Custom logs configuration

Question

I have server for mailing using postfix i want to make configuration which generate logs like this name ECMPLOG how to configure it please help

Jul 2 02:50:01 crmail7 postfix/smtp[5914]: ECMPLOG : BC5F2C5CAB3|872|<root@crmail7.infimail.com>|<root@crmail7.infimail.com>|DOM|202.162.242.150[202.162.242.150]:25|162.243.208.38->250 2.0.0 Ok: queued as D77EA18BB8C6F|0|1719868801|sent

I also tried to make changes in rsyslog conf but didnt work in my case

Answer 1

Unfortunately, you cannot modify the Postfix log entries. You will need to write a custom script to parse the log entries and then return them formatted how you want them. As someone who has just spent two weeks digging through to understand the log files, I will tell you that this is easier said than done. There are quite a few log analysis scripts available which you can find here under the "Logfile analysis" section but these are just analyzer that return counts not formatters. I wrote a Python script that ingests the logs and then parses them and inserts the data I am looking for into a custom database but unfortunately the script is entirely custom to my database and therefore sharing it here would not help too much. Here are the regular expressions in Python that I am using to help you get started, if interested.

    cleanup_reject_pattern = (
    r'^(?P<message_timestamp>\w+ \d+ \d+:\d+:\d+) (?P<message_mail_server>\S+) postfix/cleanup.*? '
    r'(?P<message_id>\S+): milter-reject: .*? from=<(?P<message_sender>[^>]+)> to=<(?P<message_recipient>[^>]+)>'
)
lmtp_pattern = (
    r'^(?P<message_timestamp>\w+ \d+ \d+:\d+:\d+) (?P<message_mail_server>\S+) postfix/lmtp.*? '
    r'(?P<message_id>\S+): to=<(?P<message_recipient>[^>]+)>, '
    r'(?:orig_to=<(?P<message_orig_to>[^>]+)>, )?'
    r'relay=(?P<message_relay>[^ ]+), delay=(?P<message_delay>[\d.]+), .*? '
    r'dsn=(?P<message_dsn>[^,]+), status=(?P<message_status>[^ ]+)'
)
qmgr_pattern = (
    r'^(?P<message_timestamp>\w+ \d+ \d+:\d+:\d+) (?P<message_mail_server>\S+) postfix/qmgr.*? '
    r'(?P<message_id>\S+): from=<(?P<message_sender>[^>]+)>, size=(?P<message_size>\d+), nrcpt=(?P<message_nrcpt>\d+)'
)
smtp_pattern = (
    r'^(?P<message_timestamp>\w+ \d+ \d+:\d+:\d+) (?P<message_mail_server>\S+) postfix/smtp.*? '
    r'(?P<message_id>\S+): to=<(?P<message_recipient>[^>]+)>, relay=(?P<message_relay>[^ ]+), '
    r'delay=(?P<message_delay>[\d.]+), .*? dsn=(?P<message_dsn>[^,]+), status=(?P<message_status>[^ ]+)'
)
smtpd_pattern = (
    r'^(?P<message_timestamp>\w+ \d+ \d+:\d+:\d+) (?P<message_mail_server>\S+) postfix/smtpd.*? '
    r'(?P<message_id>\S+): client=(?P<message_client>[\w\.-]+)(?:\[\d+\.\d+\.\d+\.\d+\])?'
)

Good luck!