如何在日志文件中找到 Ubuntu Logwatch 引用的特定行(例如下面标记的行)...在 Amavis 和 postfix 中?
按照日期,我可以看到grep所有或任何其他单词的实例"warning"(我一直在这样做),但必须有更好的方法来识别那些特定的行而无需猜测。
有没有办法让 Watchlog 日志文件引用警告或状态日志行号下方的实际系统日志文件中的准确行?
您如何消化您的 Logwatch 日志文件?
**text of the actual line**标记这些行,似乎在代码块中现在有办法把事情转变成大胆的(至少我找不到)
################### Logwatch 7.4.3 (12/07/16) ####################
Processing Initiated: Tue Sep 22 06:25:23 2020
Date Range Processed: yesterday
( 2020-Sep-21 )
Period is day.
Detail Level of Output: 0
Type of Output/Format: mail / text
Logfiles for Host: mail
##################################################################
--------------------- Amavisd-new Begin ------------------------
**1 *Warning: Security risk**
**4 Miscellaneous warnings**
9 Total messages scanned ------------------ 100.00%
212.600K Total bytes scanned 217,702
...
---------------------- Amavisd-new End -------------------------
...
--------------------- Postfix Begin ------------------------
2 SASL authentication failed 2
**1 Miscellaneous warnings 1**
363.644K Bytes accepted 372,371
...
---------------------- Postfix End -------------------------
###################### Logwatch End #########################
答案1
我发现的这个问题的解决方案,大致满足我的要求,在警告下的 LogWatch 日志中引用日志行。
只需(谁会想到呢:))将提升到,Detail Level of Output如5标题所示,即可实现。这导致拥有Summary和Detail部分。详细信息部分在出现警告时引用原始日志文本,或阐明其内容。
这样,Logwatch 日志就会变得很长,但我宁愿忍受,因为这样就可以看到所需的信息,而不必深入研究原始日志文件。最重要的是,如果需要,可以抑制不太感兴趣的部分以减少日志的长度。
################### Logwatch 7.4.3 (12/07/16) ####################
Processing Initiated: Wed Sep 30 15:47:17 2020
Date Range Processed: 2020/09/21
( 2020-Sep-21 )
Period is day.
Detail Level of Output: 5
Type of Output/Format: mail / text
Logfiles for Host: mail
##################################################################
--------------------- Amavisd-new Begin ------------------------
****** Summary *************************************************************************************
1 *Warning: Security risk
4 Miscellaneous warnings
9 Total messages scanned ------------------ 100.00%
212.600K Total bytes scanned 217,702
======== ==================================================
9 Passed ---------------------------------- 100.00%
9 Clean passed 100.00%
...
****** Detail (10) *********************************************************************************
1 *Warning: Security risk -----------------------------------------------------------------
1 Open relay? Nonlocal recips but not originating: [email protected]
4 Miscellaneous warnings ------------------------------------------------------------------
4 Use of uninitialized value in subroutine entry
47 SMTP response
...
======================================================================================================
---------------------- Amavisd-new End -------------------------
...
--------------------- Postfix Begin ------------------------
****** Summary *************************************************************************************
2 SASL authentication failed 2
1 Miscellaneous warnings 1
363.644K Bytes accepted 372,371
277.836K Bytes sent via SMTP 284,504
150.715K Bytes sent via LMTP 154,332
======== ==================================================
17 Accepted 94.44%
1 Rejected 5.56%
-------- --------------------------------------------------
18 Total 100.00%
...
****** Detail (10) *********************************************************************************
2 SASL authentication failed --------------------------------------------------------------
2 Login: ************
1 Miscellaneous warnings ------------------------------------------------------------------
1 hostname zg-0915b-242.stretchoid.com does not resolve to address 192.241.239.36: Na...
1 5xx Reject relay denied -----------------------------------------------------------------
1 77.43.80.224 net77-43-80-224.mclink.it
45 Connections lost (inbound)
...
============================================================================================