Need help grepping postfix log
I'm trying to search for an unknown string (Message ID) in a log based on a known string (recipient address), and then grep the unknown string to output the entire relevant log information. I'm able to use grep and cut to output the unknown string(s), but from there I'm stumped on passing that to grep. I've used a pipe to xargs grep and that is not producing the output I'm looking for. Here is the command I'm using to grep and cut:
grep 'to=<emailaddress' /var/log/maillog | cut -d ' ' -f 6
This produces output of all the unknown strings for messages processed by Postfix for emailaddress. When I pipe to xargs I receive "grep: : No such file or directory:
grep 'to=<emailaddress' /var/log/maillog | cut -d ' ' -f 6 | xargs grep /var/log/maillog
Thanks for your help.
Solution 1:
I've been playing around a bit with my own mail logs. Try
grep 'to=<emailaddress' /var/log/maillog | cut -d ' ' -f 6 | grep -f - /var/log/maillog
The -f -
will read the list of strings to search for from stdin.
Solution 2:
I wrote a perl script which allows you to grep any information from log that you want and it will print all lines with the same queue id (with one pass thru the file and without file size limitation):
https://github.com/brablc/postfix-tools/blob/master/pflogrep