This repository has been archived on 2024-04-08. You can view files and clone it, but cannot push or open issues or pull requests.
2011-05-28 19:51:52 +10:00

159 lines
16 KiB
HTML
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><title>Chapter 34. Showing SPAM statistics</title><link rel="stylesheet" type="text/css" href="manual.css"><meta name="generator" content="DocBook XSL Stylesheets V1.76.0"><link rel="home" href="index.html" title="JpGraph Manual"><link rel="up" href="pt08.html" title="Part VIII. Case studies"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">Chapter 34. Showing SPAM statistics</th></tr><tr><td width="20%" align="left"> </td><th width="60%" align="center">Part VIII. Case studies</th><td width="20%" align="right"> </td></tr></table><hr></div><div class="chapter" title="Chapter 34. Showing SPAM statistics"><div class="titlepage"><div><div><h2 class="title"><a name="chapter.showing-spam-stat"></a>Chapter 34. Showing SPAM statistics</h2></div></div></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="sect1"><a href="ch34.html#id2620468">34.1. Introduction and purpose</a></span></dt><dt><span class="sect1"><a href="ch34s02.html">34.2. Step 1: Parsing the log file</a></span></dt><dt><span class="sect1"><a href="ch34s03.html">34.3. Step 2: Creating the graph</a></span></dt><dt><span class="sect1"><a href="ch34s04.html">34.4. Step 3: Uploading the image file to a server</a></span></dt><dt><span class="sect1"><a href="ch34s05.html">34.5. Step 0: The full driver script</a></span></dt></dl></div>
<div class="sect1" title="Introduction and purpose"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="id2620468"></a>Introduction and purpose</h2></div></div></div>
<p>This worked example will show hot to setup a graph that is periodically generated
offline to show Spam statistics for a mail server. The graph will show daily
summaries for the three things; <span class="bold"><strong>a)</strong></span> The total number
of identified spam mails <span class="bold"><strong>b)</strong></span> The number of
immediately deleted spams and <span class="bold"><strong>c)</strong></span> The number of
suspected spams that was stored in the "spam" folder instead of being immediately
deleted.</p>
<p>An example of the graph we will generate is shown in <a class="xref" href="ch34.html#fig.spam-stats" title="Figure 34.1. Spam statistics">Figure 34.1. Spam statistics</a></p>
<div class="figure"><a name="fig.spam-stats"></a><p class="title"><b>Figure 34.1. Spam statistics</b></p><div class="figure-contents">
<div class="mediaobject"><img src="images/spamstat.png" alt="Spam statistics"></div>
</div></div><br class="figure-break">
<p>The graph above makes two assumption;</p>
<p>
</p><div class="orderedlist"><ol class="orderedlist" type="1"><li class="listitem">
<p>The spam setup has two levels of identifications and how spams are
handled. Suspected email are either deleted immediately (by sending them
to <span class="command"><strong>dev/null</strong></span>) or storing the email in the users spam
folder.</p>
</li><li class="listitem">
<p>The log files from the mail server are available for analysis.</p>
</li></ol></div><p>
</p>
<p>In the following we will construct a complete PHP command line script that will be
run periodically and analyse the email logs and produce a graph similar to what is
shown above. The script assume that the log file uses <span class="command"><strong>procmail</strong></span>
log format so that the folder where each mail is stored are logged.</p>
<p>
</p><div class="warning" title="Warning" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Warning</h3>
<p>For very high load email servers doing log file analysis in PHP is
probably not a very good idea due to performance reasons in regards to both
time and memory constraints. We do not make any claim that the scripts below
is enough optimized to be used on high volume mail servers.</p>
</div><p>
</p>
<p>The script will consist of three parts</p>
<div class="orderedlist"><ol class="orderedlist" type="1"><li class="listitem">
<p>A parser to scan the log file and create the data</p>
</li><li class="listitem">
<p>A suitable graph script to create an accumulated bar graph</p>
</li><li class="listitem">
<p>Uploading of the created image file with the graph to a server where
it will be displayed</p>
</li></ol></div><p>We will therefore use three classes that corresponds to each step
above. </p>
<p>To define the different files and ftp credentials we will use the following
symbolic constants which will need to be defined depending on the system setup.
