Typo fix
This commit is contained in:
parent
85dc97aa05
commit
1ef07f3acc
@ -261,13 +261,13 @@ def parse_data(data):
|
||||
fields2 = parts[1].split('\t') if len(parts) > 1 else []
|
||||
# then merge them
|
||||
fields = fields1 + fields2
|
||||
# if fields[8] != 'queued':
|
||||
# i = 0
|
||||
# print(f"len:{len(fields)}")
|
||||
# for part in fields:
|
||||
# print(f"{i}: {part}")
|
||||
# i = i +1
|
||||
# quit()
|
||||
# if fields[4] == 'localhost':
|
||||
# i = 0
|
||||
# print(f"len:{len(fields)}")
|
||||
# for part in fields:
|
||||
# print(f"{i}: {part}")
|
||||
# i = i +1
|
||||
# quit()
|
||||
# and mapping:
|
||||
try:
|
||||
return_dict = {
|
||||
@ -726,7 +726,7 @@ if __name__ == "__main__":
|
||||
found_viruses = defaultdict(int)
|
||||
|
||||
found_qpcodes = defaultdict(int)
|
||||
qpcodes_pattern = re.compile(r".*(\(.*\)).*'")
|
||||
qpcodes_pattern = re.compile(r"(\(.*\)).*'")
|
||||
i = 0;
|
||||
sorted_len= len(sorted_log_dict)
|
||||
#unless none to show
|
||||
@ -761,57 +761,17 @@ if __name__ == "__main__":
|
||||
columnCounts_2d[hour][TOTALS] += 1
|
||||
#Total totals
|
||||
columnCounts_2d[ColTotals][TOTALS] += 1
|
||||
#Queued email
|
||||
if parsed_data['action'] == '(queue)':
|
||||
columnCounts_2d[hour][Ham] += 1
|
||||
columnCounts_2d[ColTotals][Ham] += 1
|
||||
# spamassassin not rejected
|
||||
if parsed_data.get('spam-status') is not None and isinstance(parsed_data['spam-status'], str):
|
||||
if parsed_data['spam-status'].lower().startswith('no'):
|
||||
#Extract other parameters from this string
|
||||
# example: No, score=-3.9
|
||||
spam_pattern = re.compile(r'score=(-?\d+\.\d+) required=(-?\d+\.\d+)')
|
||||
match = re.search(spam_pattern, parsed_data['spam-status'])
|
||||
if match:
|
||||
score = float(match.group(1))
|
||||
#print(score,SATagLevel)
|
||||
if score < float(SATagLevel):
|
||||
# Accumulate allowed score (inc negatives?)
|
||||
hamavg += score
|
||||
hamcount += 1
|
||||
#spamassasin rejects
|
||||
if parsed_data.get('spam-status') is not None and isinstance(parsed_data['spam-status'], str):
|
||||
if parsed_data['spam-status'].lower().startswith('yes'):
|
||||
#Extract other parameters from this string
|
||||
# example: Yes, score=10.3 required=4.0 autolearn=disable
|
||||
spam_pattern = re.compile(r'score=(-?\d+\.\d+) required=(-?\d+\.\d+)')
|
||||
match = re.search(spam_pattern, parsed_data['spam-status'])
|
||||
if match:
|
||||
score = float(match.group(1))
|
||||
required = float(match.group(2))
|
||||
#print(f"{parsed_data['spam-status']} / {score} {required}")
|
||||
if score >= SARejectLevel:
|
||||
columnCounts_2d[hour][DelSpam] += 1
|
||||
columnCounts_2d[ColTotals][DelSpam] += 1
|
||||
rejectspamavg += score
|
||||
rejectspamcount += 1
|
||||
elif score >= required:
|
||||
columnCounts_2d[hour][QuedSpam] += 1
|
||||
columnCounts_2d[ColTotals][QuedSpam] += 1
|
||||
spamavg += score
|
||||
spamqueuedcount += 1
|
||||
|
||||
#Local send
|
||||
elif DomainName in parsed_data['sendurl']:
|
||||
columnCounts_2d[hour][Local] += 1
|
||||
columnCounts_2d[ColTotals][Local] += 1
|
||||
|
||||
# first spot the fetchmail and local deliveries.
|
||||
#Local send
|
||||
if DomainName in parsed_data['sendurl']:
|
||||
columnCounts_2d[hour][Local] += 1
|
||||
columnCounts_2d[ColTotals][Local] += 1
|
||||
#Relay or webmail
|
||||
elif not is_private_ip(parsed_data['ip']) and is_private_ip(parsed_data['sendurl1']) and parsed_data['action1'] == 'queued':
|
||||
#Relay
|
||||
if parsed_data['action1'] == 'queued':
|
||||
columnCounts_2d[hour][Relay] += 1
|
||||
columnCounts_2d[ColTotals][Relay] += 1
|
||||
columnCounts_2d[hour][Relay] += 1
|
||||
columnCounts_2d[ColTotals][Relay] += 1
|
||||
elif WebmailIP in parsed_data['sendurl1'] and not is_private_ip(parsed_data['ip']):
|
||||
#webmail
|
||||
columnCounts_2d[hour][WebMail] += 1
|
||||
@ -852,6 +812,72 @@ if __name__ == "__main__":
|
||||
columnCounts_2d[hour][WebMail] += 1
|
||||
columnCounts_2d[ColTotals][WebMail] += 1
|
||||
|
||||
|
||||
|
||||
|
||||
#Queued email
|
||||
if parsed_data['action'] == '(queue)':
|
||||
columnCounts_2d[hour][Ham] += 1
|
||||
columnCounts_2d[ColTotals][Ham] += 1
|
||||
# spamassassin not rejected
|
||||
if parsed_data.get('spam-status') is not None and isinstance(parsed_data['spam-status'], str):
|
||||
if parsed_data['spam-status'].lower().startswith('no'):
|
||||
#Extract other parameters from this string
|
||||
# example: No, score=-3.9
|
||||
spam_pattern = re.compile(r'score=(-?\d+\.\d+) required=(-?\d+\.\d+)')
|
||||
match = re.search(spam_pattern, parsed_data['spam-status'])
|
||||
if match:
|
||||
score = float(match.group(1))
|
||||
#print(score,SATagLevel)
|
||||
if score < float(SATagLevel):
