Установка munin
Установим нужные пакеты
sudo apt-get install munin-node munin logtail
(если у Вас уже установлен munin на каком-нибудь сервере, то установите только munin-node)
Отредактируем файл
sudo nano /etc/apache2/conf.d/munin
и поменяем (если необходимо) строку
# Allow from localhost 127.0.0.0/8 ::1
на
Allow from all
Перезапустим apache
sudo /etc/init.d/apache2 restart
Нас интересуют более подробные графики того, что происходит у нас с почтой. Поэтому создаем файлы
sudo nano /usr/share/munin/plugins/amavis-debian
#!/bin/sh
#
# Plugin to monitor the amavis mail filter for Debian
# (based upon a plugin authored by Geoffroy Desvernay)
#
# This plugin is built and tested on Debian Etch using:
# munin 1.2.5-1
# amavisd-new 2.4.2-6.1
#
# With some minor modification it should also work on non-debian systems
# This, however, is up to you
#
# Munin graph will sum up: Passed CLEAN, Blocked VIRUS, Blocked SPAM, Other
#
# Parameters understood:
# config (required)
# autoconf (optional)
#
# Config variables:
# AMAVIS_LOG - file where amavis logs are written
# STATEFILE - file which is needed to keep track of AMAVIS_LOG
# LOGTAIL - location of logtail
# BC - location of bc
#
# Enjoy!
# Fili Wiese
#
AMAVIS_LOG=${logfile:-/var/log/mail.log}
STATEFILE=/var/lib/munin/plugin-state/amavis.offset
LOGTAIL=${logtail:-`which logtail`}
BC=${bc:-`which bc`}
mktempfile () {
mktemp
}
if [ "$1" = "autoconf" ]; then
if [ -f "${AMAVIS_LOG}" -a -n "${LOGTAIL}" -a -x "${LOGTAIL}" -a -n "${BC}" -a -x "${BC}" ] ; then
echo yes
exit 0
else
echo no
exit 1
fi
fi
if [ "$1" = "config" ]; then
echo 'graph_title Amavis filter statistics'
echo 'graph_category postfix'
# echo 'graph_order total clean spam virus other'
echo 'graph_order sent clean spammy header spam virus'
echo 'graph_vlabel Mails filtered'
echo 'graph_scale no'
# echo 'total.label Total'
# echo 'total.draw AREA'
# echo 'total.colour DDDDDD'
echo 'sent.label Sent BYPASS'
echo 'sent.draw LINE1'
echo 'sent.colour 0099FF'
echo 'clean.label Passed CLEAN'
echo 'clean.draw LINE1'
echo 'clean.colour 32FA00'
echo 'spammy.label Passed SPAMMY'
echo 'spammy.draw LINE1'
echo 'spammy.colour FFCC00'
echo 'header.label Passed BAD-HEADER'
echo 'header.draw LINE1'
echo 'header.colour 99CC00'
echo 'spam.label Detected SPAM'
echo 'spam.draw LINE1'
echo 'spam.colour FF0000'
echo 'virus.label Blocked VIRUS'
echo 'virus.draw LINE1'
echo 'virus.colour 880088'
# echo 'other.label Other'
# echo 'other.draw LINE1'
# echo 'other.colour 0099FF'
exit 0
fi
sent=0
clean=0
virus=0
spam=0
spammy=0
header=0
other=0
total=0
ARGS=0
`$LOGTAIL /etc/hosts 2>/dev/null >/dev/null`
if [ $? = 66 ]; then
if [ ! -n "$logtail" ]; then
ARGS=1
fi
fi
TEMP_FILE=`mktempfile munin-amavis.XXXXXX`
if [ -n "$TEMP_FILE" -a -f "$TEMP_FILE" ]
then
if [ $ARGS != 0 ]; then
