Building a log gathering agent
Hugo van der Kooij
hvdkooij at vanderkooij.org
Mon Mar 5 21:49:19 CET 2007
On Mon, 5 Mar 2007, Hugo van der Kooij wrote:
> On Mon, 5 Mar 2007, Denis Beauchemin wrote:
>
>> It's awfully slow on my 471,455 lines maillog: 3m36.936s; I have a
>> similar script that goes through the same file in 0m0.196s!
>
> If you prefilter the file with grep it propably is a bit faster. I suspect it
> is the added syslog parser that is the main killer. At present I don't need
> it to gather the details to learn to parse all those scanners. But later on I
> want to use the timestamps to build the accuracy into the system. And I don't
> trust myself (yet) to write a good timestamp parser.
>
>> Besides it doesn't seems to know about "ClamAV Module:" nor "Bitdefender:"
>> (but you didn't mention this one as supported).
>
> If you are willing to share a log file you could gzip it and send it of to
> me. Preferably after the grep shown above.
There is a new version out which now handles ClamAV module, BitDefender
and McAfee in the french version as well.
I also dropped the syslog module for now. So it flies instead of crawling.
Get it at http://hugo.vanderkooij.org/email/scans/maillog-virus.pl
If you got any scanner active not yet listed or doubt it will work for you
give this new one a shot.
Hugo.
--
hvdkooij at vanderkooij.org http://hugo.vanderkooij.org/
This message is using 100% recycled electrons.
Some men see computers as they are and say "Windows"
I use computers with Linux and say "Why Windows?"
(Thanks JFK, for the insight.)
More information about the MailScanner
mailing list