View Single Post
  #1   (View Single Post)  
Old 21st June 2008
marco64 marco64 is offline
Real Name: Marco
Port Guard
 
Join Date: May 2008
Location: Italy
Posts: 15
Default how extract specific test from Postfix logs with PHP or Perl

Hi,
I extract (in different file) several informations from Postfix logs.

more /var/log/maillog | grep NOQUEUE > /tmp/estract.txt

this extract looks like this:
PHP Code:
Jun 21 00:37:16 PUMA postfix/smtpd[29244]: NOQUEUErejectRCPT from unknown[200.141.33.198]: 504 5.5.2 <62.123.142.124>: Helo command rejectedneed fully-qualified hostnamefrom=<bey@brainpod.comto=<52366@0email.itproto=SMTP helo=<62.123.142.124>
Jun 21 00:39:51 PUMA postfix/smtpd[29303]: NOQUEUErejectRCPT from unknown[92.47.96.48]: 504 5.5.2 <62.123.142.124>: Helo command rejectedneed fully-qualified hostnamefrom=<impeller@lissamail.comto=<52366@0email.itproto=SMTP helo=<62.123.142.124>
Jun 21 00:50:26 PUMA postfix/smtpd[29449]: NOQUEUErejectRCPT from unknown[190.244.138.229]: 450 4.1.2 <52366@0email.it>: Recipient address rejectedDomain not foundfrom=<Sascha.Taddeusz@evisibility.comto=<52366@0email.itproto=ESMTP helo=<229-138-244-190.fibertel.com.ar>
Jun 21 00:51:27 PUMA postfix/smtpd[29449]: NOQUEUErejectRCPT from unknown[190.244.138.229]: 450 4.1.2 <52366@0email.it>: Recipient address rejectedDomain not foundfrom=<Sascha.Taddeusz@evisibility.comto=<52366@0email.itproto=ESMTP helo=<229-138-244-190.fibertel.com.ar
I would like to extract the IPs. For example from:
PHP Code:
Jun 21 00:51:27 PUMA postfix/smtpd[29449]: NOQUEUErejectRCPT from unknown[190.244.138.229]: 450 4.1.2 <52366@0email.it>: Recipient address rejectedDomain not foundfrom=<Sascha.Taddeusz@evisibility.comto=<52366@0email.itproto=ESMTP helo=<229-138-244-190.fibertel.com.ar
I want 190.244.138.229 for furthere handling.

Started to handle it with a PHP script but this is not solved and is becoming a time-consuming job. Though that maybe there is something ready-to-use or a good advice could help.
Reply With Quote