Good Morning,
i ran into some trouble this morning while 'improving' my monitoring stuff. i would like to get a warning when the number of mails sent (outbound) by postfix is above a certain number. so far, so easy. to test that i simply put
cat /var/log/mail.info | grep 'to=<' | grep -v -e 'relay=dovecot\|relay=127*'
in the bash to rule out every line from amavis or incoming mail or locally sent stuff. that works like a charm and gives me exactly what i want. the same works with
tail -100 /var/log/mail.info | grep 'to=<' | grep -v -e 'relay=dovecot\|relay=127*'
and here is my problem: it completely failes me with
tail -f /var/log/mail.info | grep 'to=<' | grep -v -e 'relay=dovecot\|relay=127*'
but thats what i would prefer to use for 'real time' stuff. so how can i trust my numbers?
I am aware that i can go through the Logs, starting with the line 'last seen' and thats what Zabbix does anyway but i wonder why it does not work with the '-f' option ?
Can someone give me a push in the right direction here?