- Repository
- Munin (master)
- Last change
- 2020-05-27
- Graph Categories
- Family
- auto
- Capabilities
- Language
- Shell
- License
- GPL-2.0-only
amavis
Name
amavis - plugin to monitor the amavis mail filter.
Applicable Systems
Hosts running amavis localy and logtail(8) installed.
Configuration
The configuration environment variables are available
amavislog
Path to logfile (Default: “/var/log/mail/mail.info”)
logtail
Path to logtail command (Default: “logtail”)
On most systems the mail logs are not readable by nobody which the plugin usually runs at. To enable log reading it needs to run as a group or user that has read access, as shown above.
By default the logtail program is started without any explicit path, but if it is not found in the system $PATH then you will need to specify the full path for the program.
Example Configuration
The following shows a typical configuration:
[amavis]
env.amavislog /var/log/mail/mail.info
env.logtail /usr/bin/logtail
group adm
Default Configuration
This is the default configuration:
[amavis]
env.mktemp_command /bin/mktemp
Interpretation
The plugin shows “probable spam”, “surely spam” and “virus”. If your “probable spam” raises you may need to tune your spam configuration to classify more spam as “surely spam” and so be able to eliminate it.
Magic Markers
#%# family=auto
#%# capabilities=autoconf
Bugs
Should use counters since the origin data is really counters. If the node has multiple masters the data served will now be incorrect. Proper operation may require porting to perl or such.
Author
Unknown
License
GPLv2
#!/bin/sh
: <<=cut
=head1 NAME
amavis - plugin to monitor the amavis mail filter.
=head1 APPLICABLE SYSTEMS
Hosts running amavis localy and logtail(8) installed.
=head1 CONFIGURATION
The configuration environment variables are available
=over 4
=item amavislog
Path to logfile (Default: "/var/log/mail/mail.info")
=item logtail
Path to logtail command (Default: "logtail")
=back
On most systems the mail logs are not readable by nobody which the
plugin usually runs at. To enable log reading it needs to run as a
group or user that has read access, as shown above.
By default the logtail program is started without any explicit path,
but if it is not found in the system $PATH then you will need to specify
the full path for the program.
=head2 EXAMPLE CONFIGURATION
The following shows a typical configuration:
[amavis]
env.amavislog /var/log/mail/mail.info
env.logtail /usr/bin/logtail
group adm
=head2 DEFAULT CONFIGURATION
This is the default configuration:
[amavis]
env.mktemp_command /bin/mktemp
=head1 INTERPRETATION
The plugin shows "probable spam", "surely spam" and "virus". If your
"probable spam" raises you may need to tune your spam configuration to
classify more spam as "surely spam" and so be able to eliminate it.
=head1 MAGIC MARKERS
#%# family=auto
#%# capabilities=autoconf
=head1 BUGS
Should use counters since the origin data is really counters. If the
node has multiple masters the data served will now be incorrect.
Proper operation may require porting to perl or such.
=head1 AUTHOR
Unknown
=head1 LICENSE
GPLv2
=cut
AMAVIS_LOG=${amavislog:-/var/log/mail/mail.info}
LOGTAIL=${logtail:-$(command -v logtail)}
STATEFILE=$MUNIN_PLUGSTATE/amavis.offset
mktemp_command="${mktemp_command:-/bin/mktemp}"
if [ "$1" = "autoconf" ]; then
if [ ! -f "$AMAVIS_LOG" ]; then
echo "no (file '$AMAVIS_LOG' not found)"
elif [ -z "$LOGTAIL" ]; then
echo "no (executable 'logtail' not found)"
elif [ ! -x "$LOGTAIL" ]; then
echo "no ('$LOGTAIL' is not executable)"
elif ! { command -v amavisd-new || command -v amavisd; } >/dev/null; then
echo "no (exeuctable 'amavisd' or 'amavisd-new' not found)"
else
echo yes
fi
exit 0
fi
# Try tailing a random file to check how arguments are passed
ARGS=0
"$LOGTAIL" /etc/hosts 2>/dev/null >/dev/null
if [ $? = 66 ]; then
if [ -z "$logtail" ]; then
ARGS=1
fi
fi
if [ "$1" = "config" ]; then
echo 'graph_title Amavis filter statistics'
echo 'graph_vlabel \#'
echo 'graph_category antivirus'
echo 'virus.label virus'
echo 'virus.info Number of viruses caught in email'
echo 'spam_maybe.label probably spam'
echo 'spam_maybe.info Emails amavis thinks probably contains spam'
echo 'spam_sure.label surely spam'
echo 'spam_sure.info Emails amavis is sure contains spam'
echo 'total.label total mails'
echo 'total.info Total emails evaluated by amavis'
exit 0
fi
total=U
virus=U
spamm=U
spams=U
TEMP_FILE=$($mktemp_command) || exit 73
trap 'rm -f "$TEMP_FILE"' EXIT
if [ -n "$TEMP_FILE" ] && [ -f "$TEMP_FILE" ]; then
if [ "$ARGS" != 0 ]; then
"$LOGTAIL" -f "${AMAVIS_LOG}" -o "${STATEFILE}" | grep 'amavis\[.*\]:' > "${TEMP_FILE}"
else
"$LOGTAIL" "${AMAVIS_LOG}" "${STATEFILE}" | grep 'amavis\[.*\]:' > "${TEMP_FILE}"
fi
total=$(grep -c 'Hits:' "$TEMP_FILE")
virus=$(grep -c 'INFECTED.*Hits:' "$TEMP_FILE")
spamm=$(grep -c 'SPAMMY.*Hits:' "$TEMP_FILE")
spams=$(grep -c 'SPAM .*Hits:' "$TEMP_FILE")
fi
echo "virus.value ${virus}"
echo "spam_maybe.value ${spamm}"
echo "spam_sure.value ${spams}"
echo "total.value ${total}"