Parse::Syslog::Mail - Parse mailer logs from syslog
Version 0.10
use Parse::Syslog::Mail; my $maillog = Parse::Syslog::Mail->new('/var/log/syslog'); while(my $log = $maillog->next) { # do something with $log # ... }
As its names implies, Parse::Syslog::Mail presents a simple interface to gather mail information from a syslog file. It uses Parse::Syslog for reading the syslog, and offer the same simple interface. Currently supported log formats are: Sendmail, Postfix, Qmail.
Parse::Syslog::Mail
Parse::Syslog
Creates and returns a new Parse::Syslog::Mail object. A file path or a File::Tail object is expected as first argument. Options can follow as a hash. Most are the same as for Parse::Syslog->new().
File::Tail
Parse::Syslog->new()
Options
type - Format of the syslog stream. Can be one of "syslog" (traditional syslog format) or "metalog" (Metalog format).
type
"syslog"
"metalog"
year - Syslog files usually do store the time of the event without year. With this option you can specify the start-year of this log. If not specified, it will be set to the current year.
year
GMT - If this option is set, the time in the syslog will be converted assuming it is GMT time instead of local time.
GMT
repeat - Parse::Syslog will by default repeat xx times events that are followed by messages like "last message repeated xx times". If you set this option to false, it won't do that.
repeat
"last message repeated xx times"
locale - Specifies an additional locale name or the array of locale names for the parsing of log files with national characters.
locale
allow_future - If true will allow for timestamps in the future. Otherwise timestamps of one day in the future and more will not be returned (as a safety measure against wrong configurations, bogus year arguments, etc.)
allow_future
Example
my $syslog = new Parse::Syslog::Mail '/var/log/syslog', allow_future => 1;
Returns the next line of the syslog as a hashref, or undef when there is no more lines. The hashref contains at least the following keys:
undef
host - hostname of the machine.
host
program - name of the program.
program
timestamp - Unix timestamp for the event.
timestamp
id - Local transient mail identifier.
id
text - text description.
text
Other available keys:
from - Email address of the sender.
from
to - Email addresses of the recipients, coma-separated.
to
msgid - Message ID.
msgid
relay - MTA host used for relaying the mail.
relay
status - Status of the transaction.
status
delivery_type - (Qmail only) type of the delivery: "local" or "remote".
delivery_type
"local"
"remote"
delivery_id - (Qmail only) id number of the delivery.
delivery_id
while(my $log = $syslog->next) { # do something with $log }
Can't create new %s object: %s
(F) Occurs in new(). As the message says, we were unable to create a new object of the given class. The rest of the error may give more information.
new()
Expected an argument
(F) You tried to call new() with no argument.
Add support for other mailer daemons (Exim, Courier, Qpsmtpd). Send me logs or, even better, patches, if you want support for your favorite mailer daemon.
Sébastien Aperghis-Tramoni <sebastien@aperghis.net>
Please report any bugs or feature requests to bug-parse-syslog-mail@rt.cpan.org, or through the web interface at https://rt.cpan.org/NoAuth/Bugs.html?Dist=Parse-Syslog-Mail. I will be notified, and then you'll automatically be notified of progress on your bug as I make changes.
bug-parse-syslog-mail@rt.cpan.org
Most probably the same as Parse::Syslog, see "BUGS" in Parse::Syslog
Copyright 2005 Sébastien Aperghis-Tramoni, All Rights Reserved.
This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.
To install Parse::Syslog::Mail, copy and paste the appropriate command in to your terminal.
cpanm
cpanm Parse::Syslog::Mail
CPAN shell
perl -MCPAN -e shell install Parse::Syslog::Mail
For more information on module installation, please visit the detailed CPAN module installation guide.