$LOGTAIL ${AMAVIS_LOG} $STATEFILE | grep 'amavis\[.*\]:' | grep -v 'TIMED OUT' > ${TEMP_FILE}
else
$LOGTAIL ${AMAVIS_LOG} $STATEFILE | grep 'amavis\[.*\]:' | grep -v 'TIMED OUT' > ${TEMP_FILE}
fi
# total=`cat ${TEMP_FILE} | wc -l`
sent=`grep 'Passed CLEAN, MYUSERS' ${TEMP_FILE} | wc -l`
clean=`grep 'Passed CLEAN,' ${TEMP_FILE} | wc -l`
clean=`echo ${clean}-${sent} | ${BC}`
spammy=`grep 'Passed SPAMMY,' ${TEMP_FILE} | wc -l`
header=`grep 'Passed BAD-HEADER' ${TEMP_FILE} | wc -l`
spam=`grep 'Blocked SPAM,' ${TEMP_FILE} | wc -l`
virus=`grep 'INFECTED' ${TEMP_FILE} | wc -l`
# other=`echo ${total}-${clean}-${virus}-${other}-${spam} | ${BC}`
/bin/rm -f $TEMP_FILE
fi
echo "sent.value ${sent}"
echo "clean.value ${clean}"
echo "spammy.value ${spammy}"
echo "header.value ${header}"
echo "spam.value ${spam}"
echo "virus.value ${virus}"
#echo "other.value ${other}"
#echo "total.value ${total}"
udo nano /usr/share/munin/plugins/amavis_
#!/usr/bin/perl -w
#
# Plugin to monitor amavisd-new statistics. Values are retrieved by querying
# the BerkeleyDB database 'snmp.db', in which amavisd-new stores its
# statistics.
#
# The plugin requires the Perl module BerkeleyDB.
#
# To use, setup /etc/munin/plugin-conf.d/amavis e.g. as follows:
#
# [amavis_*]
# env.amavis_db_home /var/lib/amavis/db
# user amavis
#
# Where env.amavis_db_home is the path to the amavisd-new BerkeleyDB files
# (/var/amavis/db by default).
#
# Then create symlinks in the Munin plugin directory named "amavis_time",
# "amavis_cache" and "amavis_content", or use munin-node-configure.
#
# Parameters:
#
# config
# autoconf
# suggest
#
# Config variables:
#
# amavis_db_home - where the amavisd-new berkeley db files are located
#
# Magic markers
#%# family=auto
#%# capabilities=autoconf
#%# capabilities=suggest
use strict;
no warnings 'uninitialized';
use BerkeleyDB;
my($dbfile) = 'snmp.db';
my($db_home) = # DB databases directory
defined $ENV{'amavis_db_home'} ? $ENV{'amavis_db_home'} : '/var/amavis/db';
if ($ARGV[0] and $ARGV[0] eq "autoconf") {
if (-x "/usr/sbin/amavisd-agent") {
print "yes\n";
exit 0;
} else {
print "no (/usr/sbin/amavisd-agent not found or not executable)\n";
exit 1;
}
} elsif ($ARGV[0] and $ARGV[0] eq "suggest") {
print "time\n";
print "cache\n";
print "content\n";
exit 0;
}
my $stats_type = "";
if ($0 =
/^(?:|.*\/)amavis_(cache|content|time)$/) {
$stats_type = $1;
} else {
print "You need to create a symlink to this plugin called either amavis_cache, amavis_time or amavis_content to be able to use it.\n";
exit 2;
}
if ($ARGV[0] and $ARGV[0] eq "config") {
if ($stats_type eq "cache") {
print "graph_title Amavis cache hit / miss ratio\n";
print "graph_args --lower-limit 0 --upper-limit 100 --rigid\n";
print "graph_category mail\n";
print "graph_info The ratio of cache hits and misses for AMaViSd-new.\n";
