diff options
| -rwxr-xr-x | journal-watcher.py | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/journal-watcher.py b/journal-watcher.py new file mode 100755 index 0000000..91b9c34 --- /dev/null +++ b/journal-watcher.py @@ -0,0 +1,27 @@ +#!/bin/python + +from systemd import journal +import re +from time import sleep +from email.mime.text import MIMEText +from subprocess import Popen, PIPE + +j = journal.Reader() +j.this_boot() +j.add_match(_SYSTEMD_UNIT='courier-esmtpd.service') + +regex = re.compile('.*msg="534 SIZE=Message too big\.",cmd: MAIL FROM:[^<]*<([^>]+)> SIZE=([0-9]+)') + +while True: + item=j.get_next() + while item!={}: + match = regex.match(item['MESSAGE']) + if match: + msg = MIMEText("Hi,\n\n{} hat eine zu grosze Email ({}) geschickt ({}).".format(match.group(1),match.group(2),item['SYSLOG_TIMESTAMP'])) + msg["From"] = "journal-watcher@eckner.net" + msg["To"] = "logs@eckner.net" + msg["Subject"] = "zu grosze Email von {}".format(match.group(1)) + p = Popen(["/usr/sbin/sendmailadvanced", "-t"], stdin=PIPE) + p.communicate(msg.as_bytes()) + item=j.get_next() + sleep(10) |