opposite parameter of "OnlyHosts" is "SkipHosts". # Note: Use space between each value. This parameter is not case sensitive. # Note: You can use regular expression values writing value with REGEX[value]. # Change : Effective for new updates only # Example: "127.0.0.1 REGEX[^192\.168\.] REGEX[^10\.]" # Default: "" # OnlyHosts="" # Include in stats, only accesses from user agent that match one of following # entries. For example, if you want AWStats to filter access to keep only # stats for visits from particular browsers, you can add their user agents # string in this parameter. # The opposite parameter of "OnlyUserAgents" is "SkipUserAgents". # Note: Use space between each value. This parameter is not case sensitive. # Note: You can use regular expression values writing value with REGEX[value]. # Change : Effective for new updates only # Example: "msie" # Default: "" # OnlyUserAgents="" # Include in stats, only accesses from authenticated users that match one of # following entries. For example, if you want AWStats to filter access to keep # only stats for authenticated users, you can add those users names in # this parameter. Useful for statistics for per user ftp logs. # Note: Use space between each value. This parameter is not case sensitive. # Note: You can use regular expression values writing value with REGEX[value]. # Change : Effective for new updates only # Example: "john bob REGEX[^testusers]" # Default: "" # OnlyUsers="" # Include in stats, only accesses to URLs that match one of following entries. # For example, if you want AWStats to filter access to keep only stats that # match a particular string, like a particular directory, you can add this # directory name in this parameter. # The opposite parameter of "OnlyFiles" is "SkipFiles". # Note: Use space between each value. This parameter is or not case sensitive # depending on URLNotCaseSensitive parameter. # Note: You can use regular expression values writing value with REGEX[value]. # Change : Effective for new updates only # Example: "REGEX[marketing_directory] REGEX[office\/.*\.(csv|sxw)$]" # Default: "" # OnlyFiles="" # Add here a list of kind of url (file extension) that must be counted as # "Hit only" and not as a "Hit" and "Page/Download". You can set here all # image extensions as they are hit downloaded that must be counted but they # are not viewed pages. URLs with such extensions are not included in the TOP # Pages/URL report. # Note: If you want to exclude particular URLs from stats (No Pages and no # Hits reported), you must use SkipFiles parameter. # Change : Effective for new updates only # Example: "css js class gif jpg jpeg png bmp ico rss xml swf zip arj rar gz z bz2 wav mp3 wma mpg avi" # Example: "" # Default: "css js class gif jpg jpeg png bmp ico rss xml swf" # NotPageList="css js class gif jpg jpeg png bmp ico rss xml swf" # By default, AWStats considers that records found in web log file are # successful hits if HTTP code returned by server is a valid HTTP code (200 # and 304). Any other code are reported in HTTP status chart. # Note that HTTP 'control codes', like redirection (302, 305) are not added by # default in this list as they are not pages seen by a visitor but are # protocol exchange codes to tell the browser to ask another page. Because # this other page will be counted and seen with a 200 or 304 code, if you # add such codes, you will have 2 pages viewed reported for only one in facts. # Change : Effective for new updates only # Example: "200 304 302 305" # Default: "200 304" # ValidHTTPCodes="200 304" # By default, AWStats considers that records found in mail log file are # successful mail transfers if field that represent return code in analyzed # log file match values defined by this parameter. # Change : Effective for new updates only # Example: "1 250 200" # Default: "1 250" # ValidSMTPCodes="1 250" # Some web servers on some Operating systems (IIS-Windows) consider that a # login with same value but different case are the same login. To tell AWStats # to also consider them as one, set this parameter to 1. # Change : Effective for new updates only # Possible values: 0 or 1 # Default: 0 # AuthenticatedUsersNotCaseSensitive=0 # Some web servers on some Operating systems (IIS-Windows) considers that two # URLs with same value but different case are the same URL. To tell AWStats to # also considers them as one, set this parameter to 1. # Change : Effective for new updates only # Possible values: 0 or 1 # Default: 0 # URLNotCaseSensitive=0 # Keep or remove the anchor string you can find in some URLs. # Change : Effective for new updates only # Possible values: 0 or 1 # Default: 0 # URLWithAnchor=0 # In URL links, "?" char is used to add parameter's list in URLs. Syntax is: # /mypage.html?param1=value1¶m2=value2 # However, some servers/sites use also other chars to isolate dynamic part of # their URLs. You can complete this list with all such characters. # Change : Effective for new updates only # Example: "?;," # Default: "?;" # URLQuerySeparators="?;" # Keep or remove the query string to the URL in the statistics for individual # pages. This is primarily used to differentiate between the URLs of dynamic # pages. If set to 1, mypage.html?id=x and mypage.html?id=y are counted as two # different pages. # Warning, when set to 1, memory required to run AWStats is dramatically # increased if you have a lot of changing URLs (for example URLs with a random # id inside). Such web sites should not set this option to 1 or use seriously # the next parameter URLWithQueryWithOnlyFollowingParameters (or eventually # URLWithQueryWithoutFollowingParameters). # Change : Effective for new updates only # Possible values: # 0 - URLs are cleaned from the query string (ie: "/mypage.html") # 1 - Full URL with query string is used (ie: "/mypage.html?p=x&q=y") # Default: 0 # URLWithQuery=0 # When URLWithQuery is on, you will get the full URL with all parameters in # URL reports. But among thoose parameters, sometimes you don't need a # particular parameter because it does not identify the page or because it's # a random ID changing for each access even if URL points to same page. In # such cases, it is higly recommanded to ask AWStats to keep only parameters # you need (if you know them) before counting, manipulating and storing URL. # Enter here list of wanted parameters. For example, with "param", one hit on # /mypage.cgi?param=abc&id=Yo4UomP9d and /mypage.cgi?param=abc&id=Mu8fdxl3r # will be reported as 2 hits on /mypage.cgi?param=abc # This parameter is not used when URLWithQuery is 0 and can't be used with # URLWithQueryWithoutFollowingParameters. # Change : Effective for new updates only # Example: "param" # Default: "" # URLWithQueryWithOnlyFollowingParameters="" # When URLWithQuery is on, you will get the full URL with all parameters in # URL reports. But among thoose parameters, sometimes you don't need a # particular parameter because it does not identify the page or because it's # a random ID changing for each access even if URL points to same page. In # such cases, it is higly recommanded to ask AWStats to remove such parameters # from the URL before counting, manipulating and storing URL. Enter here list # of all non wanted parameters. For example if you enter "id", one hit on # /mypage.cgi?param=abc&id=Yo4UomP9d and /mypage.cgi?param=abc&id=Mu8fdxl3r # will be reported as 2 hits on /mypage.cgi?param=abc # This parameter is not used when URLWithQuery is 0 and can't be used with # URLWithQueryWithOnlyFollowingParameters. # Change : Effective for new updates only # Example: "PHPSESSID jsessionid" # Default: "" # URLWithQueryWithoutFollowingParameters="" # Keep or remove the query string to the referrer URL in the statistics for # external referrer pages. This is used to differentiate between the URLs of # dynamic referrer pages. If set to 1, mypage.html?id=x and mypage.html?id=y # are counted as two different referrer pages. # Change : Effective for new updates only # Possible values: # 0 - Referrer URLs are cleaned from the query string (ie: "/mypage.html") # 1 - Full URL with query string is used (ie: "/mypage.html?p=x&q=y") # Default: 0 # URLReferrerWithQuery=0 # AWStats can detect setup problems or show you important informations to have # a better use. Keep this to 1, except if AWStats says you can change it. # Change : Effective immediatly # Possible values: 0 or 1 # Default: 1 # WarningMessages=1 # When an error occurs, AWStats outputs a message related to errors. If you # want (in most cases for security reasons) to have no error messages, you # can set this parameter to your personalized generic message. # Change : Effective immediatly # Example: "An error occurred. Contact your Administrator" # Default: "" # ErrorMessages="" # AWStat can be run with debug=x parameter to output various informations # to help in debugging or solving troubles. If you want to allow this (not # enabled by default for security reasons), set this parameter to 0. # Change : Effective immediatly # Possible values: 0 or 1 # Default: 0 # DebugMessages=0 # To help you to detect if your log format is good, AWStats reports an error # if all the first NbOfLinesForCorruptedLog lines have a format that does not # match the LogFormat parameter. # However, some worm virus attack on your web server can result in a very high # number of corrupted lines in your log. So if you experience awstats stop # because of bad virus records at the beginning of your log file, you can # increase this parameter (very rare). # Change : Effective for new updates only # Default: 50 # NbOfLinesForCorruptedLog=50 # For some particular integration needs, you may want to have CGI links to # point to another script than awstats.pl. # Use the name of this script in WrapperScript parameter. # Change : Effective immediatly # Example: "awstatslauncher.pl" # Example: "awstatswrapper.cgi?key=123" # Default: "" # WrapperScript="" # DecodeUA must be set to 1 if you use Roxen web server. This server converts # all spaces in user agent field into %20. This make the AWStats robots, OS # and browsers detection fail in some cases. Just change it to 1 if and only # if your web server is Roxen. # Change : Effective for new updates only # Possible values: 0 or 1 # Default: 0 # DecodeUA=0 # MiscTrackerUrl can be used to make AWStats able to detect some miscellaneous # things, that can not be tracked on other way, like: # - Javascript disabled # - Java enabled # - Screen size # - Color depth # - Macromedia Director plugin # - Macromedia Shockwave plugin # - Realplayer G2 plugin # - QuickTime plugin # - Mediaplayer plugin # - Acrobat PDF plugin # To enable all these features, you must copy the awstats_misc_tracker.js file # into a /js/ directory stored in your web document root and add the following # HTML code at the end of your index page (but before </BODY>) : # # <script type="text/javascript" src="/js/awstats_misc_tracker.js"></script> # <noscript><img src="/js/awstats_misc_tracker.js?nojs=y" height=0 width=0 border=0 style="display: none"></noscript> # # If code is not added in index page, all those detection capabilities will be # disabled. You must also check that ShowScreenSizeStats and ShowMiscStats # parameters are set to 1 to make results appear in AWStats report page. # If you want to use another directory than /js/, you must also change the # awstatsmisctrackerurl variable into the awstats_misc_tracker.js file. # Change : Effective for new updates