Useful grep / sort / unquie commands.

Some useful bash commands to parser Postfix logs.


Create a list of authentication failed by IP address. Sort with the most failures first.
grep "SASL LOGIN authentication failed" /var/log/mail.log |cut -d "[" -f 3 |cut -d "]" -f 1 |sort -n |uniq -c |sort -n -r


Create a list of Reject_waringing and consolate the email addresses.. Sort with the most Rejects first
grep reject_warning /var/log/mail.log |cut -d "=" -f 2 |cut -d ">" -f 1 |cut -d "<" -f 2 |sort -n |uniq -c |sort -n -r