On Tue, Jul 15, 2008 at 4:10 AM, Monika Jisswel <<a href="mailto:monjissvel@googlemail.com">monjissvel@googlemail.com</a>> wrote:<br><div class="gmail_quote"><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
lire & logethy are an option.<br>but if you want to go on your own I believe awk, grep, sort are extremely extremely extremely (yes 3 times !) powerfulI tools, so giving them up is a bad decision I guess either talking about thier speed or what they would allow you to do in few lines of code. </blockquote>
<div>Hi monika,<br><br>You are right. awk, grep and sort etc. are extremely powerful. As a unix sysadmin i use them everyday. I guess i'm looking for a couple of simple projects to strengthen my python scripting. so whilst i usually look for the best tool for the job in this case python is my hammer and everything looks like a nail <grin><br>
<br> </div><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">so what I would advice is to write a python program that uses them thru subprocess module, this way you have the best of both worlds, finaly you should set up some sort of database to hold your data & to have a real-time view of whats going on.<br>
</blockquote><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"><br></blockquote></div><br>Initially i was thinking of writing some python scripts to do some of the automation tasks that i have a need to do. I'll still do this because i want to write more code to keep the practice up.<br>
<br>But what I'd really like to do is write some scripts that analyze my email logs and catch anomalies and report them to me. Like someone emailing 500 recipients in a day or one external person emailing 500 of my users. <br>
<br>so thinking it through, my first thought was how do i get the data from the mail logfiles into usable state for analysis?<br><br>It seems some people just break down the data with regex.<br><br>I made an assumption that because i wanted to parse (in a generic sense) the sendmail logs then perhaps using a "parser" would be of some benefit. But from researching this angle, there are a lot of choices and "parser land" has lots of terminology that i just simply don't understand yet.<br>
<br>I guess I'm trying to figure out what i don't know. <br><br>Any pragmatic advice on building or working with a framework to get to the point where i can do analysis on my logs would be cool.<br><br>Cheers,<br>
<br>nibudh.<br><br><br><br><br>