#! /usr/bin/env python
#
# Smail logfile analyzer
#
# Copyright (c) 1999 A E Wrede
#
# Version 0.7
# 
# should now support message format from smail version 3.2.0.98 to .106
import os, sys,  string, time, getopt

LOGFILE='/var/log/smail/logfile'

helpflag=0
unknownflag=0
verboseflag=0
optlist=[]
args=[]
typelist=[]
allflag=0
try:
	optlist, args = getopt.getopt(sys.argv[1:], 'ahl:uv')
except:
	helpflag=1

for o,a in optlist:
	if o == '-a':
		allflag=1
	elif o == '-h':
		helpflag=1
	elif o == '-l':
		typelist.append(a)
	elif o == '-u':
		unknownflag=1
	elif o == '-v':
		verboseflag=verboseflag + 1

if helpflag:
	print "usage:",sys.argv[0]," [-vh] [logfile ...]"
	print " -h        help, print this text"
	print " -l <type> list records of type <type>"
	print "	-a        list all records"
	print "	-v        list messages"
	
	sys.exit(1)
		
if len(args) == 0:
	logfiles=[LOGFILE]
else:
	logfiles=args

msgs={}
counts={}
firsttime=0
lasttime=0
deliverytime=0
deliverycount=0
completedtime=0
completedcount=0
tsize=0
for logfile in logfiles:
	f=open(logfile,'r')
	while 1:
		l=f.readline()
		if len(l) == 0:
			break
		a=string.split(l[:-1])
		try:
			dt=time.strptime(string.join(a[0:2]),"%m/%d/%Y %H:%M:%S:")
			if firsttime > time.mktime(dt) or firsttime == 0:
				firsttime=time.mktime(dt)
			if lasttime < time.mktime(dt) or lasttime == 0:
				lasttime=time.mktime(dt)
			id=a[2]
			key=a[3]
			try:
				key2=a[4]
			except:
				key2=''
		except:
			dt='0'
			id='-'
			key='Unknown'
	
		if key == 'remote':			# smail v3.2.0.106
			id='remote'
			key=a[4]
			key2=a[5]

		if id == 'remote':
			if key == 'connection':
				key='Daemon Connect'
			elif key in ['HELO:', 'EHLO:']:
				if key2 == 'invalid':
					key='HELO Error'
				elif key2 == 'questionable':
					key='HELO Warning'
				else:
					key='Unknown'
			elif key == 'MAIL':
				key='Rejected'
			elif key == 'RCPT':
				key='Refused'
			elif string.find(l,'security violation') >= 0:
				key='Security'
			else:
				key='Unknown'
			id='-'

		if id == 'pid':
			if string.join(a[4:7]) == 'smail daemon started':
				key='Daemon Restart'
			elif string.join(a[4:8]) == 'SIGTERM received, shutting down':
				key='Daemon Shutdown'
			elif string.join(a[4:7]) == 'new config files,':
				key='Daemon Reload'
			else:
				key='Unknown'
			id='-'

		if id == 'SMTP':
			if key == 'connection':
				if key2 == 'timeout':
					key='SMTP timeout'
				else:
					key='SMTP connection'
			else:
				key='SMTP error'
			
		if key in ['Returned','Sent']:
			key='Bounced'
	
		if key in ['SMTP']:
			key='Protocol'
	
		if key == "Completed.":
			key="Completed"
	
		if not counts.has_key(key):
			counts[key]=1
		else:
			counts[key]=counts[key]+1

#		if not key in ['Received','Delivered','Completed','Failed','Deferred',
#			'Error','Warning','Bounced','Protocol','Daemon Connect','Daemon Security',
#			'Daemon Restart','Daemon Shutdown','Daemon Reload']:
#			key='Unknown'
	
		if allflag or key in typelist:
			print l[:-1]

		if key == 'Unknown':
			continue

		msg={'Time': dt}
		msg['Type']=key
		if key in ['Received','Delivered','Completed','Failed',
				   'Bounced','Deferred']:
			if key == 'Failed':
				for i in a[4:7]:
					x=string.split(i,':')
					if x[0] == 'SIZE':
						tsize=tsize + string.atoi(x[1])
					msg[x[0]]=string.join(x[1:])
				x=string.split(string.join(a[7:]),':')
				msg[x[0]]=string.join(x[1:])
			else:
				for i in a[4:]:
					x=string.split(i,':')
					if x[0] == 'SIZE':
						tsize=tsize + string.atoi(x[1])
					msg[x[0]]=string.join(x[1:])
		elif key == 'mail':
			msg['Type']='Disposed'
			msg['Moved To']=a[6]
		else:
			msg['OTHER']=string.join(a[3:])
	
	
		if not msgs.has_key(id):
			msgs[id]=[msg]
		else:
			msgs[id].append(msg)
	f.close()


for i in msgs.keys():
	rtime=0
	for j in msgs[i]:
		if j['Type'] == 'Received':
			rtime=time.mktime(j['Time'])
		elif j['Type'] in ['Delivered','Completed']:
			if rtime > 0:
				dtime=time.mktime(j['Time']) - rtime
				if j['Type'] == 'Delivered':
					deliverytime=deliverytime + dtime
					deliverycount=deliverycount + 1
				else:
					completedtime=completedtime + dtime
					completedcount=completedcount + 1

if verboseflag:
	for i in msgs.keys():
		if  unknownflag == 0 and i == "-":
			continue
		print ""
		print "Message",i+":"
		for j in msgs[i]:
			delta=''
			if j['Type'] == 'Received':
				rtime=time.mktime(j['Time'])
			elif j['Type'] in ['Delivered','Completed','Failed','Bounced','Deferred','Disposed']:
				dtime=time.mktime(j['Time']) - rtime
				delta="(%0.0f sec after receiving)" % dtime
			print "  ",j['Type'],time.asctime(j['Time']),delta
			for k in j.keys():
				if not k in ['Type','Time']:
					print "    ",k,":	",j[k]


secs=lasttime - firsttime
if secs == 0:
	secs=1
mins=secs / 60.0
print "first log entry:", time.asctime(time.localtime(firsttime))
print "last log entry: %s for %0.0f Minutes" % (time.asctime(time.localtime(lasttime)), mins)

print ""
print "Record Counts by Type"
print "%-20s %5s %5s" % ("Type", "Count", "Rate/Min")
print "%-20s %5s %5s" % ("----", "-----", "--------")
r=counts.keys()
r.sort()
for i in r:
	print "%-20s %5d %8.1f" % (i, counts[i], (counts[i] + 0.0)/mins),
	if i == 'Received':
		print " %d KBytes" % (tsize / 1024)
	else:
		print


if deliverytime > 0:
	print "Average delivery time: %0.1f seconds" % ( deliverytime / deliverycount)
if completedtime > 0:
	print "Average completed time: %0.1f seconds" % ( completedtime / completedcount)

.