Ok, I see your point. I'll work on adding some more succinct
summary style
messages to trace level 2.
On Wed, Aug 8, 2007, Michael Monnerie
<michael.monnerie it-management.at>
said:
> --nextPart15422214.TlcSRRuqPH
> Content-Type: text/plain;
> charset="iso-8859-1"
> Content-Transfer-Encoding: quoted-printable
> Content-Disposition: inline
>
> On Mittwoch, 8. August 2007 Marc Dirix wrote:
>> http:/
/www.dbmail.org/mantis/view.php?id=3D494
>>
>> It does not state it directly, but Aaron stated to
use Level3 for
>> administration purposes as to my question.
>
> Now I'm at level 3, *WAY* too much information here:
>
> Aug 9 01:11:32 mail.at dbmail/pop3d[6284]:
Message:[serverchild] serverchi=
> ld.c,PerformChildTask(+347): incoming connection from
[84.160.67.211] by pi=
> d [6284]
> Aug 9 01:11:32 mai.lat dbmail/pop3d[6284]:
Message:[pop3] pop3.c,pop3(+440=
> ): user w.schiekktc-gmbh.de logged in [messages=3D0,
octets=3D0]
> Aug 9 01:11:32 mail.at dbmail/pop3d[6284]:
Message:[pop3] pop3.c,pop3_hand=
> le_connection(+188): user w.schiekktc-gmbh.de logging out [messages=3D0, o=
> ctets=3D0]
>
> Aug 9 01:11:35 mail.at dbmail/pop3d[6141]:
Message:[serverchild] serverchi=
> ld.c,PerformChildTask(+347): incoming connection from
[84.160.67.211] by pi=
> d [6141]
> Aug 9 01:11:36 mail.at dbmail/pop3d[6141]:
Message:[pop3] pop3.c,pop3(+440=
> ): user w.yinktc-gmbh.de logged in [messages=3D0,
octets=3D0]
> Aug 9 01:11:36 mail.at dbmail/pop3d[6141]:
Message:[pop3] pop3.c,pop3_hand=
> le_connection(+188): user w.yinktc-gmbh.de logging out
[messages=3D0, octe=
> ts=3D0]
>
> That's 6 lines for 2 user logins in POP. There should
be only 1 line per PO=
> P login/check per user, like:
> Aug 9 01:01:37 power2u popper[32003]: Stats: kanzarai
0 0 0 0 80.109.237.1=
> 70 80.109.237.170 [pop_updt.c:296]
> Aug 9 01:04:31 power2u popper[32141]: Stats: service 0
0 1 550 82.218.22.6=
> 8 82.218.22.68 [pop_updt.c:296]
> Aug 9 01:04:38 power2u popper[32150]: Stats: cadobrmu
0 0 0 0 81.223.166.8=
> 2 81.223.166.82 [pop_updt.c:296]
> That's username, (messages, bytes) received,
(messages,bytes) still left, I=
> P address,=20
> it would be good to also log duration, that's enough
information.
>
>
> As for IMAP, I see this:
>
> Aug 9 01:07:49 mail.at dbmail/imap4d[6169]:
Message:[serverchild] serverch=
> ild.c,PerformChildTask(+347): incoming connection from
[127.0.0.1] by pid [=
> 6169]
> Aug 9 01:07:52 mail.at dbmail/imap4d[6169]:
Message:[imapsession] dbmail-i=
> mapsession.c,dbmail_imap_session_handle_auth(+1587):
user (id:1401, name an=
> dreaswelleditsch.at) tries login
> Aug 9 01:07:52 mail.at dbmail/imap4d[6169]:
Message:[imapsession] dbmail-i=
> mapsession.c,dbmail_imap_session_handle_auth(+1608):
user (id 1401, name an=
> dreaswelleditsch.at) login accepted
>
> Aug 9 01:07:54 mail.at dbmail/imap4d[6195]:
Message:[serverchild] serverch=
> ild.c,PerformChildTask(+347): incoming connection from
[127.0.0.1] by pid [=
> 6195]
> Aug 9 01:07:56 mail.at dbmail/imap4d[6195]:
Message:[imapsession] dbmail-i=
> mapsession.c,dbmail_imap_session_handle_auth(+1587):
user (id:1401, name an=
> dreaswelleditsch.at) tries login
> Aug 9 01:07:56 mail.at dbmail/imap4d[6195]:
Message:[imapsession] dbmail-i=
> mapsession.c,dbmail_imap_session_handle_auth(+1608):
user (id 1401, name an=
> dreaswelleditsch.at) login accepted
>
> Aug 9 01:07:59 mail.at dbmail/imap4d[6195]:
Message:[imap] imapcommands.c,=
> _ic_logout(+126): user (id:1401) logging out
[2007-08-09 01:07:59]
> Aug 9 01:07:59 mail.at dbmail/imap4d[6195]:
Message:[imap] imap4.c,IMAPCli=
> entHandler(+322): Closing connection for client from IP
[127.0.0.1]
>
> Aug 9 01:08:00 mail.at dbmail/imap4d[6169]:
Message:[imap] imapcommands.c,=
> _ic_logout(+126): user (id:1401) logging out
[2007-08-09 01:08:00]
> Aug 9 01:08:00 mail.at dbmail/imap4d[6169]:
Message:[imap] imap4.c,IMAPCli=
> entHandler(+322): Closing connection for client from IP
[127.0.0.1]
>
> Aug 9 01:09:30 mail.at dbmail/imap4d[8712]:
Error:[imap] imap4.c,IMAPClien=
> tHandler(+138): [Illegal seek] on read-stream
>
> Looks like the first 2x3 lines are two logins, then 2x2
lines for logout, a=
> nd one message where
> I have no idea what I should do with that information.
> It would be good to log only:
> 1) login: username, successful or not, IP address
> 2) logout: username, duration online, messages/bytes
transferred, IP addres=
> s,=20
> and maybe a hint if IMAP IDLE was used (could be good
in case of performan=
> ce problems)
>
> The amount of lines should be restricted to a minimum,
to
> keep the log friendly.
>
> mfg zmi
> =2D-=20
> // Michael Monnerie, Ing.BSc ----- http://it-management.at
> // Tel: 0676/846 914 666
.network.your.ideas.
> // PGP Key: "curl -s http://zmi.at/zmi.asc | gpg
--import"
> // Fingerprint: EA39 8918 EDFF 0A68 ACFB 11B7 BA2D
060F 1C6F E6B0
> // Keyserver: www.keyserver.net
Key-ID: 1C6FE6B0
>
> --nextPart15422214.TlcSRRuqPH
> Content-Type: application/pgp-signature;
name=signature.asc
> Content-Description: This is a digitally signed message
part.
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.5 (GNU/Linux)
>
>
iD8DBQBGulKoui0GDxxv5rARArUpAJ9knkXAB62gNNaJLwoG4wKALRAWpgCf
X89h
> QLiYdaLwh1zLDeZJi3e7kP0=
> =F7FR
> -----END PGP SIGNATURE-----
>
> --nextPart15422214.TlcSRRuqPH--
>
--
_______________________________________________
DBmail mailing list
DBmaildbmail.org
htt
ps://mailman.fastxs.nl/mailman/listinfo/dbmail
|