only. # Possible value: URL of javascript tracker file added in your HTML code. # Default: "/js/awstats_misc_tracker.js" # MiscTrackerUrl="/js/awstats_misc_tracker.js" #----------------------------------------------------------------------------- # OPTIONAL ACCURACY SETUP SECTION (Not required but increase AWStats features) #----------------------------------------------------------------------------- # The following values allow you to define accuracy of AWStats entities # (robots, browsers, os, referers, file types) detection. # It might be a good idea for large web sites or ISP that provides AWStats to # high number of customers, to set this parameter to 1 (or 0), instead of 2. # Possible values: # 0 = No detection, # 1 = Medium/Standard detection # 2 = Full detection # Change : Effective for new updates only # Note : LevelForBrowsersDetection can also accept value "allphones". This # enable detailed detection of phone/pda browsers. # Default: 2 (0 for LevelForWormsDetection) # # Django : 2012-07-03 # default: LevelForBrowsersDetection=2 LevelForBrowsersDetection=0 # 0 disables Browsers detection. # 2 reduces AWStats speed by 2% # allphones reduces AWStats speed by 5% # Django : 2012-07-03 # default: LevelForOSDetection=2 LevelForOSDetection=0 # 0 disables OS detection. # 2 reduces AWStats speed by 3% # Django : 2012-07-03 # default: LevelForRefererAnalyze=2 LevelForRefererAnalyze=0 # 0 disables Origin detection. # 2 reduces AWStats speed by 14% # Django : 2012-07-03 # default: LevelForRobotsDetection=2 LevelForRobotsDetection=0 # 0 disables Robots detection. # 2 reduces AWStats speed by 2.5% # Django : 2012-07-03 # default: LevelForSearchEnginesDetection=2 LevelForSearchEnginesDetection=0 # 0 disables Search engines detection. # 2 reduces AWStats speed by 9% # Django : 2012-07-03 # default: LevelForKeywordsDetection=2 LevelForKeywordsDetection=0 # 0 disables Keyphrases/Keywords detection. # 2 reduces AWStats speed by 1% # Django : 2012-07-03 # default: LevelForFileTypesDetection=2 LevelForFileTypesDetection=0 # 0 disables File types detection. # 2 reduces AWStats speed by 1% LevelForWormsDetection=0 # 0 disables Worms detection. # 2 reduces AWStats speed by 15% #----------------------------------------------------------------------------- # OPTIONAL APPEARANCE SETUP SECTION (Not required but increase AWStats features) #----------------------------------------------------------------------------- # When you use AWStats as a CGI, you can have the reports shown in HTML frames. # Frames are only available for report viewed dynamically. When you build # pages from command line, this option is not used and no frames are built. # Possible values: 0 or 1 # Default: 1 # UseFramesWhenCGI=1 # This parameter asks your browser to open detailed reports into a different # window than the main page. # Possible values: # 0 - Open all in same browser window # 1 - Open detailed reports in another window except if using frames # 2 - Open always in a different window even if reports are framed # Default: 1 # DetailedReportsOnNewWindows=1 # You can add, in the HTML report page, a cache lifetime (in seconds) that # will be returned to the browser in HTTP header answer by server. # This parameter is not used when reports are built with -staticlinks option. # Example: 3600 # Default: 0 # # Django : 2012-07-03 # default: Expires=3600 Expires=0 # To avoid too large web pages, you can ask AWStats to limit number of rows of # all reported charts to this number when no other limits apply. # Default: 1000 # MaxRowsInHTMLOutput=1000 # Set your primary language (ISO-639-1 language codes). # Possible values: # Albanian=al, Bosnian=ba, Bulgarian=bg, Catalan=ca, # Chinese (Taiwan)=tw, Chinese (Simpliefied)=cn, Croatian=hr, Czech=cz, # Danish=dk, Dutch=nl, English=en, Estonian=et, Euskara=eu, Finnish=fi, # French=fr, Galician=gl, German=de, Greek=gr, Hebrew=he, Hungarian=hu, # Icelandic=is, Indonesian=id, Italian=it, Japanese=jp, Korean=ko, # Latvian=lv, Norwegian (Nynorsk)=nn, Norwegian (Bokmal)=nb, Polish=pl, # Portuguese=pt, Portuguese (Brazilian)=br, Romanian=ro, Russian=ru, # Serbian=sr, Slovak=sk, Slovenian=si, Spanish=es, Swedish=se, Turkish=tr, # Ukrainian=ua, Welsh=cy. # First available language accepted by browser=auto # Default: "auto" # # Django : 2012-07-03 # default: Lang="auto" Lang="de" # Set the location of language files. # Example: "/usr/share/awstats/lang" # Default: "./lang" (means lang directory is in same location than awstats.pl) # DirLang="./lang" # Show menu header with reports' links # Possible values: 0 or 1 # Default: 1 # ShowMenu=1 # You choose here which reports you want to see in the main page and what you # want to see in those reports. # Possible values: # 0 - Report is not shown at all # 1 - Report is shown in main page with an entry in menu and default columns # XYZ - Report shows column informations defined by code X,Y,Z... # X,Y,Z... are code letters among the following: # U = Unique visitors # V = Visits # P = Number of pages # H = Number of hits (or mails) # B = Bandwith (or total mail size for mail logs) # L = Last access date # E = Entry pages # X = Exit pages # C = Web compression (mod_gzip,mod_deflate) # M = Average mail size (mail logs) # # Show monthly summary # Context: Web, Streaming, Mail, Ftp # Default: UVPHB, Possible column codes: UVPHB # Django : 2012-07-03 # default: ShowSummary=UVPHB ShowSummary=HB # Show monthly chart # Context: Web, Streaming, Mail, Ftp # Default: UVPHB, Possible column codes: UVPHB # Django : 2012-07-03 # default: ShowMonthStats=UVPHB ShowMonthStats=HB # Show days of month chart # Context: Web, Streaming, Mail, Ftp # Default: VPHB, Possible column codes: VPHB # Django : 2012-07-03 # default: ShowDaysOfMonthStats=VPHB