Repository
Munin (2.0)
Last change
2019-02-08
Graph Categories
Family
auto
Capabilities
Language
Shell
License
GPL-2.0-only

amavis

Example graph: week

Name

amavis - plugin to monitor the amavis mail filter.

Applicable Systems

Hosts running amavis localy and logtail(8) installed.

Configuration

The configuration environment variables are available

  • amavislog

    Path to logfile (Default: “/var/log/mail/mail.info”)

  • logtail

    Path to logtail command (Default: “logtail”)

On most systems the mail logs are not readable by nobody which the plugin usually runs at. To enable log reading it needs to run as a group or user that has read access, as shown above.

By default the logtail program is started without any explicit path, but if it is not found in the system $PATH then you’ll need to specify the full path for the program.

Example Configuration

The following shows a typical configuration:

[amavis]
   env.amavislog     /var/log/mail/mail.info
   env.logtail       /usr/bin/logtail
   group adm

Interpretation

The plugin shows “probable spam”, “surley spam” and “virus”. If your “probable spam” raises you may need to tune your spam configuration to classify more spam as “surley spam” and so be able to elliminate it.

Magic Markers

#%# family=auto
#%# capabilities=autoconf

Bugs

Should use counters since the origin data is really counters. If the node has multiple masters the data served will now be incorrect. Proper operation may require porting to perl or such.

Author

Unknown

License

GPLv2

#!@@GOODSH@@
# -*- sh -*-
# vim: ft=sh

: <<=cut

=head1 NAME

amavis - plugin to monitor the amavis mail filter.

=head1 APPLICABLE SYSTEMS

Hosts running amavis localy and logtail(8) installed.

=head1 CONFIGURATION

The configuration environment variables are available

=over 4

=item amavislog

Path to logfile (Default: "/var/log/mail/mail.info")

=item logtail

Path to logtail command (Default: "logtail")

=back

On most systems the mail logs are not readable by nobody which the
plugin usually runs at.  To enable log reading it needs to run as a
group or user that has read access, as shown above.

By default the logtail program is started without any explicit path,
but if it is not found in the system $PATH then you'll need to specify
the full path for the program.

=head2 EXAMPLE CONFIGURATION

The following shows a typical configuration:

  [amavis]
     env.amavislog     /var/log/mail/mail.info
     env.logtail       /usr/bin/logtail
     group adm

=head1 INTERPRETATION

The plugin shows "probable spam", "surley spam" and "virus".  If your
"probable spam" raises you may need to tune your spam configuration to
classify more spam as "surley spam" and so be able to elliminate it.

=head1 MAGIC MARKERS

  #%# family=auto
  #%# capabilities=autoconf


=head1 BUGS

Should use counters since the origin data is really counters.  If the
node has multiple masters the data served will now be incorrect.
Proper operation may require porting to perl or such.

=head1 AUTHOR

Unknown

=head1 LICENSE

GPLv2

=cut


AMAVIS_LOG=${amavislog:-/var/log/mail/mail.info}
LOGTAIL=${logtail:-logtail}
STATEFILE=$MUNIN_PLUGSTATE/amavis.offset

if [ "$1" = "autoconf" ]; then
	if [ -f "${AMAVIS_LOG}" ] && [ -n "${LOGTAIL}" ] && [ -x "${LOGTAIL}" ] ; then
		echo yes
		exit 0
	else
		echo "no (command $LOGTAIL or file $AMAVIS_LOG not found)"
		exit 0
	fi
fi

# Try tailing a random file to check how arguments are passed
ARGS=0
"$LOGTAIL" /etc/hosts 2>/dev/null >/dev/null
if [ $? = 66 ]; then
    if [ -z "$logtail" ]; then
	ARGS=1
    fi
fi

if [ "$1" = "config" ]; then
	echo 'graph_title Amavis filter statistics'
	echo 'graph_vlabel \#'
	echo 'graph_category antivirus'
	echo 'virus.label virus'
	echo 'virus.info Number of viruses caught in email'
	echo 'spam_maybe.label probably spam'
	echo 'spam_maybe.info Emails amavis thinks probably contains spam'
	echo 'spam_sure.label surely spam'
	echo 'spam_sure.info Emails amavis is sure contains spam'
	echo 'total.label total mails'
	echo 'total.info Total emails evaluated by amavis'
	exit 0
fi

total=U
virus=U
spamm=U
spams=U

TEMP_FILE=$(@@MKTEMP@@ munin-amavis.XXXXXX)

if [ -n "$TEMP_FILE" ] && [ -f "$TEMP_FILE" ]; then
	if [ "$ARGS" != 0 ]; then
	    "$LOGTAIL" -f "${AMAVIS_LOG}" -o "${STATEFILE}" | grep 'amavis\[.*\]:' > "${TEMP_FILE}"
	else
	    "$LOGTAIL" "${AMAVIS_LOG}" "${STATEFILE}" | grep 'amavis\[.*\]:' > "${TEMP_FILE}"
	fi
	total=$(grep -c 'Hits:' "$TEMP_FILE")
	virus=$(grep -c 'INFECTED.*Hits:' "$TEMP_FILE")
	spamm=$(grep -c 'SPAMMY.*Hits:' "$TEMP_FILE")
	spams=$(grep -c 'SPAM .*Hits:' "$TEMP_FILE")

	/bin/rm -f "$TEMP_FILE"
fi

echo "virus.value ${virus}"
echo "spam_maybe.value ${spamm}"
echo "spam_sure.value ${spams}"
echo "total.value ${total}"