[Dovecot] proxy: get rid of redundant log-informations
h.reindl at thelounge.net
Sun Sep 22 01:29:02 EEST 2013
Am 22.09.2013 00:18, schrieb Reindl Harald:
> Am 22.09.2013 00:07, schrieb Reindl Harald:
>> Am 21.09.2013 23:37, schrieb Timo Sirainen:
>>> Different people want different things logged. I think if I started adding settings to control those from Dovecot configuration it would quickly become a horribly complex mess
>> if fact i would only need "login_log_format = %s" but in case of failed logins
>> and dictionary attacks with unknown users "%u" is empty - if %u would *always*
>> contain the used loginname, wether if it was successful or not i would have
>> any needed information without the duplication
> errta - the problem maybe was in cased of failed logins you see no
> difference without %$ comapred to a succesfull login
> login_log_format_elements = status=%status <%u> %r %m %c
> login_log_format = %s
> would perfectly solve this while %status or whatever placeholder would be failed / success
sorry for the spam and not put it in one reply
login_log_format_elements = %status <%u> %r %m %c %cipher
login_log_format = %s
Sep 21 18:39:47 localhost dovecot: imap-login: OK, <rhsoft at test.rh>, 192.168.2.2, CRAM-MD5, DHE-RSA-CAMELLIA256-SHA
"TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA" for %k leads to linebreaks in "tail -f" which
makes it hard to follow while the proposd above contains any needed information and fits
on a 27" screen in a single line, in case of unencrypted %cipher would be simply supressed
cat maillog | grep imap | grep "OK, "
cat maillog | grep imap | grep "failed, "
cat maillog | grep pop3 | grep "OK, "
cat maillog | grep pop3 | grep "failed, "
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 263 bytes
Desc: OpenPGP digital signature
More information about the dovecot