http://www.perlmonks.org?node_id=23199


in reply to Strange Behavior while Parsing Sendmail logs

I ran your regex over my sendmail logs and it behaved pretty much as expected. The only lines it missed were emails directed at multiple recipients, like so:

Jul 19 02:43:29 zoom1 sendmail[26193]: CAA26174: to=<XXX@aol.com>,<YYY@aol.com>,<ZZZ@aol.com>, ctladdr=<XXX@TelePath.Com> (13408/40), delay=00:01:14, xdelay=00:00:01, mailer=esmtp, relay=zd.mx.aol.com. [152.163.224.101], stat=Sent (OK)

Modifying the regex a bit cleared that up and I didn't get any more anomalous behavior. Here's the test code I used:

#!/usr/bin/perl while (<STDIN>) { # Only match lines that have a " to=" in them. # The leading space is important because many # lines have a "proto=" if (/ to=/) { #($to_addr = $_) =~ s/.* to=([^,]+), .*/$1/; ($to_addr = $_) =~ s/.* to=(.+?), .*/$1/; print "$to_addr"; } }

-Matt

Replies are listed 'Best First'.
RE: RE: Strange Behavior while Parsing Sendmail logs
by young perlhopper (Scribe) on Jul 19, 2000 at 19:40 UTC
    What version of perl are you running? We are a little
    behind the curve (5.004) and I suspect that may be the
    reason.

    -Mark

      5.005_02

      -Matt