# Copyright (c) 2010 Flowerfire, Inc. All Rights Reserved. asp_email = { plugin_version = "1.0" info.1.manfacturer = "Persits Software" info.1.device = "AspEmail" info.1.version = "5.0" # Service Pack 5.0.0.5 # 2008-04-23 - 1.0 - KBB - Initial creation. # The name of the log format log.format.format_label = "AspEmail (Active Server Pages Component for Email) Log Format" log.miscellaneous.log_data_type = "mail_server" log.miscellaneous.log_format_type = "mail_server" # The log is in this format if there is a match this regular expression #2008/04/15 09:23:03.640 File:20080415-09225796-500-4 From: To: SUCCESS: Sending to mail.tiger.com [mail.tiger.com]: 250 OK log.format.autodetect_regular_expression = "^[0-9]{4}/[0-9]{2}/[0-9]{2} [0-9]{2}:[0-9]{2}:[0-9]{2}.[0-9]+ File:[^ ]+ From:<[^>]+> To:<[^>]+> (SUCCESS|FAILURE|ERROR): " # The format of dates and times in this log log.format.date_format = "auto" log.format.time_format = "auto" # All log field parsing will be done using the parsing filters log.format.parse_only_with_filters = "true" # Log fields log.fields = { date = "" time = "" sender = { type = "hierarchical" hierarchy_dividers = "@" left_to_right = false leading_divider = false } recipient = { type = "hierarchical" hierarchy_dividers = "@" left_to_right = false leading_divider = false } message_id = "" status = "" action = "" destination.type = "host" server_response = "" full_server_response = "" dns_server = "" } # log.fields # Log Filters log.filters = { mark_entry = { label = '$lang_admin.log_filters.mark_entry_label' comment = '$lang_admin.log_filters.mark_entry_comment' value = 'events = 1;' } # mark_entry omit_response = { label = 'Omit full server response' comment = 'When there is a server response code, remove the message to decrease the database size.' value = ` if (server_response ne '(empty)') then ( full_server_response = '[omitted]'; ); ` disabled = true } # omit_response } # Log Parsing Filters log.parsing_filters.parse = ` #2008/04/15 10:19:28.562 File:20080415-10175787-cec-5 From: To: SUCCESS: Sending to mail.lion.net [lion.net]: 250 Ok, message saved if (matches_regular_expression(current_log_line(), '^([0-9]{4}/[0-9]{2}/[0-9]{2}) ([0-9]{2}:[0-9]{2}:[0-9]{2}).[0-9]+ File:([^ ]+) From:<([^>]+)> To:<([^>]+)> ([A-Z]+): (.*)$')) then ( v.key = $3; # Not really necessary, since all fields are on most lines. set_collected_field(v.key, 'date', $1); set_collected_field(v.key, 'time', $2); set_collected_field(v.key, 'message_id', $3); set_collected_field(v.key, 'sender', $4); set_collected_field(v.key, 'recipient', $5); set_collected_field(v.key, 'status', $6); v.message = $7; #2008/04/15 09:23:03.640 File:20080415-09225796-500-4 From: To: SUCCESS: Sending to mail.tiger.com [mail.tiger.com]: 250 OK #2008/04/15 09:34:59.515 File:20080415-09284909-b34-8 From: To: SUCCESS: Sending to mail.tiger.com [mail.bigTiger.com:]: 250 ch-sr-2.Cologny.net: Message accepted for delivery #2008/04/15 09:44:20.531 File:20080415-09402925-fec-0 From: To: FAILURE: Sending to mx1.bt.mail.yahoo.com [mta817.mail.ukl.yahoo.com]: 421 Message temporarily deferred - 4.16.51. Please refer to http://help.yahoo.com/help/us/mail/defer/defer-06.html # Note that the first part of the message excludes : only to handle the third example above. # It will have to be changed if there is ever an action with a colon. if (matches_regular_expression(v.message, '([^:]+) to ([^:]+(:\\\\])?): ?([^ ].*)')) then ( set_collected_field(v.key, 'action', $1); set_collected_field(v.key, 'destination', $2); v.response = $4; set_collected_field(v.key, 'full_server_response', v.response); if (matches_regular_expression(v.response, "^([0-9]{3}) ")) then ( set_collected_field(v.key, 'server_response', $1); ); ); #2008/04/15 09:26:51.640 File:20080415-09260775-d0c-2 From: To: FAILURE: DNS Lookup server <77.77.77.77> for MX domain else if (matches_regular_expression(v.message, 'DNS Lookup server <([^>]+)> for MX domain <([^>]+)>')) then ( set_collected_field(v.key, 'action', "DNS Lookup"); set_collected_field(v.key, 'dns_server', $1); set_collected_field(v.key, 'destination', $2); ); #2008/04/15 09:27:29.562 File:20080415-09260826-d0c-9 From: To: ERROR: No MX record for domain found at 77.77.77.77 else if (matches_regular_expression(v.message, 'No MX record for domain <([^>]+)> found at ([0-9.]+)$')) then ( set_collected_field(v.key, 'action', "DNS Lookup"); set_collected_field(v.key, 'destination', $1); set_collected_field(v.key, 'dns_server', $2); ); accept_collected_entry(v.key, false); # true or false made no difference with available sample. ); ` # Database fields database.fields = { date_time = "" day_of_week = "" hour_of_day = "" sender = "" recipient = "" message_id = "" status = "" action = "" destination = "" server_response = "" full_server_response = "" dns_server = "" } # database.fields database.numerical_fields = { messages = { default = true log_field = "message_id" type = 'unique' } # messages events = { default = true requires_log_field = false entries_field = true } # events } # database.numerical_fields create_profile_wizard_options = { # How the reports should be grouped in the report menu report_groups = { date_time_group = "" } # report_groups final_step = ` include "templates.admin.profiles.setup_reports_util"; string profile = "profiles." . volatile.new_profile_name; string reports = profile . ".statistics.reports"; # Create the standard reports add_standard_reports(profile); v.report = reports . ".message_id.report_elements.message_id"; set_node_value(v.report . ".sort_by", "events"); v.columns = v.report . ".columns"; node column; foreach column v.columns ( v.field = node_value(subnode_by_name(column, 'field_name')); if (v.field eq 'messages') then ( delete_node(column); ); ); #echo("end of final_step"); ` } # create_profile_wizard_options } # asp_email