ShowDaysOfMonthStats=HB # Show days of week chart # Context: Web, Streaming, Mail, Ftp # Default: PHB, Possible column codes: PHB # Default: VPHB, Possible column codes: VPHB # Django : 2012-07-03 # default: ShowDaysOfWeekStats=PHB ShowDaysOfWeekStats=HB # Show hourly chart # Context: Web, Streaming, Mail, Ftp # Default: PHB, Possible column codes: PHB # Django : 2012-07-03 # default: ShowHoursStats=PHB ShowHoursStats=HB # Show domains/country chart # Context: Web, Streaming, Mail, Ftp # Default: PHB, Possible column codes: PHB # Django : 2012-07-03 # default: ShowDomainsStats=PHB ShowDomainsStats=0 # Show hosts chart # Context: Web, Streaming, Mail, Ftp # Default: PHBL, Possible column codes: PHBL # Django : 2012-07-03 # default: ShowHostsStats=PHBL ShowHostsStats=HBL # Show authenticated users chart # Context: Web, Streaming, Ftp # Default: 0, Possible column codes: PHBL ShowAuthenticatedUsers=0 # Show robots chart # Context: Web, Streaming # Default: HBL, Possible column codes: HBL # Django : 2012-07-03 # default: ShowRobotsStats=HBL ShowRobotsStats=0 # Show worms chart # Context: Web, Streaming # Default: 0 (If set to other than 0, see also LevelForWormsDetection), Possible column codes: HBL ShowWormsStats=0 # Show email senders chart (For use when analyzing mail log files) # Context: Mail # Default: 0, Possible column codes: HBML # Django : 2012-07-03 # default: ShowEMailSenders=0 ShowEMailSenders=HBML # Show email receivers chart (For use when analyzing mail log files) # Context: Mail # Default: 0, Possible column codes: HBML # Django : 2012-07-03 # default: ShowEMailReceivers=0 ShowEMailReceivers=HBML # Show session chart # Context: Web, Streaming, Ftp # Default: 1, Possible column codes: None # Django : 2012-07-03 # default: ShowSessionsStats=1 ShowSessionsStats=0 # Show pages-url chart. # Context: Web, Streaming, Ftp # Default: PBEX, Possible column codes: PBEX # Django : 2012-07-03 # default: ShowPagesStats=PBEX ShowPagesStats=0 # Show file types chart. # Context: Web, Streaming, Ftp # Default: HB, Possible column codes: HBC # Django : 2012-07-03 # default: ShowFileTypesStats=HB ShowFileTypesStats=0 # Show file size chart (Not yet available) # Context: Web, Streaming, Mail, Ftp # Default: 1, Possible column codes: None ShowFileSizesStats=0 # Show downloads chart. # Context: Web, Streaming, Ftp # Default: HB, Possible column codes: HB # Django : 2012-07-03 # default: ShowDownloadsStats=HB ShowDownloadsStats=0 # Show operating systems chart # Context: Web, Streaming, Ftp # Default: 1, Possible column codes: None # Django : 2012-07-03 # default: ShowOSStats=1 ShowOSStats=0 # Show browsers chart # Context: Web, Streaming # Default: 1, Possible column codes: None # Django : 2012-07-03 # default: ShowBrowsersStats=1 ShowBrowsersStats=0 # Show screen size chart # Context: Web, Streaming # Default: 0 (If set to 1, see also MiscTrackerUrl), Possible column codes: None ShowScreenSizeStats=0 # Show origin chart # Context: Web, Streaming # Default: PH, Possible column codes: PH # Django : 2012-07-03 # default: ShowOriginStats=PH ShowOriginStats=0 # Show keyphrases chart # Context: Web, Streaming # Default: 1, Possible column codes: None # Django : 2012-07-03 # default: ShowKeyphrasesStats=1 ShowKeyphrasesStats=0 # Show keywords chart # Context: Web, Streaming # Default: 1, Possible column codes: None # Django : 2012-07-03 # default: ShowKeywordsStats=1 ShowKeywordsStats=0 # Show misc chart # Context: Web, Streaming # Default: a (See also MiscTrackerUrl parameter), Possible column codes: anjdfrqwp # Django : 2012-07-03 # default: ShowMiscStats=a ShowMiscStats=0 # Show http errors chart # Context: Web, Streaming # Default: 1, Possible column codes: None # Django : 2012-07-03 # default: ShowHTTPErrorsStats=1 ShowHTTPErrorsStats=0 # Show smtp errors chart (For use when analyzing mail log files) # Context: Mail # Default: 0, Possible column codes: None # Django : 2012-07-03 # default: ShowSMTPErrorsStats=0 ShowSMTPErrorsStats=1 # Show the cluster report (Your LogFormat must contains the %cluster tag) # Context: Web, Streaming, Ftp # Default: 0, Possible column codes: PHB ShowClusterStats=0 # Some graphical reports are followed by the data array of values. # If you don't want this array (to reduce the report size for example), you # can set thoose options to 0. # Possible values: 0 or 1 # Default: 1 # # Data array values for the ShowMonthStats report AddDataArrayMonthStats=1 # Data array values for the ShowDaysOfMonthStats report AddDataArrayShowDaysOfMonthStats=1 # Data array values for the ShowDaysOfWeekStats report AddDataArrayShowDaysOfWeekStats=1 # Data array values for the ShowHoursStats report AddDataArrayShowHoursStats=1 # In the Origin chart, you have stats on where your hits came from. You can # include hits on pages that come from pages of same sites in this chart. # Possible values: 0 or 1 # Default: 0 # IncludeInternalLinksInOriginSection=0 # The following parameters can be used to choose the maximum number of lines # shown for the particular following reports. # # Stats by countries/domains MaxNbOfDomain = 10 MinHitDomain = 1 # Stats by hosts MaxNbOfHostsShown = 10 MinHitHost = 1 # Stats by authenticated users MaxNbOfLoginShown = 10 MinHitLogin = 1 # Stats by robots MaxNbOfRobotShown = 10 MinHitRobot = 1 # Stats for Downloads MaxNbOfDownloadsShown = 10 MinHitDownloads = 1 # Stats by pages MaxNbOfPageShown = 10 MinHitFile = 1 # Stats by OS MaxNbOfOsShown = 10 MinHitOs = 1 # Stats by browsers MaxNbOfBrowsersShown = 10 MinHitBrowser = 1 # Stats by screen size MaxNbOfScreenSizesShown = 5 MinHitScreenSize = 1 # Stats by window size (following 2 parameters are not yet used) MaxNbOfWindowSizesShown = 5 MinHitWindowSize = 1 # Stats by