Spam Filter ISP Support Forum

  New Posts New Posts RSS Feed - Log Parsing and Reporting
  FAQ FAQ  Forum Search   Register Register  Login Login

Log Parsing and Reporting

 Post Reply Post Reply
Author
brianoakes View Drop Down
Newbie
Newbie


Joined: 01 July 2009
Status: Offline
Points: 3
Post Options Post Options   Thanks (0) Thanks(0)   Quote brianoakes Quote  Post ReplyReply Direct Link To This Post Topic: Log Parsing and Reporting
    Posted: 13 July 2009 at 11:43pm
Howdy,
 
I haven't seen a clear suggestion on what might be used for parsing the activity logs, does any one have any suggestions?
 
Long term I'd love the logs in a db, where I can get a web interface to search to see why things are blocked etc. Any pointers?
 
Thanks!


Edited by brianoakes - 13 July 2009 at 11:43pm
Back to Top
yapadu View Drop Down
Senior Member
Senior Member


Joined: 12 May 2005
Status: Offline
Points: 297
Post Options Post Options   Thanks (0) Thanks(0)   Quote yapadu Quote  Post ReplyReply Direct Link To This Post Posted: 14 July 2009 at 11:47am
While I am still working with it, the software everyone here uses is:

http://www.sawmill.net/
Back to Top
Neolisk View Drop Down
Newbie
Newbie


Joined: 13 July 2009
Location: Toronto, ON
Status: Offline
Points: 27
Post Options Post Options   Thanks (0) Thanks(0)   Quote Neolisk Quote  Post ReplyReply Direct Link To This Post Posted: 17 July 2009 at 10:57am
Back to Top
yapadu View Drop Down
Senior Member
Senior Member


Joined: 12 May 2005
Status: Offline
Points: 297
Post Options Post Options   Thanks (0) Thanks(0)   Quote yapadu Quote  Post ReplyReply Direct Link To This Post Posted: 17 July 2009 at 1:28pm
Their sample site seems to be down, this is what it give me:

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>500 Internal Server Error</title>
</head><body>
<h1>Internal Server Error</h1>
<p>The server encountered an internal error or
misconfiguration and was unable to complete
your request.</p>
<p>Please contact the server administrator,
sawmill@flowerfire.com and inform them of the time the error occurred,
and anything you might have done that may have
caused the error.</p>
<p>More information about this error may be available
in the server error log.</p>
<hr>
<address>Apache/2.2.3 (CentOS) Server at samples.sawmill.net Port 80</address>
</body></html>

Back to Top
Neolisk View Drop Down
Newbie
Newbie


Joined: 13 July 2009
Location: Toronto, ON
Status: Offline
Points: 27
Post Options Post Options   Thanks (0) Thanks(0)   Quote Neolisk Quote  Post ReplyReply Direct Link To This Post Posted: 17 July 2009 at 1:39pm
Here's what I get:

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META content="text/html; charset=utf-8" http-equiv=Content-Type></HEAD>
<BODY><PRE></PRE></BODY></HTML>

Which is really an empty page, if you look through the tags.
Back to Top
brianoakes View Drop Down
Newbie
Newbie


Joined: 01 July 2009
Status: Offline
Points: 3
Post Options Post Options   Thanks (0) Thanks(0)   Quote brianoakes Quote  Post ReplyReply Direct Link To This Post Posted: 20 July 2009 at 7:30pm

Thanks for the links guys. I put the SpamFilter in front of my barracuda. We have over 700,000 emails per day, so this helps cut down what the cuda's can handle. What I was hoping was I could take the logs from the SpamFilter and get the same type of log filtering at I can on the cudas. Sometimes we have to research why a message was dropped and adjust.

Has anyone whipped a web interface?
Back to Top
Neolisk View Drop Down
Newbie
Newbie


Joined: 13 July 2009
Location: Toronto, ON
Status: Offline
Points: 27
Post Options Post Options   Thanks (0) Thanks(0)   Quote Neolisk Quote  Post ReplyReply Direct Link To This Post Posted: 21 July 2009 at 9:37am
Barracuda is inferior to SpamFilter, as it doesn't filter spam on connection level. At least, that's what I heard of it.

You can enable quarantine DB and decide which emails you want to save (by rejected error code). But normally you wouldn't need it. We're up for about a week and there seem to be no false positives so far.
Back to Top
 Post Reply Post Reply
  Share Topic   

Forum Jump Forum Permissions View Drop Down



This page was generated in 0.180 seconds.