print "graph_order hits misses\n";
print "graph_scale no\n";
print "graph_vlabel %\n";
print "hits.label Cache hits\n";
print "hits.draw AREA\n";
print "hits.max 100\n";
print "hits.min 0\n";
print "misses.label Cache misses\n";
print "misses.draw STACK\n";
print "misses.max 100\n";
print "misses.min 0\n";
} elsif ($stats_type eq "content") {
print "graph_title Amavis scanned mails\n";
print "graph_category mail\n";
print "graph_period minute\n";
print "graph_vlabel msgs / \${graph_period}\n";
foreach my $type (qw(total clean spam spammy virus)) {
print "$type.label " . ucfirst($type) . " mails \n";
print "$type.type DERIVE\n";
print "$type.min 0\n";
}
print "clean.info Legitimate mail.\n";
print "spammy.info Mails with a spam score above the tag2 level.\n";
print "spam.info Mails with a spam score above the kill level for spam.\n";
print "virus.info Mails with a virus.\n";
print "total.info Total number of scanned mails.\n";
} elsif ($stats_type eq "time") {
print "graph_title Amavis average scan time\n";
print "graph_info Average time spent in each phase of the mail scanning process, per mail.\n";
print "graph_category mail\n";
print "graph_vlabel sec / mail\n";
print "graph_scale no\n";
print "msgs.label Total number of messages\n";
print "msgs.graph no\n";
print "msgs.type DERIVE\n";
print "msgs.min 0\n";
foreach my $type (qw(decoding receiving sending spamcheck viruscheck total)) {
print "${type}.label " . ucfirst($type) . "\n";
print "${type}.type DERIVE\n";
print "${type}.min 0\n";
print "${type}.cdef ${type},1000,/,msgs,/\n";
}
}
exit 0;
}
my ($env, $db, @dbstat, $cursor);
@dbstat = stat("$db_home/$dbfile");
my $errn = @dbstat ? 0 : 0+$!;
$errn == 0 or die "stat $db_home/$dbfile: $!";
$env = BerkeleyDB::Env->new(
-Home => $db_home,
-Flags => DB_INIT_CDB | DB_INIT_MPOOL,
-ErrFile => \*STDOUT,
-Verbose => 1,
);
defined $env or die "BDB no env: $BerkeleyDB::Error $!";
$db = BerkeleyDB::Hash->new(-Filename => $dbfile, -Env => $env);
defined $db or die "BDB no db: $BerkeleyDB::Error $!";
my %values = ();
my ($eval_stat, $stat, $key, $val);
$cursor = $db->db_cursor; # obtain read lock
defined $cursor or die "db_cursor error: $BerkeleyDB::Error";
while (($stat = $cursor->c_get($key, $val, DB_NEXT)) == 0) {
$values{$key} = $val;
}
$stat == DB_NOTFOUND or die "c_get: $BerkeleyDB::Error $!";
$cursor->c_close == 0 or die "c_close error: $BerkeleyDB::Error";
$cursor = undef;
$eval_stat = $@;
if ($eval_stat ne '') { chomp($eval_stat); die "BDB $eval_stat\n"; }
for my $k (sort keys %values) {
if ($values{$k} =
/^(?:C32|C64) (.*)\z/) {
$values{$k} = $1;
}
}
if ($stats_type eq "cache") {
my $hits = $values{'CacheHits'};
my $misses = $values{'CacheMisses'};
my $misses_ratio = $misses * 100.00 / ($hits + $misses);
my $hits_ratio = $hits * 100.00 / ($hits + $misses);