Constants that must be adjusted is marked as <code class="code">"..."</code>.</p>
<p>
</p><div class="hl-main"><table class="hl-table" width="100%"><tr><td class="hl-gutter" align="right" valign="top"><pre>1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
</pre></td><td class="hl-main" valign="top"><pre><span class="hl-inlinetags">&lt;?php</span><span class="hl-code">
/ </span><span class="hl-identifier">FTP</span><span class="hl-code"> </span><span class="hl-identifier">Server</span><span class="hl-code"> </span><span class="hl-identifier">credentials</span><span class="hl-code">
</span><span class="hl-reserved">DEFINE</span><span class="hl-brackets">(</span><span class="hl-quotes">'</span><span class="hl-string">FTP_SERVER</span><span class="hl-quotes">'</span><span class="hl-code">,</span><span class="hl-quotes">'</span><span class="hl-string">...</span><span class="hl-quotes">'</span><span class="hl-brackets">)</span><span class="hl-code">;
</span><span class="hl-reserved">DEFINE</span><span class="hl-brackets">(</span><span class="hl-quotes">'</span><span class="hl-string">FTP_UID</span><span class="hl-quotes">'</span><span class="hl-code">,</span><span class="hl-quotes">'</span><span class="hl-string">...</span><span class="hl-quotes">'</span><span class="hl-brackets">)</span><span class="hl-code">;
</span><span class="hl-reserved">DEFINE</span><span class="hl-brackets">(</span><span class="hl-quotes">'</span><span class="hl-string">FTP_PWD</span><span class="hl-quotes">'</span><span class="hl-code">,</span><span class="hl-quotes">'</span><span class="hl-string">...</span><span class="hl-quotes">'</span><span class="hl-brackets">)</span><span class="hl-code">;
</span><span class="hl-comment">//</span><span class="hl-comment"> Directory on FTP server where the image should be stored</span><span class="hl-comment"></span><span class="hl-code">
</span><span class="hl-reserved">DEFINE</span><span class="hl-brackets">(</span><span class="hl-quotes">'</span><span class="hl-string">FTP_DIR</span><span class="hl-quotes">'</span><span class="hl-code">,</span><span class="hl-quotes">'</span><span class="hl-string">...</span><span class="hl-quotes">'</span><span class="hl-brackets">)</span><span class="hl-code">;
</span><span class="hl-comment">//</span><span class="hl-comment"> Which procmail logfile to read</span><span class="hl-comment"></span><span class="hl-code">
</span><span class="hl-reserved">DEFINE</span><span class="hl-brackets">(</span><span class="hl-quotes">'</span><span class="hl-string">PROCMAIL_LOGFILE</span><span class="hl-quotes">'</span><span class="hl-code">,</span><span class="hl-quotes">'</span><span class="hl-string">...</span><span class="hl-quotes">'</span><span class="hl-brackets">)</span><span class="hl-code">;
</span><span class="hl-comment">//</span><span class="hl-comment"> 2 Weeks windows to display</span><span class="hl-comment"></span><span class="hl-code">
</span><span class="hl-reserved">DEFINE</span><span class="hl-brackets">(</span><span class="hl-quotes">'</span><span class="hl-string">WINDOWSIZE</span><span class="hl-quotes">'</span><span class="hl-code">,</span><span class="hl-number">14</span><span class="hl-brackets">)</span><span class="hl-code">;
</span><span class="hl-comment">//</span><span class="hl-comment"> Where to store the temporary image file</span><span class="hl-comment"></span><span class="hl-code">
</span><span class="hl-reserved">DEFINE</span><span class="hl-brackets">(</span><span class="hl-quotes">'</span><span class="hl-string">IMGFILE</span><span class="hl-quotes">'</span><span class="hl-code">,</span><span class="hl-quotes">'</span><span class="hl-string">/tmp/spamstat.png</span><span class="hl-quotes">'</span><span class="hl-brackets">)</span><span class="hl-code">;
</span><span class="hl-inlinetags">?&gt;</span></pre></td></tr></table></div><p>
</p>
<p>The whole process is then driven by the following relative small main
script:</p>
<p>
</p><div class="hl-main"><table class="hl-table" width="100%"><tr><td class="hl-gutter" align="right" valign="top"><pre>1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
</pre></td><td class="hl-main" valign="top"><pre><span class="hl-inlinetags">&lt;?php</span><span class="hl-code">
</span><span class="hl-comment">//</span><span class="hl-comment"> Use the text based error handling and log potential errors to the </span><span class="hl-comment"></span><span class="hl-code">
</span><span class="hl-comment">//</span><span class="hl-comment"> system default system logger</span><span class="hl-comment"></span><span class="hl-code">
</span><span class="hl-identifier">JpGraphError</span><span class="hl-code">::</span><span class="hl-identifier">SetImageFlag</span><span class="hl-brackets">(</span><span class="hl-reserved">false</span><span class="hl-brackets">)</span><span class="hl-code">;
</span><span class="hl-identifier">JpGraphError</span><span class="hl-code">::</span><span class="hl-identifier">SetLogFile</span><span class="hl-brackets">(</span><span class="hl-quotes">'</span><span class="hl-string">syslog</span><span class="hl-quotes">'</span><span class="hl-brackets">)</span><span class="hl-code">;
</span><span class="hl-identifier">JpGraphError</span><span class="hl-code">::</span><span class="hl-identifier">SetTitle</span><span class="hl-brackets">(</span><span class="hl-quotes">'</span><span class="hl-string">Spamstat Message: </span><span class="hl-quotes">'</span><span class="hl-brackets">)</span><span class="hl-code">;
