# Copyright (c) 2013 Flowerfire, Inc. All Rights Reserved. notes = { plugin_version = "1.0" info.1.manufacturer = "IBM" info.1.device = "Notes" info.1.version.1 = "" info.1.manufacturer = "Lotus" info.1.device = "Notes" info.1.version.1 = "" # 2013-10-09 - 1.0 - GMF - Initial creation # The name of the log format log.format.format_label = "Lotus Notes Log Format" log.miscellaneous.log_data_type = "syslog_required" log.miscellaneous.log_format_type = "mail_server" # The log is in this format if any of the first ten lines match this regular expression #Aug 7 10:54:09 192.168.0.19 mail_ts GenericLog 0 0 0 0 08/07/2013 10:35:34 AM SMTP Server: abc.xyz.com (12.34.56.78) connected #sendmail[7344]: l9O8K1107344: from=sys log.format.autodetect_regular_expression = "[A-Z][a-z][a-z] +[0-9]+ +[0-9][0-9]:[0-9][0-9]:[0-9][0-9] [0-9.a-f:]+ [^ ]+ " # All log field parsing will be done using the parsing filters log.format.parse_only_with_filters = "true" # Log fields log.fields = { log_type = "" sender = "" recipient = "" events = "" bytes = "" time_taken = "" } # log.fields # Log Parsing Filters log.parsing_filters.parse = ` #Aug 7 10:54:09 192.168.0.19 mail_ts GenericLog 0 0 0 0 08/07/2013 10:35:34 AM Router: Message 0013BC80 delivered to Phatiya Sinprasert/ETRNY from Siriporn_P@thaiglico.com OF31F9D552:529DEA81 ON47257BC0:0013BC80 Size: 49K Time: 00:00:00 Hop Count: 1 if (matches_regular_expression(v.syslog_message, '^[^ ]+ ([^ ]+) [0-9]+ [0-9]+ [0-9]+ [0-9]+ ([0-9/]+) ([0-9:]+ [AP]M) (.*)$')) then ( set_collected_field('', 'log_type', $1); set_collected_field('', 'date', $2); set_collected_field('', 'time', $3); v.message = $4; if (matches_regular_expression(v.message, '^Router: Message [^ ]+ delivered to (.*) from (.*) [^ ]+ [^ ]+ Size: ([^ ]+) Time: ([^ ]+)')) then ( set_collected_field('', 'recipient', $1); set_collected_field('', 'sender', $2); v.size = $3; v.time = $4; if (matches_regular_expression(v.size, '([0-9]+)K')) then v.size = v.size * 1024; else if (matches_regular_expression(v.size, '([0-9]+)M')) then v.size = v.size * 1024 * 1024; set_collected_field('', 'bytes', v.size); if (matches_regular_expression(v.time, '^([0-9]+):([0-9]+):([0-9]+)$')) then v.time = $1 * 60*60 + $2 * 60 + $3; set_collected_field('', 'time_taken', v.time); set_collected_field('', 'events', 1); accept_collected_entry('', false); ); ); ` # Database fields database.fields = { log_type = "" sender = "" recipient = "" } # database.fields database.numerical_fields = { events = { default = true } bytes = { type = "int" integer_bits = 64 display_format_type = "bandwidth" } time_taken = { display_format_type = duration_compact aggregation_method = "max" } # time_taken } # database.numerical_fields log.filters = { } # log.filters create_profile_wizard_options = { # How the reports should be grouped in the report menu report_groups = { date_time_group = "" } # report_groups snapons = { # Attach a mail_server_reports snapon mail_server_reports = { snapon = "mail_server_reports" name = "mail_server_reports" label = "$lang_admin.snapons.mail_server_reports.label" parameters = { sender_field.parameter_value = "sender" recipient_field.parameter_value = "recipient" messages_processed_field.parameter_value = "events" have_messages_delivered_field.parameter_value = false # messages_delivered_field.parameter_value = "messages_delivered" } # parameters } # mail_server_reports # Add the standard reports add_standard_reports = { name = "add_standard_reports" label = "add_standard_reports" snapon = "add_standard_reports" } # add_standard_reports } # snapons } # create_profile_wizard_options } # sendmail