printf("hits.value %.1f\n", $hits_ratio);
printf("misses.value %.1f\n", $misses_ratio);
} elsif ($stats_type eq "content") {
printf("total.value %d\n", $values{'InMsgs'});
my $clean = $values{'ContentCleanMsgs'};
if (defined($values{'ContentCleanTagMsgs'})) {
$clean += $values{'ContentCleanTagMsgs'};
}
printf("clean.value %d\n", $clean);
printf("spam.value %d\n", $values{'ContentSpamMsgs'});
printf("spammy.value %d\n", $values{'ContentSpammyMsgs'});
printf("virus.value %d\n", $values{'ContentVirusMsgs'});
} elsif ($stats_type eq "time") {
printf("decoding.value %d\n", $values{'TimeElapsedDecoding'});
printf("receiving.value %d\n", $values{'TimeElapsedReceiving'});
printf("sending.value %d\n", $values{'TimeElapsedSending'});
printf("spamcheck.value %d\n", $values{'TimeElapsedSpamCheck'});
printf("viruscheck.value %d\n", $values{'TimeElapsedVirusCheck'});
printf("total.value %d\n", $values{'TimeElapsedTotal'});
printf("msgs.value %d\n", $values{'InMsgs'});
}
$db->db_close == 0 or die "BDB db_close error: $BerkeleyDB::Error $!";
sudo nano /usr/share/munin/plugins/postgrey
#!/bin/bash
#
# Plugin to monitor incoming Postgrey
#
# Parameters understood:
#
# config (required)
# autoconf (optional)
#
mktempfile () {
mktemp -t
}
MAIL_LOG=${logfile:-/var/log/mail.log}
STATEFILE=/var/lib/munin/plugin-state/postgrey.offset
LOGTAIL=${logtail:-`which logtail`}
if [ "$1" = "autoconf" ]; then
if [ -f "${MAIL_LOG}" -a -n "${LOGTAIL}" -a -x "${LOGTAIL}" ] ; then
echo yes
exit 0
else
echo no
exit 1
fi
fi
if [ "$1" = "config" ]; then
echo 'graph_title Postgrey daily filtering'
echo 'graph_order delayed passed whitelisted'
echo 'graph_category mail'
echo 'graph_vlabel Count'
echo 'graph_scale no'
## echo 'graph_args --base 1000 -l 0'
echo 'delayed.label delayed'
# echo 'delayed.type DERIVE'
echo 'passed.label passed'
# echo 'passed.type DERIVE'
echo 'whitelisted.label whitelisted'
# echo 'whitelisted.type DERIVE'
exit 0
fi
delayed=0
passed=0
whitelisted=0
ARGS=0
`$LOGTAIL /etc/hosts 2>/dev/null >/dev/null`
if [ $? = 66 ]; then
if [ ! -n "$logtail" ]; then
ARGS=1
fi
fi
TEMP_FILE=`mktempfile munin-postgrey.XXXXXX`
if [ -n "$TEMP_FILE" -a -f "$TEMP_FILE" ]
then
if [ $ARGS != 0 ]; then
$LOGTAIL ${MAIL_LOG} $STATEFILE | grep 'post[fix|grey]' > ${TEMP_FILE}
else
$LOGTAIL ${MAIL_LOG} $STATEFILE | grep 'post[fix|grey]' > ${TEMP_FILE}
fi
delayed=`grep 'Recipient address rejected.*Greylisted' ${TEMP_FILE} | wc -l`
# passed=`grep 'postgrey\[[0-9]*\]: delayed [0-9]* seconds:' ${TEMP_FILE} | wc -l`
passed=`grep 'postgrey\[[0-9]*\]: action=pass' ${TEMP_FILE} | wc -l`
whitelisted=`grep 'postgrey\[[0-9]*\]: whitelisted:' ${TEMP_FILE} | wc -l`
/bin/rm -f $TEMP_FILE
fi
echo "delayed.value ${delayed}"
echo "passed.value ${passed}"
echo "whitelisted.value ${whitelisted}"
