Skip to content

extended POSTFIX_TLSCONN for a higher smtpd_tls_loglevel #187

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jan 29, 2024
Merged

extended POSTFIX_TLSCONN for a higher smtpd_tls_loglevel #187

merged 1 commit into from
Jan 29, 2024

Conversation

@ulab
Copy link
Contributor

@ulab ulab commented Jan 29, 2024

Postfix 3.5.23 on a Debian 11.8 with smtpd_tls_loglevel set to 1.

Of course I noticed that the reason for the failed pattern was because I increased the default loglevel after I had extended the pattern and added a test file. But maybe the extra data will help someone else too.

If not it might be an idea to have some %{GREEDYDATA} at the end of POSTFIX_TLSCONN so at least extended lines do not fail the basic pattern?

@whyscream
Copy link
Owner

whyscream commented Jan 29, 2024

Hi @ulab ,

I never noticed this difference, because I don't use the increased TLS loglevel. Nice catch!
I'm going to merge this PR, but I'll update the newly added keys to use underscores in stead of dashes, because this matches the existing formatting better.

@whyscream whyscream merged commit 85c3ad4 into whyscream:main Jan 29, 2024
@ulab
Copy link
Contributor Author

ulab commented Jan 29, 2024

I had used the dashes because the log message used it and fields like postfix_message-id still has a dash too.

It's not like a divider between subfields in that case.

[which should be changed to . anyway like the more modern ECS variants do… ;)]

@ulab ulab deleted the extend_tlsconn branch January 29, 2024 21:40
@whyscream
Copy link
Owner

whyscream commented Feb 2, 2024

Ah yes, those fields come from the automatically parsed key-value-data indeed. I created issue #191 about ECS-style field naming.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@ulab @whyscream