[exim] Fast search on exim huge logs

Pàgina inicial
Delete this message
Reply to this message
Autor: Andrey
Data:  
A: exim-users
Assumpte: [exim] Fast search on exim huge logs
Hello,

Can anyone help me to find a fastest method to search in exim logs and
get relevant message sessions or errors for particular from, to or both
fields. The problem is that our exim logs are huge (>300Mb) and exigrep
does not fast in that case.

As I understand, exigrep is constructing 2 hash tables based on log
file. First contains relevant message session messages by id and second
contains flags if it contains searching pattern. Then it prints out only
hash records from first table if flag=1. But the problem is that exigrep
reads exim log file line by line and unfortunately it is not good
solution in case of huge logs.

Is there faster algorithm to perform search in exim logs based on
from,to or both fields. Also I need to print error messages that are not
relevant on message id, for example too many recipients messages.

Thanks.