referers MaxNbOfRefererShown = 10 MinHitRefer = 1 # Stats for keyphrases MaxNbOfKeyphrasesShown = 10 MinHitKeyphrase = 1 # Stats for keywords MaxNbOfKeywordsShown = 10 MinHitKeyword = 1 # Stats for sender or receiver emails MaxNbOfEMailsShown = 20 MinHitEMail = 1 # Choose if you want the week report to start on sunday or monday # Possible values: # 0 - Week starts on sunday # 1 - Week starts on monday # Default: 1 # # Django : 2012-07-03 # default: FirstDayOfWeek=0 FirstDayOfWeek=1 # List of visible flags that link to other language translations. # See Lang parameter for list of allowed flag/language codes. # If you don't want any flag link, set ShowFlagLinks to "". # This parameter is used only if ShowMenu parameter is set to 1. # Possible values: "" or "language_codes_separated_by_space" # Example: "en es fr nl de" # Default: "" # ShowFlagLinks="" # Each URL, shown in stats report views, are links you can click. # Possible values: 0 or 1 # Default: 1 # ShowLinksOnUrl=1 # When AWStats builds HTML links in its report pages, it starts those links # with "http://". However some links might be HTTPS links, so you can enter # here the root of all your HTTPS links. If all your site is a SSL web site, # just enter "/". # This parameter is not used if ShowLinksOnUrl is 0. # Example: "/shopping" # Example: "/" # Default: "" # UseHTTPSLinkForUrl="" # Maximum length of URL part shown on stats page (number of characters). # This affects only URL visible text, links still work. # Default: 64 # MaxLengthOfShownURL=64 # You can enter HTML code that will be added at the top of AWStats reports. # Default: "" # HTMLHeadSection="" # You can enter HTML code that will be added at the end of AWStats reports. # Great to add advert ban. # Default: "" # HTMLEndSection="" # By default AWStats page contains meta tag robots=noindex,nofollow # If you want to have your statistics to be indexed, set this option to 1. # Default: 0 # MetaRobot=0 # You can set Logo and LogoLink to use your own logo. # Logo must be the name of image file (must be in $DirIcons/other directory). # LogoLink is the expected URL when clicking on Logo. # Default: "awstats_logo6.png" # Logo="awstats_logo6.png" LogoLink="http://awstats.sourceforge.net" # Value of maximum bar width/height for horizontal/vertical HTML graphics bars. # Default: 260/90 # BarWidth = 260 BarHeight = 90 # You can ask AWStats to use a particular CSS (Cascading Style Sheet) to # change its look. To create a style sheet, you can use samples provided with # AWStats in wwwroot/css directory. # Example: "/awstatscss/awstats_bw.css" # Example: "/css/awstats_bw.css" # Default: "" # StyleSheet="" # Those color parameters can be used (if StyleSheet parameter is not used) # to change AWStats look. # Example: color_name="RRGGBB" # RRGGBB is Red Green Blue components in Hex # color_Background="FFFFFF" # Background color for main page (Default = "FFFFFF") color_TableBGTitle="CCCCDD" # Background color for table title (Default = "CCCCDD") color_TableTitle="000000" # Table title font color (Default = "000000") color_TableBG="CCCCDD" # Background color for table (Default = "CCCCDD") color_TableRowTitle="FFFFFF" # Table row title font color (Default = "FFFFFF") color_TableBGRowTitle="ECECEC" # Background color for row title (Default = "ECECEC") color_TableBorder="ECECEC" # Table border color (Default = "ECECEC") color_text="000000" # Color of text (Default = "000000") color_textpercent="606060" # Color of text for percent values (Default = "606060") color_titletext="000000" # Color of text title within colored Title Rows (Default = "000000") color_weekend="EAEAEA" # Color for week-end days (Default = "EAEAEA") color_link="0011BB" # Color of HTML links (Default = "0011BB") color_hover="605040" # Color of HTML on-mouseover links (Default = "605040") color_u="FFAA66" # Background color for number of unique visitors (Default = "FFAA66") color_v="F4F090" # Background color for number of visites (Default = "F4F090") color_p="4477DD" # Background color for number of pages (Default = "4477DD") color_h="66DDEE" # Background color for number of hits (Default = "66DDEE") color_k="2EA495" # Background color for number of bytes (Default = "2EA495") color_s="8888DD" # Background color for number of search (Default = "8888DD") color_e="CEC2E8" # Background color for number of entry pages (Default = "CEC2E8") color_x="C1B2E2" # Background color for number of exit pages (Default = "C1B2E2") #----------------------------------------------------------------------------- # PLUGINS #----------------------------------------------------------------------------- # Add here all plugin files you want to load. # Plugin files must be .pm files stored in 'plugins' directory. # Uncomment LoadPlugin lines to enable a plugin after checking that perl # modules required by the plugin are installed. # PLUGIN: Tooltips # REQUIRED MODULES: None # PARAMETERS: None # DESCRIPTION: Add tooltips pop-up help boxes to HTML report pages. # NOTE: This will increased HTML report pages size, thus server load and bandwidth. # # Django : 2012-07-03 # default: #LoadPlugin="tooltips" LoadPlugin="tooltips" # PLUGIN: DecodeUTFKeys # REQUIRED MODULES: Encode and URI::Escape # PARAMETERS: None # DESCRIPTION: Allow AWStats to show correctly (in language charset) # keywords/keyphrases strings even if they were UTF8 coded by the # referer search engine. # #LoadPlugin="decodeutfkeys" # PLUGIN: IPv6 # PARAMETERS: None # REQUIRED MODULES: Net::IP and Net::DNS # DESCRIPTION: This plugin gives AWStats capability to make reverse DNS # lookup on IPv6 addresses. # #LoadPlugin="ipv6" # PLUGIN: HashFiles # REQUIRED MODULES: Storable # PARAMETERS: None # DESCRIPTION: AWStats DNS cache files are read/saved as