diff options
| author | nico <nico@magicbroccoli.de> | 2019-05-30 02:18:45 +0200 |
|---|---|---|
| committer | nico <nico@magicbroccoli.de> | 2019-05-30 02:18:45 +0200 |
| commit | 6b2bf0719324856a0bbacb9b47dea88a7b9199d1 (patch) | |
| tree | 675951bdf6145b6f193638c350334054d08d9dab | |
| parent | 8e7ac358a4d0f2149873304361c73870d06f8e18 (diff) | |
readme update
* update README.md to the latest changes
| -rw-r--r-- | README.md | 37 |
1 files changed, 30 insertions, 7 deletions
@@ -14,25 +14,48 @@ pip install -r requirements.txt modules: mod_spam_filter: ... - spam_dump_file: "/var/log/ejabberd/spam-example.de.txt" + spam_dump_file: "/var/log/ejabberd/spam-@HOST@.txt" ... ``` ## usage main.py ``` -usage: main.py [-h] [-in INFILE] [-d DOMAIN] +usage: main.py [-h] [-in INFILE [INFILE ...]] [-d DOMAIN] [-r] optional arguments: -h, --help show this help message and exit - -in INFILE, --infile INFILE + -in INFILE [INFILE ...], --infile INFILE [INFILE ...] set path to input file -d DOMAIN, --domain DOMAIN specify report domain + -r, --report toggle report output to file ``` -The `--in` argument does only support a single log file at a time. +#### -in / --infile +The `--in` or `--infile` argument is designed to run automatically via the logrotate daemon. Therefor the script is +able to process gzip compressed files and also multiple files at once via shell expansion. -## usage abusereport-domain.sh +##### example +If ejabberd is configured to create multiple spamdump files it is possible to ingest all files at once, following +this example. ```bash -./abusereport-domain.sh domain.tld -```
\ No newline at end of file +$ ./main.py --in /var/log/ejabberd/spam-*.log +``` + +#### -d / --domain +If a domain is specifically defined to be processed, the script will only query the sqlite database for that domain. +It is possible to provide multiple domains at once via multiple `-d` or `--domain` arguments. + +##### example +```bash +$ ./main.py --d example.tld -d example.com + +| messages | bots | domain | first seen | last seen | +|------------+--------+-------------+-----------------------------+-----------------------------| +| 15 | 9 | example.tld | 2019-04-28T20:19:43.939926Z | 2019-05-22T13:59:53.339834Z | +| 23 | 7 | example.com | 2018-02-28T20:19:43.939926Z | 2019-05-22T13:59:53.339834Z | +``` + +#### -r / --report +This flag will only take effect if the `-d` or `--domain` argument is used. If that is the case, the script will +automatically gather information about the specified domain and write them to the `report` directory. |