sudo nano /usr/share/munin/plugins/postfix_filtered_awk
#!/bin/bash
#
# Plugin to monitor incoming Postfix mail.
#
# Parameters understood:
#
# config (required)
# autoconf (optional)
#
# requires logtail
# If you are using a postfix policy daemon (such as policyd) to track certain block conditions, place a line
# in your /etc/munin/plugin-conf.d/munin-node like:
#
# [postfix_filtered]
# env.policy my policy string
#
# When env.policy is set, this plugin will match the string you supply as env.policy and return the number of instances
# of that string as an output called "policy.value".
#
# If you are NOT using a postfix policy daemon, as above, use the line
#
# [postfix_filtered]
# env.policy none
#
# and this plugin will suppress output of policy.value
POLICY=''
[ "${policy}" = 'none' ] || POLICY="${policy}"
export POLICY
#LOGDIR=${logdir:-/var/log/mail}
#MAIL_LOG=$LOGDIR/${logfile:-info}
MAIL_LOG=/var/log/mail.info
LOGTAIL=${logtail:-`which logtail`}
STATEFILE=/var/lib/munin/plugin-state/postfix_mailfiltered_test.offset
if [ "$1" = "autoconf" ]; then
if [ -f "${MAIL_LOG}" -a -n "${LOGTAIL}" -a -x "${LOGTAIL}" ] ; then
echo yes
exit 0
else
echo no
exit 1
fi
fi
if [ "$1" = "config" ]; then
echo 'graph_title Postfix message filtering'
echo 'graph_category mail'
echo 'graph_vlabel Mails per second'
# echo 'graph_args --base 1000 --logarithmic'
echo 'graph_args --base 1000 -l 0'
if [ -z "$POLICY" ]
then
echo 'graph_order rbl helo client sender recipient relay allowed'
else
echo 'graph_order rbl policy helo client sender recipient relay allowed'
echo 'policy.label policy blocked'
echo 'policy.min 0'
echo 'policy.draw LINE1'
echo 'policy.type ABSOLUTE'
fi
echo 'allowed.draw LINE2'
echo 'allowed.type ABSOLUTE'
echo 'allowed.colour 00ff00'
echo 'rbl.draw LINE2'
echo 'rbl.type ABSOLUTE'
echo 'rbl.colour 1010ff'
for i in helo client sender recipient relay;
do
echo "$i.min 0"
echo "$i.type ABSOLUTE"
echo "$i.draw LINE1";
done
echo 'allowed.label allowed'
echo 'rbl.label RBL blocked'
echo 'helo.label HELO rejected'
echo 'client.label Client rejected'
echo 'sender.label Sender rejected'
echo 'recipient.label recipient unknown'
echo 'relay.label relay denied'
exit 0
fi
$LOGTAIL ${MAIL_LOG} $STATEFILE | \
awk 'BEGIN { na= 0; nb= 0; nc= 0; nd= 0; ne= 0; nf= 0; ng= 0; nh= 0 ; st= ENVIRON["POLICY"] }
{
if (index($0, "queued as")) { na++ }
else if (index($0, "Relay access denied")) { nb++ }
else if (index($0, "blocked using")) { nc++ }
else if (index($0, "Helo command rejected")) { nd++ }
else if (index($0, "Client host rejected")) { ne++ }
else if (index($0, "Sender address rejected")) { nf++ }
else if (index($0, "Recipient address rejected")) { ng++ }
else if (st && index($0, st)) { nh++ }
}
END { print "allowed.value " na"\nrelay.value " nb"\nrbl.value " nc"\nhelo.value " nd"\nclient.value " ne"\nsender.value " nf"\nrecipient.value " ng ; if (st) print "policy.value " nh }'
Сделаем их исполняемыми
cd /usr/share/munin/plugins
sudo chmod a+x amavis_ amavis-debian postgrey postfix_filtered_awk
cd
И создадим нужные ссылки
sudo ln -s /usr/share/munin/plugins/amavis_ /etc/munin/plugins/amavis_cache
sudo ln -s /usr/share/munin/plugins/amavis_ /etc/munin/plugins/amavis_content
sudo ln -s /usr/share/munin/plugins/amavis_ /etc/munin/plugins/amavis_time
sudo ln -s /usr/share/munin/plugins/amavis-debian /etc/munin/plugins/amavis-debian
sudo ln -s /usr/share/munin/plugins/postgrey /etc/munin/plugins/postgrey
sudo ln -s /usr/share/munin/plugins/postfix_mailstats /etc/munin/plugins/postfix_mailstats
sudo ln -s /usr/share/munin/plugins/postfix_filtered_awk /etc/munin/plugins/postfix_filtered_awk
sudo ln -s /usr/share/munin/plugins/fail2ban /etc/munin/plugins/fail2ban
Отредактируем файл /etc/munin/plugin-conf.d/munin-node
sudo nano /etc/munin/plugin-conf.d/munin-node
и вставим в него строки
[amavis-debian]
user root
group adm
[postgrey]
group adm
[amavis_*]
env.amavis_db_home /var/lib/amavis/db
user amavis
[postfix_mailstats]
group adm
[postfix_filtered_awk]
group adm
[fail2ban]
user root
Перезапустим munin-node
service munin-node restart
и через 5-10 минут получим графики. Они обновляются раз в пять минут.
|
Скачать 0.62 Mb.