native hash files. # This increases DNS cache files loading speed, above all for very large web sites. # #LoadPlugin="hashfiles" # PLUGIN: UserInfo # REQUIRED MODULES: None # PARAMETERS: None # DESCRIPTION: Add a text (Firtname, Lastname, Office Department, ...) in # authenticated user reports for each login value. # A text file called userinfo.myconfig.txt, with two fields (first is login, # second is text to show, separated by a tab char) must be created in DirData # directory. # #LoadPlugin="userinfo" # PLUGIN: HostInfo # REQUIRED MODULES: Net::XWhois # PARAMETERS: None # DESCRIPTION: Add a column into host chart with a link to open a popup window that shows # info on host (like whois records). # # Django : 2012-07-03 # default: #LoadPlugin="hostinfo" LoadPlugin="hostinfo" # PLUGIN: ClusterInfo # REQUIRED MODULES: None # PARAMETERS: None # DESCRIPTION: Add a text (for example a full hostname) in cluster reports for each cluster # number. A text file called clusterinfo.myconfig.txt, with two fields (first is # cluster number, second is text to show) separated by a tab char. must be # created into DirData directory. # Note this plugin is useless if ShowClusterStats is set to 0 or if you don't # use a personalized log format that contains %cluster tag. # #LoadPlugin="clusterinfo" # PLUGIN: UrlAliases # REQUIRED MODULES: None # PARAMETERS: None # DESCRIPTION: Add a text (Page title, description...) in URL reports before URL value. # A text file called urlalias.myconfig.txt, with two fields (first is URL, # second is text to show, separated by a tab char) must be created into # DirData directory. # #LoadPlugin="urlalias" # PLUGIN: TimeHiRes # REQUIRED MODULES: Time::HiRes (if Perl < 5.8) # PARAMETERS: None # DESCRIPTION: Time reported by -showsteps option is in millisecond. For debug purpose. # #LoadPlugin="timehires" # PLUGIN: TimeZone # REQUIRED MODULES: Time::Local # PARAMETERS: [timezone offset] # DESCRIPTION: Allow AWStats to adjust time stamps for a different timezone # This plugin reduces AWStats speed of 10% !!!!!!! # LoadPlugin="timezone" # LoadPlugin="timezone +2" # LoadPlugin="timezone CET" # #LoadPlugin="timezone +2" # PLUGIN: Rawlog # REQUIRED MODULES: None # PARAMETERS: None # DESCRIPTION: This plugin adds a form in AWStats main page to allow users to see raw # content of current log files. A filter is also available. # #LoadPlugin="rawlog" # PLUGIN: GraphApplet # REQUIRED MODULES: None # PARAMETERS: [CSS classes to override] # DESCRIPTION: Supported charts are built by a 3D graphic applet. # #LoadPlugin="graphapplet /awstatsclasses" # EXPERIMENTAL FEATURE # PLUGIN: GraphGoogleChartAPI # REQUIRED MODULES: None # PARAMETERS: None # DESCRIPTION: Replaces the standard charts with free Google API generated images # in HTML reports. If country data is available and more than one country has hits, # a map will be generated using Google Visualizations. # Note: The machine where reports are displayed must have Internet access for the # charts to be generated. The only data sent to Google includes the statistic numbers, # legend names and country names. # Warning: This plugin is not compatible with option BuildReportFormat=xhtml. # # Django : 2012-07-03 # default: #LoadPlugin="graphgooglechartapi" LoadPlugin="graphgooglechartapi" # PLUGIN: GeoIPfree # REQUIRED MODULES: Geo::IPfree version 0.2+ (from Graciliano M.P.) # PARAMETERS: None # DESCRIPTION: Country chart is built from an Internet IP-Country database. # This plugin is useless for intranet only log files. # Note: You must choose between using this plugin (need Perl Geo::IPfree # module, database is free but not up to date) or the GeoIP plugin (need # Perl Geo::IP module from Maxmind, database is also free and up to date). # Note: Activestate provide a corrupted version of Geo::IPfree 0.2 Perl # module, so install it from elsewhere (from www.cpan.org for example). # This plugin reduces AWStats speed by up to 10% ! # #LoadPlugin="geoipfree" # MAXMIND GEO IP MODULES: Please see documentation for notes on all Maxmind modules # PLUGIN: GeoIP # REQUIRED MODULES: Geo::IP or Geo::IP::PurePerl (from Maxmind) # PARAMETERS: [GEOIP_STANDARD | GEOIP_MEMORY_CACHE] [/pathto/geoip.dat[+/pathto/override.txt]] # DESCRIPTION: Builds a country chart and adds an entry to the hosts # table with country name # Replace spaces in the path of geoip data file with string "%20". # # Django : 2012-07-03 # default: #LoadPlugin="geoip GEOIP_STANDARD /pathto/GeoIP.dat" LoadPlugin="geoip GEOIP_STANDARD /usr/local/lib64/perl5/GeoIP.dat" # PLUGIN: GeoIP_City_Maxmind # REQUIRED MODULES: Geo::IP or Geo::IP::PurePerl (from Maxmind) # PARAMETERS: [GEOIP_STANDARD | GEOIP_MEMORY_CACHE] [/pathto/GeoIPCity.dat[+/pathto/override.txt]] # DESCRIPTION: This plugin adds a column under the hosts field and tracks the pageviews # and hits by city including regions. # Replace spaces in the path of geoip data file with string "%20". # # Django : 2012-07-03 # default: #LoadPlugin="geoip_city_maxmind GEOIP_STANDARD /pathto/GeoIPCity.dat" LoadPlugin="geoip_city_maxmind GEOIP_STANDARD /usr/local/lib64/perl5/GeoLiteCity.dat" # PLUGIN: GeoIP_ASN_Maxmind # REQUIRED MODULES: Geo::IP or Geo::IP::PurePerl (from Maxmind) # PARAMETERS: [GEOIP_STANDARD | GEOIP_MEMORY_CACHE] [/pathto/GeoIPASN.dat[+/pathto/override.txt][+http://linktoASlookup]] # DESCRIPTION: This plugin adds a chart of AS numbers where the host IP address is registered. # This plugin can display some ISP information if included in the database. You can also provide # a link that will be used to lookup additional registration data. Put the link at the end of # the parameter string and the report page will include the link with the full AS number at the end. # Replace spaces in the path