</span><span class="hl-comment">//</span><span class="hl-comment">--------------------------------------------------------------------------- </span><span class="hl-comment"></span><span class="hl-code">
</span><span class="hl-comment">//</span><span class="hl-comment"> Step 1) Get the statistics. We return a window of WINDOWSIZE days</span><span class="hl-comment"></span><span class="hl-code">
</span><span class="hl-comment">//</span><span class="hl-comment">---------------------------------------------------------------------------</span><span class="hl-comment"></span><span class="hl-code">
</span><span class="hl-var">$parser</span><span class="hl-code"> = </span><span class="hl-reserved">new</span><span class="hl-code"> </span><span class="hl-identifier">ParseProcmailLogFile</span><span class="hl-brackets">(</span><span class="hl-identifier">PROCMAIL_LOGFILE</span><span class="hl-brackets">)</span><span class="hl-code">;
</span><span class="hl-reserved">list</span><span class="hl-brackets">(</span><span class="hl-var">$xdata</span><span class="hl-code">, </span><span class="hl-var">$ydata</span><span class="hl-code">, </span><span class="hl-var">$y2data</span><span class="hl-brackets">)</span><span class="hl-code"> = </span><span class="hl-var">$parser</span><span class="hl-code">-&gt;</span><span class="hl-identifier">GetStat</span><span class="hl-brackets">(</span><span class="hl-identifier">WINDOWSIZE</span><span class="hl-brackets">)</span><span class="hl-code">;
</span><span class="hl-comment">//</span><span class="hl-comment">---------------------------------------------------------------------------</span><span class="hl-comment"></span><span class="hl-code">
</span><span class="hl-comment">//</span><span class="hl-comment"> Step 2) Create the graph and store it in the file IMGFILE</span><span class="hl-comment"></span><span class="hl-code">
</span><span class="hl-comment">//</span><span class="hl-comment">---------------------------------------------------------------------------</span><span class="hl-comment"></span><span class="hl-code">
</span><span class="hl-var">$width</span><span class="hl-code"> = </span><span class="hl-number">650</span><span class="hl-code">; </span><span class="hl-var">$height</span><span class="hl-code"> = </span><span class="hl-number">420</span><span class="hl-code">;
</span><span class="hl-var">$sgraph</span><span class="hl-code"> = </span><span class="hl-reserved">new</span><span class="hl-code"> </span><span class="hl-identifier">SpamGraph</span><span class="hl-brackets">(</span><span class="hl-var">$width</span><span class="hl-code">,</span><span class="hl-var">$height</span><span class="hl-brackets">)</span><span class="hl-code">;
</span><span class="hl-var">$sgraph</span><span class="hl-code">-&gt;</span><span class="hl-identifier">Create</span><span class="hl-brackets">(</span><span class="hl-identifier">IMGFILE</span><span class="hl-code">,</span><span class="hl-var">$xdata</span><span class="hl-code">,</span><span class="hl-var">$ydata</span><span class="hl-code">,</span><span class="hl-var">$y2data</span><span class="hl-brackets">)</span><span class="hl-code">;
</span><span class="hl-comment">//</span><span class="hl-comment">---------------------------------------------------------------------------</span><span class="hl-comment"></span><span class="hl-code">
</span><span class="hl-comment">//</span><span class="hl-comment"> Step 3) Upload the file to the FTP_SERVER server and store the</span><span class="hl-comment"></span><span class="hl-code">
</span><span class="hl-comment">//</span><span class="hl-comment"> local file IMGFILE with the same base name in directory FTP_DIR </span><span class="hl-comment"></span><span class="hl-code">
</span><span class="hl-comment">//</span><span class="hl-comment">---------------------------------------------------------------------------</span><span class="hl-comment"></span><span class="hl-code">
</span><span class="hl-var">$ftp</span><span class="hl-code"> = </span><span class="hl-reserved">new</span><span class="hl-code"> </span><span class="hl-identifier">FTPUploader</span><span class="hl-brackets">(</span><span class="hl-identifier">FTP_SERVER</span><span class="hl-code">,</span><span class="hl-identifier">FTP_UID</span><span class="hl-code">,</span><span class="hl-identifier">FTP_PWD</span><span class="hl-brackets">)</span><span class="hl-code">;
</span><span class="hl-var">$ftp</span><span class="hl-code">-&gt;</span><span class="hl-identifier">Upload</span><span class="hl-brackets">(</span><span class="hl-identifier">IMGFILE</span><span class="hl-code">,</span><span class="hl-identifier">FTP_DIR</span><span class="hl-brackets">)</span><span class="hl-code">;
</span><span class="hl-inlinetags">?&gt;</span></pre></td></tr></table></div><p>
</p>
<p>For brevity we have excluded the lines that defines the symbolic constants above
and also the inclusion of the necessary library files.</p>
<p>In the following sections we will shortly discuss each of the three support
classes.</p>
</div>
</div><div class="navfooter"><hr><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"> </td><td width="20%" align="center"><a accesskey="u" href="pt08.html">Up</a></td><td width="40%" align="right"> </td></tr><tr><td width="40%" align="left" valign="top"> </td><td width="20%" align="center"><a accesskey="h" href="index.html">Home</a></td><td width="40%" align="right" valign="top"> </td></tr></table></div></body></html>