Building a log gathering agent

Hugo van der Kooij hvdkooij at
Mon Mar 5 21:49:19 CET 2007

On Mon, 5 Mar 2007, Hugo van der Kooij wrote:

> On Mon, 5 Mar 2007, Denis Beauchemin wrote:
>>  It's awfully slow on my 471,455 lines maillog: 3m36.936s;  I have a
>>  similar script that goes through the same file in 0m0.196s!
> If you prefilter the file with grep it propably is a bit faster. I suspect it 
> is the added syslog parser that is the main killer. At present I don't need 
> it to gather the details to learn to parse all those scanners. But later on I 
> want to use the timestamps to build the accuracy into the system. And I don't 
> trust myself (yet) to write a good timestamp parser.
>>  Besides it doesn't seems to know about "ClamAV Module:" nor "Bitdefender:"
>>  (but you didn't mention this one as supported).
> If you are willing to share a log file you could gzip it and send it of to 
> me. Preferably after the grep shown above.

There is a new version out which now handles ClamAV module, BitDefender 
and McAfee in the french version as well.

I also dropped the syslog module for now. So it flies instead of crawling.

Get it at

If you got any scanner active not yet listed or doubt it will work for you 
give this new one a shot.


 	hvdkooij at
 	    This message is using 100% recycled electrons.

 	Some men see computers as they are and say "Windows"
 	I use computers with Linux and say "Why Windows?"
 		(Thanks JFK, for the insight.)

More information about the MailScanner mailing list