<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=US-ASCII;">
<META content="MSHTML 5.50.4919.2200" name=GENERATOR></HEAD>
<BODY>
<DIV><SPAN class=494040113-10092002><FONT face=Arial color=#0000ff
size=2>Thanks!</FONT></SPAN></DIV>
<DIV> </DIV>
<P><FONT size=2>Matt Doherty<BR>IT Dept<BR>Datawatch Corp<BR><BR>>>In a
world without walls or fences, who needs Windows and Gates?<<</FONT> </P>
<BLOCKQUOTE>
<DIV class=OutlookMessageHeader dir=ltr align=left><FONT face=Tahoma
size=2>-----Original Message-----<BR><B>From:</B> Jonas Bardino
[mailto:jonas@ODENSE.KOLLEGIENET.DK]<BR><B>Sent:</B> Monday, September 09,
2002 6:13 PM<BR><B>To:</B> MAILSCANNER@JISCMAIL.AC.UK<BR><B>Subject:</B> Re:
New release logging suggestions<BR><BR></FONT></DIV>Matt Doherty wrote:
<BR>> I would like to see some differant text in the log per email virus
<BR>> caught.. I grep the maillog to see how many viruses caught so far
that <BR>> week. For instance, I currently tried 'tail -2000
/var/log/maillog | grep >>>Virus' of course the ">" symbols
something that messes grep up and wont work. The only string <BR>> that
works best is just use the word Virus ( tail -2000 /var/log/maillog <BR>> |
grep Virus ) Only thing is, it shows the mailscanner restarting every <BR>>
four hours lines as well as the viruses caught. I cant think of anything
<BR>> good but maybe some weird character that is never seen in the maillog
<BR>> such as a & or pipe symbol? Just something that grep could sniff
out <BR>> easily ONLY for caught viruses. Or do you have a better solution?
The <BR>> Email ID to go along with it as well would be nice. for ones that
were <BR>> scanned and ones that were found to be infected. <BR>> Hope
that is a ok suggestion.. <BR>> Oh well Im still a newbie anyways 8-)
<BR>> <BR>> <BR>> Matt Doherty <BR><BR>Hi Matt <BR>Are you looking
for something like: <BR>'tail -2000 /var/log/maillog | grep
">>>Virus"' ? <BR>(if you enclose the expression in doublequotes the
">"'s won't be <BR>treated as redirects). <BR><BR>Regards, Jonas
<BR><BR></BLOCKQUOTE></BODY></HTML>