Logs for multiple instances of sendmail
Logs
for multiple instances of sendmail
Logs-for-multiple-instances.t6607-133
Prev:
Need Help....
AM I used by SPAM ?
Next: Relay
+ Auth not authing
From: John Chajecki on 8 Apr 2010 11:27
We are running multiple instances of sendmail to support at least 3 SMTP
mail services for different purposes on one host. Unfortunately currently
the logs all go into one system file: /var/log/syslog.
Although I can change the location of the log in /etc/syslog.conf (or in the
future /etc/syslog-ng/syslog-ng.conf) this only works to send the log data
for all instances into the same file because all of the sendmail instances
have the same facility name i.e. 'mail'.
Can someone advise me whether it is possible, and if so then how can I send
the logs for each instance into a separate file please?
I've tried searching for information on this but so far I can only find
references for Postfix which suggest using the 'multi_instance_name' and
'syslog_name' in main.cf to change the instance name, but presumably this
only works for Postfix and not sendmail?
Can anyone help me with this please?
From: mikea on 8 Apr 2010 12:05
John Chajecki <jchaj.news(a)group.dsl.pipex.com> wrote in <4BBE03F8.FFB7.0000.0(a)group.dsl.pipex.com>:
>
> We are running multiple instances of sendmail to support at least 3 SMTP
> mail services for different purposes on one host. Unfortunately currently
> the logs all go into one system file: /var/log/syslog.
>
> Although I can change the location of the log in /etc/syslog.conf (or in the
> future /etc/syslog-ng/syslog-ng.conf) this only works to send the log data
> for all instances into the same file because all of the sendmail instances
> have the same facility name i.e. 'mail'.
>
> Can someone advise me whether it is possible, and if so then how can I send
> the logs for each instance into a separate file please?
>
> I've tried searching for information on this but so far I can only find
> references for Postfix which suggest using the 'multi_instance_name' and
> 'syslog_name' in main.cf to change the instance name, but presumably this
> only works for Postfix and not sendmail?
>
> Can anyone help me with this please?
Can you compile sendmail three times, each to its own target executable
file, each with a different definition of SM_LOG_STR, and/or to a
different facility?
Here's part of what I find from grepping on how logging is done in
sendmail:
sendmail/main.c:276:# ifndef SM_LOG_STR
sendmail/main.c:277:# define SM_LOG_STR "sendmail"
sendmail/main.c:278:# endif /* ! SM_LOG_STR */
sendmail/main.c:280: openlog(SM_LOG_STR, LOG_PID, LOG_MAIL);
sendmail/main.c:282: openlog(SM_LOG_STR, LOG_PID);
If each instance runs from its own unique executable, each with its own
unique SM_LOG_STR (e.g., "sendmail1", "sendmail2", "sendmail3"), would
that suffice?
If unique and distinct SM_LOG_STR isn't enough, then would unique
facility names here:
275 #if LOG
276 # ifndef SM_LOG_STR
277 # define SM_LOG_STR "sendmail"
278 # endif /* ! SM_LOG_STR */
279 # ifdef LOG_MAIL
280 openlog(SM_LOG_STR, LOG_PID, LOG_MAIL);
281 # else /* LOG_MAIL */
282 openlog(SM_LOG_STR, LOG_PID);
283 # endif /* LOG_MAIL */
284 #endif /* LOG */
be good enough? Because it seems easy enough to provide a definition of
LOG_MAIL at compile time, the same way you'd provide a definition of
SM_LOG_STR.
A little more hacking would let you provide the facility name and/or the
SM_LOG_STR as parameters at execution time, or let you read them in from
a file, or read them in from environment variables, or something of the
sort. These techniques would let you have one sendmail executable and
still log to separate files/facilities and/or with different "sendmail"
names.
There may even be an easier way.
I may be all wet, though. If I am, the older and wiser heads here will
say something about it.
--
Mike Andrews, W5EGO
mikea(a)mikea.ath.cx
Tired old sysadmin
From: Andrzej Adam Filip on 8 Apr 2010 12:19
"John Chajecki" <jchaj.news(a)group.dsl.pipex.com> wrote:
> We are running multiple instances of sendmail to support at least 3 SMTP
> mail services for different purposes on one host. Unfortunately currently
> the logs all go into one system file: /var/log/syslog.
