#!@@GOODSH@@ # -*- sh -*- # vim: ft=sh : <<=cut =head1 NAME amavis - plugin to monitor the amavis mail filter. =head1 APPLICABLE SYSTEMS Hosts running amavis localy and logtail(8) installed. =head1 CONFIGURATION The configuration environment variables are available =over 4 =item amavislog Path to logfile (Default: "/var/log/mail/mail.info") =item logtail Path to logtail command (Default: "logtail") =back On most systems the mail logs are not readable by nobody which the plugin usually runs at. To enable log reading it needs to run as a group or user that has read access, as shown above. By default the logtail program is started without any explicit path, but if it is not found in the system $PATH then you'll need to specify the full path for the program. =head2 EXAMPLE CONFIGURATION The following shows a typical configuration: [amavis] env.amavislog /var/log/mail/mail.info env.logtail /usr/bin/logtail group adm =head1 INTERPRETATION The plugin shows "probable spam", "surley spam" and "virus". If your "probable spam" raises you may need to tune your spam configuration to classify more spam as "surley spam" and so be able to elliminate it. =head1 MAGIC MARKERS #%# family=auto #%# capabilities=autoconf =head1 BUGS Should use counters since the origin data is really counters. If the node has multiple masters the data served will now be incorrect. Proper operation may require porting to perl or such. =head1 AUTHOR Unknown =head1 LICENSE GPLv2 =cut AMAVIS_LOG=${amavislog:-/var/log/mail/mail.info} LOGTAIL=${logtail:-logtail} STATEFILE=$MUNIN_PLUGSTATE/amavis.offset if [ "$1" = "autoconf" ]; then if [ -f "${AMAVIS_LOG}" ] && [ -n "${LOGTAIL}" ] && [ -x "${LOGTAIL}" ] ; then echo yes exit 0 else echo "no (command $LOGTAIL or file $AMAVIS_LOG not found)" exit 0 fi fi # Try tailing a random file to check how arguments are passed ARGS=0 "$LOGTAIL" /etc/hosts 2>/dev/null >/dev/null if [ $? = 66 ]; then if [ -z "$logtail" ]; then ARGS=1 fi fi if [ "$1" = "config" ]; then echo 'graph_title Amavis filter statistics' echo 'graph_vlabel \#' echo 'graph_category antivirus' echo 'virus.label virus' echo 'virus.info Number of viruses caught in email' echo 'spam_maybe.label probably spam' echo 'spam_maybe.info Emails amavis thinks probably contains spam' echo 'spam_sure.label surely spam' echo 'spam_sure.info Emails amavis is sure contains spam' echo 'total.label total mails' echo 'total.info Total emails evaluated by amavis' exit 0 fi total=U virus=U spamm=U spams=U TEMP_FILE=$(@@MKTEMP@@ munin-amavis.XXXXXX) if [ -n "$TEMP_FILE" ] && [ -f "$TEMP_FILE" ]; then if [ "$ARGS" != 0 ]; then "$LOGTAIL" -f "${AMAVIS_LOG}" -o "${STATEFILE}" | grep 'amavis\[.*\]:' > "${TEMP_FILE}" else "$LOGTAIL" "${AMAVIS_LOG}" "${STATEFILE}" | grep 'amavis\[.*\]:' > "${TEMP_FILE}" fi total=$(grep -c 'Hits:' "$TEMP_FILE") virus=$(grep -c 'INFECTED.*Hits:' "$TEMP_FILE") spamm=$(grep -c 'SPAMMY.*Hits:' "$TEMP_FILE") spams=$(grep -c 'SPAM .*Hits:' "$TEMP_FILE") /bin/rm -f "$TEMP_FILE" fi echo "virus.value ${virus}" echo "spam_maybe.value ${spamm}" echo "spam_sure.value ${spams}" echo "total.value ${total}"