of geoip data file with string "%20". # #LoadPlugin="geoip_asn_maxmind GEOIP_STANDARD /usr/local/geoip.dat+http://enc.com.au/itools/aut-num.php?autnum=" # PLUGIN: GeoIP_Region_Maxmind # REQUIRED MODULES: Geo::IP or Geo::IP::PurePerl (from Maxmind) # PARAMETERS: [GEOIP_STANDARD | GEOIP_MEMORY_CACHE] [/pathto/GeoIPRegion.dat[+/pathto/override.txt]] # DESCRIPTION:This plugin adds a chart of hits by regions. Only regions for US and # Canada can be detected. # Replace spaces in the path of geoip data file with string "%20". # #LoadPlugin="geoip_region_maxmind GEOIP_STANDARD /pathto/GeoIPRegion.dat" # PLUGIN: GeoIP_ISP_Maxmind # REQUIRED MODULES: Geo::IP or Geo::IP::PurePerl (from Maxmind) # PARAMETERS: [GEOIP_STANDARD | GEOIP_MEMORY_CACHE] [/pathto/GeoIPISP.dat[+/pathto/override.txt]] # DESCRIPTION: This plugin adds a chart of hits by ISP. # Replace spaces in the path of geoip data file with string "%20". # #LoadPlugin="geoip_isp_maxmind GEOIP_STANDARD /pathto/GeoIPISP.dat" # PLUGIN: GeoIP_Org_Maxmind # REQUIRED MODULES: Geo::IP or Geo::IP::PurePerl (from Maxmind) # PARAMETERS: [GEOIP_STANDARD | GEOIP_MEMORY_CACHE] [/pathto/GeoIPOrg.dat[+/pathto/override.txt]] # DESCRIPTION: This plugin add a chart of hits by Organization name # Replace spaces in the path of geoip data file with string "%20". # #LoadPlugin="geoip_org_maxmind GEOIP_STANDARD /pathto/GeoIPOrg.dat" #----------------------------------------------------------------------------- # EXTRA SECTIONS #----------------------------------------------------------------------------- # You can define your own charts, you choose here what are rows and columns # keys. This feature is particularly useful for marketing purpose, tracking # products orders for example. # For this, edit all parameters of Extra section. Each set of parameter is a # different chart. For several charts, duplicate section changing the number. # Note: Each Extra section reduces AWStats speed by 8%. # # WARNING: A wrong setup of Extra section might result in too large arrays # that will consume all your memory, making AWStats unusable after several # updates, so be sure to setup it correctly. # In most cases, you don't need this feature. # # ExtraSectionNameX is title of your personalized chart. # ExtraSectionCodeFilterX is list of codes the record code field must match. # Put an empty string for no test on code. # ExtraSectionConditionX are conditions you can use to count or not the hit, # Use one of the field condition # (URL,URLWITHQUERY,QUERY_STRING,REFERER,UA,HOSTINLOG,HOST,VHOST,extraX) # and a regex to match, after a coma. Use "||" for "OR". # ExtraSectionFirstColumnTitleX is the first column title of the chart. # ExtraSectionFirstColumnValuesX is a string to tell AWStats which field to # extract value from # (URL,URLWITHQUERY,QUERY_STRING,REFERER,UA,HOSTINLOG,HOST,VHOST,extraX) # and how to extract the value (using regex syntax). Each different value # found will appear in first column of report on a different row. Be sure # that list of different possible values will not grow indefinitely. # ExtraSectionFirstColumnFormatX is the string used to write value. # ExtraSectionStatTypesX are things you want to count. You can use standard # code letters (P for pages,H for hits,B for bandwidth,L for last access). # ExtraSectionAddAverageRowX add a row at bottom of chart with average values. # ExtraSectionAddSumRowX add a row at bottom of chart with sum values. # MaxNbOfExtraX is maximum number of rows shown in chart. # MinHitExtraX is minimum number of hits required to be shown in chart. # # Example to report the 20 products the most ordered by "order.cgi" script #ExtraSectionName1="Product orders" #ExtraSectionCodeFilter1="200 304" #ExtraSectionCondition1="URL,\/cgi\-bin\/order\.cgi||URL,\/cgi\-bin\/order2\.cgi" #ExtraSectionFirstColumnTitle1="Product ID" #ExtraSectionFirstColumnValues1="QUERY_STRING,productid=([^&]+)" #ExtraSectionFirstColumnFormat1="%s" #ExtraSectionStatTypes1=PL #ExtraSectionAddAverageRow1=0 #ExtraSectionAddSumRow1=1 #MaxNbOfExtra1=20 #MinHitExtra1=1 # There is also a global parameter ExtraTrackedRowsLimit that limits the # number of possible rows an ExtraSection can report. This parameter is # here to protect too much memory use when you make a bad setup in your # ExtraSection. It applies to all ExtraSection independently meaning that # none ExtraSection can report more rows than value defined by ExtraTrackedRowsLimit. # If you know an ExtraSection will report more rows than its value, you should # increase this parameter or AWStats will stop with an error. # Example: 2000 # Default: 500 # ExtraTrackedRowsLimit=500 #----------------------------------------------------------------------------- # INCLUDES #----------------------------------------------------------------------------- # You can include other config files using the directive with the name of the # config file. # This is particularly useful for users who have a lot of virtual servers, so # a lot of config files and want to maintain common values in only one file. # Note that when a variable is defined both in a config file and in an # included file, AWStats will use the last value read for parameters that # contains one value and AWStats will concat all values from both files for # parameters that are lists of values. # #Include ""
Zusammengefasst sieht dann unsere Konfigurationdatei entsprechend wie folgt aus:
# egrep -v '(^#|^$)' /etc/awstats/awstats.mx1.nausch.org.conf
LogFile="perl /usr/bin/maillogconvert.pl standard < /var/log/maillog |" LogType=M LogFormat="%time2 %email %email_r %host %host_r %method %url %code %bytesd" LogSeparator=" " SiteDomain="mx1.nausch.org" HostAliases=„localhost 127.0.0.1 REGEX[nausch\.org$] REGEX[www\.nausch\.org$]“ DNSLookup=2 DirData="/var/www/awstats" DirCgi="/awstats" DirIcons="/awstats/icon" AllowToUpdateStatsFromBrowser=1 AllowFullYearView=2 EnableLockForUpdate=1 DNSStaticCacheFile="dnscache.txt" DNSLastUpdateCacheFile="dnscachelastupdate.txt" SkipDNSLookupFor="" AllowAccessFromWebToAuthenticatedUsersOnly=0 AllowAccessFromWebToFollowingAuthenticatedUsers="" AllowAccessFromWebToFollowingIPAddresses="" CreateDirDataIfNotExists=0 BuildHistoryFormat=text BuildReportFormat=html SaveDatabaseFilesWithPermissionsForEveryone=1 PurgeLogFile=0 ArchiveLogRecords=0 KeepBackupOfHistoricFiles=1 DefaultFile="index.php index.html" SkipHosts="" SkipUserAgents="" SkipFiles="" SkipReferrersBlackList="" OnlyHosts="" OnlyUserAgents="" OnlyUsers="" OnlyFiles="" NotPageList="css js class gif jpg jpeg png bmp ico rss xml swf" ValidHTTPCodes="200 304" ValidSMTPCodes="1 250" AuthenticatedUsersNotCaseSensitive=0 URLNotCaseSensitive=0 URLWithAnchor=0 URLQuerySeparators="?;" URLWithQuery=0 URLWithQueryWithOnlyFollowingParameters="" URLWithQueryWithoutFollowingParameters="" URLReferrerWithQuery=0 WarningMessages=1 ErrorMessages="" DebugMessages=0 NbOfLinesForCorruptedLog=50 WrapperScript="" DecodeUA=0 MiscTrackerUrl="/js/awstats_misc_tracker.js" LevelForBrowsersDetection=0 # 0 disables Browsers detection. # 2 reduces AWStats speed by 2% # allphones reduces AWStats speed by 5% LevelForOSDetection=0 # 0 disables OS detection. # 2 reduces AWStats speed by 3% LevelForRefererAnalyze=0 # 0 disables Origin detection. # 2 reduces AWStats speed by 14% LevelForRobotsDetection=0 # 0 disables Robots detection. # 2 reduces AWStats speed by 2.5% LevelForSearchEnginesDetection=0 # 0 disables Search engines detection. # 2 reduces AWStats speed by 9% LevelForKeywordsDetection=0 # 0 disables Keyphrases/Keywords detection. # 2 reduces AWStats speed by 1% LevelForFileTypesDetection=0 # 0 disables File types detection. # 2 reduces AWStats speed by 1% LevelForWormsDetection=0 # 0 disables Worms detection. # 2 reduces AWStats speed by 15% UseFramesWhenCGI=1 DetailedReportsOnNewWindows=1 Expires=0 MaxRowsInHTMLOutput=1000 Lang="de" DirLang="./lang" ShowMenu=1 ShowSummary=HB ShowMonthStats=HB ShowDaysOfMonthStats=HB ShowDaysOfWeekStats=HB ShowHoursStats=HB ShowDomainsStats=0 ShowHostsStats=HBL ShowAuthenticatedUsers=0 ShowRobotsStats=0 ShowWormsStats=0 ShowEMailSenders=HBML ShowEMailReceivers=HBML ShowSessionsStats=0 ShowPagesStats=0 ShowFileTypesStats=0 ShowFileSizesStats=0 ShowDownloadsStats=0 ShowOSStats=0 ShowBrowsersStats=0 ShowScreenSizeStats=0 ShowOriginStats=0 ShowKeyphrasesStats=0 ShowKeywordsStats=0 ShowMiscStats=0 ShowHTTPErrorsStats=0 ShowSMTPErrorsStats=1 ShowClusterStats=0 AddDataArrayMonthStats=1 AddDataArrayShowDaysOfMonthStats=1 AddDataArrayShowDaysOfWeekStats=1 AddDataArrayShowHoursStats=1 IncludeInternalLinksInOriginSection=0 MaxNbOfDomain = 10 MinHitDomain = 1 MaxNbOfHostsShown = 10 MinHitHost = 1 MaxNbOfLoginShown = 10 MinHitLogin = 1 MaxNbOfRobotShown = 10 MinHitRobot = 1 MaxNbOfDownloadsShown = 10 MinHitDownloads = 1 MaxNbOfPageShown = 10 MinHitFile = 1 MaxNbOfOsShown = 10 MinHitOs = 1 MaxNbOfBrowsersShown = 10 MinHitBrowser = 1 MaxNbOfScreenSizesShown = 5 MinHitScreenSize = 1 MaxNbOfWindowSizesShown = 5 MinHitWindowSize = 1 MaxNbOfRefererShown = 10 MinHitRefer = 1 MaxNbOfKeyphrasesShown = 10 MinHitKeyphrase = 1 MaxNbOfKeywordsShown = 10 MinHitKeyword = 1 MaxNbOfEMailsShown = 20 MinHitEMail = 1 FirstDayOfWeek=1 ShowFlagLinks="" ShowLinksOnUrl=1 UseHTTPSLinkForUrl="" MaxLengthOfShownURL=64 HTMLHeadSection="" HTMLEndSection="" MetaRobot=0 Logo="awstats_logo6.png" LogoLink="http://awstats.sourceforge.net" BarWidth = 260 BarHeight = 90 StyleSheet="" color_Background="FFFFFF" # Background color for main page (Default = "FFFFFF") color_TableBGTitle="CCCCDD" # Background color for table title (Default = "CCCCDD") color_TableTitle="000000" # Table title font color (Default = "000000") color_TableBG="CCCCDD" # Background color for table (Default = "CCCCDD") color_TableRowTitle="FFFFFF" # Table row title font color (Default = "FFFFFF") color_TableBGRowTitle="ECECEC" # Background color for row title (Default = "ECECEC") color_TableBorder="ECECEC" # Table border color (Default = "ECECEC") color_text="000000" # Color of text (Default = "000000") color_textpercent="606060" # Color of text for percent values (Default = "606060") color_titletext="000000" # Color of text title within colored Title Rows (Default = "000000") color_weekend="EAEAEA" # Color for week-end days (Default = "EAEAEA") color_link="0011BB" # Color of HTML links (Default = "0011BB") color_hover="605040" # Color of HTML on-mouseover links (Default = "605040") color_u="FFAA66" # Background color for number of unique visitors (Default = "FFAA66") color_v="F4F090" # Background color for number of visites (Default = "F4F090") color_p="4477DD" # Background color for number of pages (Default = "4477DD") color_h="66DDEE" # Background color for number of hits (Default = "66DDEE") color_k="2EA495" # Background color for number of bytes (Default = "2EA495") color_s="8888DD" # Background color for number of search (Default = "8888DD") color_e="CEC2E8" # Background color for number of entry pages (Default = "CEC2E8") color_x="C1B2E2" # Background color for number of exit pages (Default = "C1B2E2") LoadPlugin="tooltips" LoadPlugin="hostinfo" LoadPlugin="graphgooglechartapi" LoadPlugin="geoip GEOIP_STANDARD /usr/local/lib64/perl5/GeoIP.dat" LoadPlugin="geoip_city_maxmind GEOIP_STANDARD /usr/local/lib64/perl5/GeoLiteCity.dat" ExtraTrackedRowsLimit=500
Nach erfolgreicher Konfiguration steht dem ersten Aufruf nichts mehr im Wege. Der Aufruf erfolgt über folgende URL:
$ firefox http://aw-stats.nausch.org/awstats/awstats.pl?config=mx1.nausch.org