This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Error with Log Searching in PureMessage multi server deployment

Hi All,

I've logged a support case regarding this issue on the 26th but unfortunately fail to get any positive feedback so far so decided to try my luck here in this forum.

I'm configuring a PMX multy server deployment with Central server and 2 Edge servers (PMX version 5.5.9). I need help on configuring Logserching option in http://xxx.xxx.xxx.xxx:28443/groups interface. I have successfully use this option on single server deployments but this is the first time I'm tying this on a multi server setup. I have already increased the "remote_search_timeout" value in /opt/pmx/etc/logsearch.conf to prevent search timeouts. I have no connectivity issues between CSM & Edge servers as I can telnet on port 28443 for both directions. Please advice whether I need to perform additional configurations in my scenario. My CSM is using sendmail as the MTA but both Edge servers are running POSTFIX. When I try to search logs, it says " Note Your search returned 0 results."

Kind regards,
Pubudu.

This thread was automatically locked due to age.

0 MarkJD over 14 years ago

Hey Pubudu,

Postfix is the only MTA supported with logsearch so there may be some issues having a mixed Sendmail/Postfix configuration.

On an edge server that has Postfix as the MTA, if you run the following command as the pmx user:

$ pmx-logsearch

Do you get any output?

It's good to check if there is any data so that one can decipher between a server communication issue and a data accumulation issue.

:1068
Cancel
Vote Up 0 Vote Down

Cancel
0 Pubudu over 14 years ago

Hi Mark,
Thanks for the feedback. Even though I am using sendmail in my CSM, CSM server does not do any mail processing. MTA (sendmail) is used only to handle "Quarantine Digests". Please confirm whether I should enable Logsearch service on the CSM as well.
I ran

# pmx-logsearch-index status

# pmx-logsearch

Commands on the CSM server and then on my two edge servers. Please see below outputs and kindly give your thoughts.
Regards,
Pubudu.
CSM SERVER

[pmx@pmxcent ~]$ pmx-logsearch-index status
Log Search Index is not running.
[pmx@pmxcent ~]$ pmx-logsearch
Your search did not return any results.
EDGE Server 1

[pmx@edge1 ~]$ pmx-logsearch-index status
Log Search Index is running:
disk usage current : 79028224
disk usage max : 2147483648
index expire days : 7
indexer lines : 387325
indexer lines/sec : 0.65
items in queue : 745
maillog : /var/log/maillog
maillog last line : Feb 2 09:34:42 edge1 postfix/smtpd[799]: disconnect from unknown[58.137.229.126]
maillog lines consumed : 2093380
maillog lines/sec : 3.50
maillog time : Tue Feb 2 09:34:42 2010 (1265083482)
messagelog : /opt/pmx/var/log/message_log
messagelog last line : 2010-02-02T09:34:41 q=4B67A459_32389_863_1 f=<bbprov@slt.com.lk> t=<bbprov@slt.com.lk> Size=2154 pmx_action=?q?quarantine,Block_List,-,bbprov@slt.com.lk,bbprov@slt.com.lk pmx_reason=?q?Block_List fur=95.58.233.157 b=reject s=?q?User_bbprov_Unique_80%_Sale r=unknown tm=0.23 a=d/eom
messagelog lines consumed: 161434
messagelog lines/sec : 0.27
messagelog time : Tue Feb 2 09:34:41 2010 (1265083481)
pid : 8177
status generated at : Tue Feb 2 09:34:45 2010
uptime : 598714

[pmx@edge1 ~]$ pmx-logsearch
Some problems occured when attempting to search remote servers:
https://172.21.2.102:28443/services/logsearch/query?count=10&offset=0:
408 User-agent timeout (select)
===== MESSAGE 01 =========================
to: harishnif@slt.com.lk
from: harishnif@slt.com.lk
action: Reject
subject: -
connecting relay: 59.92.206.44
downstream relay: 59.92.206.44
fetchkey: 172.21.2.103~2010-02-02~0001473346
date: 2010-02-02T09:35:32

===== MESSAGE 02 =========================
to: kapuru5@slt.com.lk
from: kapuru5@slt.com.lk
action: Reject
subject: -
connecting relay: 41.250.208.9
downstream relay: 41.250.208.9
fetchkey: 172.21.2.103~2010-02-02~0001472657
date: 2010-02-02T09:35:28

===== MESSAGE 03 =========================
to: kushan@slt.com.lk,shirazm@slt.com.lk
from: nimal@crescat.com
action: Deliver,Deliver
subject: Very Urgent (U-path cen 2397299-SLT billing system)
connecting relay: 216.82.249.131
downstream relay: 172.25.1.110[172.25.1.110]:25
fetchkey: 172.21.2.103~2010-02-02~0001472870
date: 2010-02-02T09:35:26

===== MESSAGE 04 =========================
to: chandramali@slt.com.lk
from: chandramali@slt.com.lk
action: Reject
subject: -
connecting relay: 89.165.73.202
downstream relay: 89.165.73.202
fetchkey: 172.21.2.103~2010-02-02~0001471504
date: 2010-02-02T09:35:22