>
> Although I can change the location of the log in /etc/syslog.conf (or in the
> future /etc/syslog-ng/syslog-ng.conf) this only works to send the log data
> for all instances into the same file because all of the sendmail instances
> have the same facility name i.e. 'mail'.
>
> Can someone advise me whether it is possible, and if so then how can I send
> the logs for each instance into a separate file please?
>
> I've tried searching for information on this but so far I can only find
> references for Postfix which suggest using the 'multi_instance_name' and
> 'syslog_name' in main.cf to change the instance name, but presumably this
> only works for Postfix and not sendmail?
>
> Can anyone help me with this please?
Have you considered using separate "log tags" per "sendmail instance"?
[ see "-L tag" command line option ]
You will get one log file but one "easy to split" log file.
--
Kafka's Law:
In the fight between you and the world, back the world.
-- Franz Kafka, "RS's 1974 Expectation of Days"
From: Robert Bonomi on 8 Apr 2010 16:46
In article <2gb197-6so1.ln1(a)mikea.ath.cx>, mikea <mikea(a)mikea.ath.cx>
wrote:
>John Chajecki <jchaj.news(a)group.dsl.pipex.com> wrote in
><4BBE03F8.FFB7.0000.0(a)group.dsl.pipex.com>:
>>
>> We are running multiple instances of sendmail to support at least 3 SMTP
>> mail services for different purposes on one host. Unfortunately currently
>> the logs all go into one system file: /var/log/syslog.
>>
>> Although I can change the location of the log in /etc/syslog.conf (or in the
>> future /etc/syslog-ng/syslog-ng.conf) this only works to send the log data
>> for all instances into the same file because all of the sendmail instances
>> have the same facility name i.e. 'mail'.
>>
>> Can someone advise me whether it is possible, and if so then how can I send
>> the logs for each instance into a separate file please?
>>
>> I've tried searching for information on this but so far I can only find
>> references for Postfix which suggest using the 'multi_instance_name' and
>> 'syslog_name' in main.cf to change the instance name, but presumably this
>> only works for Postfix and not sendmail?
>>
>> Can anyone help me with this please?
>
>Can you compile sendmail three times, each to its own target executable
>file, each with a different definition of SM_LOG_STR, and/or to a
>different facility?
One can use the -L command-line option to accomplish differentiation of
the ID string used in logging. No source-code changes required.
*or* it is a trivial change to the program source-code to get it to
log with different facility name. (main.c, line 280)
>
>Here's part of what I find from grepping on how logging is done in
>sendmail:
>
>sendmail/main.c:276:# ifndef SM_LOG_STR
>sendmail/main.c:277:# define SM_LOG_STR "sendmail"
>sendmail/main.c:278:# endif /* ! SM_LOG_STR */
>sendmail/main.c:280: openlog(SM_LOG_STR, LOG_PID, LOG_MAIL);
>sendmail/main.c:282: openlog(SM_LOG_STR, LOG_PID);
>
>If each instance runs from its own unique executable, each with its own
>unique SM_LOG_STR (e.g., "sendmail1", "sendmail2", "sendmail3"), would
>that suffice?
>
>If unique and distinct SM_LOG_STR isn't enough, then would unique
>facility names here:
>
> 275 #if LOG
> 276 # ifndef SM_LOG_STR
> 277 # define SM_LOG_STR "sendmail"
> 278 # endif /* ! SM_LOG_STR */
> 279 # ifdef LOG_MAIL
> 280 openlog(SM_LOG_STR, LOG_PID, LOG_MAIL);
> 281 # else /* LOG_MAIL */
> 282 openlog(SM_LOG_STR, LOG_PID);
> 283 # endif /* LOG_MAIL */
> 284 #endif /* LOG */
>
>be good enough? Because it seems easy enough to provide a definition of
>LOG_MAIL at compile time, the same way you'd provide a definition of
>SM_LOG_STR.
"LOG_MAIL" is a system-defined facility name for the 'syslog'/'syslogd'
functionality.
'LOG_LOCAL0" through "LOG_LOCAL7" are available pre-defined names for
situations where you want 'unique' local logging. (have to change the
openlog() paramater, *and* specify in 'syslog.conf' where messages of
that facility type ('local0' to 'local7', as needed) are to be sent.
From: John Chajecki on 12 Apr 2010 07:41
I've tried the (apparently undocumented) -L option which works and tags the
log entries as described which is useful I believe I can also use syslog-ng
to separate the events into separate files.
Thank you for all the responses.
|