|
||||
# Accumulate allowed score (inc negatives?)
|
||||
hamavg += score
|
||||
hamcount += 1
|
||||
#spamassasin rejects
|
||||
if parsed_data.get('spam-status') is not None and isinstance(parsed_data['spam-status'], str):
|
||||
if parsed_data['spam-status'].lower().startswith('yes'):
|
||||
#Extract other parameters from this string
|
||||
# example: Yes, score=10.3 required=4.0 autolearn=disable
|
||||
spam_pattern = re.compile(r'score=(-?\d+\.\d+) required=(-?\d+\.\d+)')
|
||||
match = re.search(spam_pattern, parsed_data['spam-status'])
|
||||
if match:
|
||||
score = float(match.group(1))
|
||||
required = float(match.group(2))
|
||||
#print(f"{parsed_data['spam-status']} / {score} {required}")
|
||||
if score >= SARejectLevel:
|
||||
columnCounts_2d[hour][DelSpam] += 1
|
||||
columnCounts_2d[ColTotals][DelSpam] += 1
|
||||
rejectspamavg += score
|
||||
rejectspamcount += 1
|
||||
elif score >= required:
|
||||
columnCounts_2d[hour][QuedSpam] += 1
|
||||
columnCounts_2d[ColTotals][QuedSpam] += 1
|
||||
spamavg += score
|
||||
spamqueuedcount += 1
|
||||
|
||||
|
||||
|
||||
# Count the qpsmtpd codes
|
||||
if parsed_data['error-plugin'].strip() == 'naughty':
|
||||
#print(f"Found naughty {parsed_data['error-msg']}")
|
||||
if parsed_data['error-msg'].startswith("(dnsbl)"):
|
||||
#print("Found dnsbl")
|
||||
columnCounts_2d[hour][RBLDNS]+= 1
|
||||
columnCounts_2d[ColTotals][RBLDNS]+= 1
|
||||
elif parsed_data['error-msg'].startswith("(karma)"):
|
||||
columnCounts_2d[hour][KARMA] += 1
|
||||
columnCounts_2d[ColTotals][KARMA]+= 1
|
||||
elif parsed_data['error-msg'].startswith("(helo)"):
|
||||
columnCounts_2d[hour][RBLDNS] += 1
|
||||
columnCounts_2d[ColTotals][RBLDNS]+= 1
|
||||
else:
|
||||
match = qpcodes_pattern.match(parsed_data['action1'])
|
||||
if match:
|
||||
rejReason = match.group(1)
|
||||
found_qpcodes[parsed_data['error-plugin']+"-"+rejReason] += 1
|
||||
else:
|
||||
found_qpcodes[parsed_data['action1']] += 1
|
||||
|
||||
#Now increment the column which the plugin name indicates
|
||||
if parsed_data['action'] == '(deny)' and parsed_data['error-plugin']:
|
||||
#print(f"Found plugin {parsed_data['error-plugin']}")
|
||||
@ -869,24 +895,6 @@ if __name__ == "__main__":
|
||||
found_viruses[match.group(1)] += 1
|
||||
else:
|
||||
found_viruses[parsed_data['action1']] += 1
|
||||
elif parsed_data['error-plugin'].strip() == 'naughty':
|
||||
#print(f"Found naughty {parsed_data['error-msg']}")
|
||||
if parsed_data['error-msg'].startswith("(dnsbl)"):
|
||||
#print("Found dnsbl")
|
||||
columnCounts_2d[hour][RBLDNS]+= 1
|
||||
columnCounts_2d[ColTotals][RBLDNS]+= 1
|
||||
elif parsed_data['error-msg'].startswith("(karma)"):
|
||||
columnCounts_2d[hour][KARMA] += 1
|
||||
columnCounts_2d[ColTotals][KARMA]+= 1
|
||||
elif parsed_data['error-msg'].startswith("(helo)"):
|
||||
columnCounts_2d[hour][RBLDNS] += 1
|
||||
columnCounts_2d[ColTotals][RBLDNS]+= 1
|
||||
# match = qpcodes_pattern.match(parsed_data['action1'])
|
||||
# if match:
|
||||
# rejReason = match.group(1)
|
||||
# found_qpcodes[parsed_data['error-plugin']+"-"+rejReason] += 1
|
||||
else:
|
||||
found_qpcodes['Unknown'] += 1
|
||||
else:
|
||||
found_qpcodes[parsed_data['action1']] += 1
|
||||
if isThonny:
|
||||
|
||||
Loading…
Reference in New Issue
Block a user