<div dir="ltr"><blockquote style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;" class="gmail_quote"> but in that case use bash or ksh </blockquote><div><br>Hi Alan, <br><br>to say the truth I never thought about "additional overhead of getting the input/output data transferred" because the suprocess itself will contain the (bash)pipe to redirect output to the next utility used not the python subprocess.PIPE pipe so it will be like one subprocess with each utility piping stdout to the next as if run from the shell, what python comes in for ? well, its always sweet to work with python as it will allow you to make whatever logic you have in yoru head into real life with ease and at the end of the subprocess you can always parse the stdout using python this time & load results to some database.<br>
<br>I have to say that I have seen awk, grep & sort, wc, work on files of handreds of Mbytes in a matter of 1 or 2 seconds ... why would I replace such a fast tools ? <br><br>Alan do you think python can beat awk in speed when it comes to replacing text ? I always wanted to know it ! <br>
<br><blockquote style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;" class="gmail_quote">Any pragmatic advice on building or working with a framework to get to
the point where i can do analysis on my logs would be cool.</blockquote><div><br>ok ! so your program parses sendmail log, returns some data, your python program will then parse this data & depending on results will either send an email saying 'everything OK' or will take measures like run a subprocess.Popen('/etc/init.d/sendmail stop', shell = 1) or add some email address or hostname or ip to spamassassin lack list & reload it ... <br>
<br>but some problems will rise when we talk about the frequency you will run your scans ? every 1 minute ? every 5 minutes ? 500 mails would be recieved by then so it would be of no use.<br><br>this said this program cannot be used for real time problem detection effectively ... but it will be very effective for end-of-day statistics ... that's why programs such as spamassassin were creatd i guess ... <br>
</div></div></div>