Here some confs.
DROP TABLE IF EXISTS `Smtpd`;
CREATE TABLE IF NOT EXISTS `Smtpd` (
`ID` int(10) unsigned NOT NULL AUTO_INCREMENT,
`ReportedTime` datetime NOT NULL,
`MessageTime` varchar(40) NOT NULL,
`Host` text NOT NULL,
`Process` varchar(40) NOT NULL,
`ProcessID` int(11) NOT NULL,
`Message` text NOT NULL,
`ClientHost` varchar(255) NOT NULL,
`ClientIP` varchar(15) NOT NULL,
`MailFrom` varchar(255) NOT NULL,
`MailTo` varchar(255) NOT NULL,
`MessageID` varchar(40) NOT NULL,
`Status` varchar(255) NOT NULL,
PRIMARY KEY (`ID`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=1453 ;
CREATE TABLE IF NOT EXISTS `Smtpd` (
`ID` int(10) unsigned NOT NULL AUTO_INCREMENT,
`ReportedTime` datetime NOT NULL,
`MessageTime` varchar(40) NOT NULL,
`Host` text NOT NULL,
`Process` varchar(40) NOT NULL,
`ProcessID` int(11) NOT NULL,
`Message` text NOT NULL,
`ClientHost` varchar(255) NOT NULL,
`ClientIP` varchar(15) NOT NULL,
`MailFrom` varchar(255) NOT NULL,
`MailTo` varchar(255) NOT NULL,
`MessageID` varchar(40) NOT NULL,
`Status` varchar(255) NOT NULL,
PRIMARY KEY (`ID`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=1453 ;
And here my rsyslogd.conf
# Author: Omi
#
$ModLoad imuxsock
$ModLoad imklog
$ModLoad ommysql
$ActionOmmysqlServerPort 3308
# Connection
$template Smtpd,"insert into smtpdAccess (`ReportedTime`, `MessageTime`, `Host`, `Process`, `ProcessID`, `MessageID`, `Message`, `ClientHost`, `ClientIP`, `MailFrom`, `MailTo`, `Status`) values ( '%timereported:::date-rfc3339%', '%timegenerated%', '%hostname%', '%syslogtag:R,ERE,1,BLANK:(.*)\[[0-9]+\]--end%', '%procid%', '%msg:R,ERE,1,BLANK:(([A-Z]|[0-9]){8}):--end%', '%msg%', '%msg:R,ERE,2,BLANK:(from |client=)([a-z]+|[A-Z]+|\.|\-|[0-9]+)+\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\](.*)--end%', '%msg:R,ERE,3,BLANK:(from |client=)([a-z]+|[A-Z]+|\.|\-|[0-9]+)+\[([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})\]--end%', '%msg:R,ERE,1,BLANK:from=<(.+)>, size--end%', '%msg:R,ERE,1,BLANK:to=<(.+)>, relay--end%', '%msg:R,ERE,1,BLANK:status=(.*)--end%')",SQL
mail.info :ommysql:ServerIP,database,user,password;Smtpd
#
$ModLoad imuxsock
$ModLoad imklog
$ModLoad ommysql
$ActionOmmysqlServerPort 3308
# Connection
$template Smtpd,"insert into smtpdAccess (`ReportedTime`, `MessageTime`, `Host`, `Process`, `ProcessID`, `MessageID`, `Message`, `ClientHost`, `ClientIP`, `MailFrom`, `MailTo`, `Status`) values ( '%timereported:::date-rfc3339%', '%timegenerated%', '%hostname%', '%syslogtag:R,ERE,1,BLANK:(.*)\[[0-9]+\]--end%', '%procid%', '%msg:R,ERE,1,BLANK:(([A-Z]|[0-9]){8}):--end%', '%msg%', '%msg:R,ERE,2,BLANK:(from |client=)([a-z]+|[A-Z]+|\.|\-|[0-9]+)+\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\](.*)--end%', '%msg:R,ERE,3,BLANK:(from |client=)([a-z]+|[A-Z]+|\.|\-|[0-9]+)+\[([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})\]--end%', '%msg:R,ERE,1,BLANK:from=<(.+)>, size--end%', '%msg:R,ERE,1,BLANK:to=<(.+)>, relay--end%', '%msg:R,ERE,1,BLANK:status=(.*)--end%')",SQL
mail.info :ommysql:ServerIP,database,user,password;Smtpd
Комментариев нет:
Отправить комментарий