===== MESSAGE 05 =========================
to: chandramala@slt.com.lk
from: chandramala@slt.com.lk
action: Reject
subject: -
connecting relay: 89.165.73.202
downstream relay: 89.165.73.202
fetchkey: 172.21.2.103~2010-02-02~0001472430
date: 2010-02-02T09:35:22

===== MESSAGE 06 =========================
to: chandralatha@slt.com.lk
from: chandralatha@slt.com.lk
action: Reject
subject: -
connecting relay: 89.165.73.202
downstream relay: 89.165.73.202
fetchkey: 172.21.2.103~2010-02-02~0001471731
date: 2010-02-02T09:35:22

===== MESSAGE 07 =========================
to: chandrakumara@slt.com.lk
from: chandrakumara@slt.com.lk
action: Reject
subject: -
connecting relay: 89.165.73.202
downstream relay: 89.165.73.202
fetchkey: 172.21.2.103~2010-02-02~0001471961
date: 2010-02-02T09:35:22

===== MESSAGE 08 =========================
to: chandrakumarag@slt.com.lk
from: chandrakumarag@slt.com.lk
action: Reject
subject: -
connecting relay: 89.165.73.202
downstream relay: 89.165.73.202
fetchkey: 172.21.2.103~2010-02-02~0001472194
date: 2010-02-02T09:35:22

===== MESSAGE 09 =========================
to: asithap@slt.com.lk
from: zajidava5399@sky.com
action: Reject
subject: -
connecting relay: 90.220.193.169
downstream relay: 90.220.193.169
fetchkey: 172.21.2.103~2010-02-02~0001470143
date: 2010-02-02T09:35:19

===== MESSAGE 10 =========================
to: asithj@slt.com.lk
from: uuxut6538@sky.com
action: Reject
subject: -
connecting relay: 90.220.193.169
downstream relay: 90.220.193.169
fetchkey: 172.21.2.103~2010-02-02~0001470362
date: 2010-02-02T09:35:19
EDGE Server 2

[pmx@edge2 ~]$ pmx-logsearch-index status
Log Search Index is running:
disk usage current : 49000448
disk usage max : 2147483648
index expire days : 7
indexer lines : 220765
indexer lines/sec : 0.38
items in queue : 786
maillog : /var/log/maillog
maillog last line : Feb 2 09:39:25 edge2 postfix/smtp[14710]: 87BEF26503FB: host g.mx.mail.yahoo.com[98.137.54.238] refused to talk to me: 421 4.7.0 [TS01] Messages from 203.115.12.118 temporarily deferred due to user complaints - 4.16.55.1; see http://postmaster.yahoo.com/421-ts01.html
maillog lines consumed : 1267391
maillog lines/sec : 2.17
maillog time : Tue Feb 2 09:39:25 2010 (1265083765)
messagelog : /opt/pmx/var/log/message_log
messagelog last line : 2010-02-02T09:39:24 q=4B67A574_6046_49151_1 f=<yamunaw@slt.com.lk> t=<bluechipdk@gmail.com> pmx_action=keep,-,-,bluechipdk@gmail.com,bluechipdk@gmail.com vs fur=none i s=?q?FW:_Ponseka_dan_kiyanne_..........meka r=owa.intranet.slt.com.lk tm=0.06 a=a/eom
messagelog lines consumed: 95918
messagelog lines/sec : 0.16
messagelog time : Tue Feb 2 09:39:24 2010 (1265083764)
pid : 4300
status generated at : Tue Feb 2 09:39:26 2010
uptime : 584707

[pmx@edge2 ~]$ pmx-logsearch
Some problems occured when attempting to search remote servers:
https://172.21.2.102:28443/services/logsearch/query?count=10&offset=0:
408 User-agent timeout (select)
===== MESSAGE 01 =========================
to: rsmyers@slt.com.lk
from: inuculye1585@charter.com
action: Reject
subject: -
connecting relay: 24.180.10.188
downstream relay: 24.180.10.188
fetchkey: 172.21.2.103~2010-02-02~0001542710
date: 2010-02-02T09:39:59

===== MESSAGE 02 =========================
to: samankumara@slt.com.lk
from: eroeudyqes9685@charter.com
action: Reject
subject: -
connecting relay: 24.180.10.188
downstream relay: 24.180.10.188
fetchkey: 172.21.2.103~2010-02-02~0001542931
date: 2010-02-02T09:39:59

===== MESSAGE 03 =========================
to: pimulgoda@slt.com.lk
from: pimulgoda@slt.com.lk
action: Reject
subject: -
connecting relay: 116.36.242.68
downstream relay: 116.36.242.68
fetchkey: 172.21.2.103~2010-02-02~0001542016
date: 2010-02-02T09:39:57

===== MESSAGE 04 =========================
to: prasanna.d.alwis@gmail.com
from: aasoka@slt.com.lk
action: Deliver
subject: FW: SW database updated for the month of January.
connecting relay: 172.25.1.111
downstream relay: gmail-smtp-in.l.google.com[209.85.222.42]:25
fetchkey: 172.21.2.103~2010-02-02~0001542237
date: 2010-02-02T09:39:55

===== MESSAGE 05 =========================
to: 3dilmi@slt.com.lk
from: 3dilmi@slt.com.lk
action: Reject
subject: -
connecting relay: 89.159.41.138
downstream relay: 89.159.41.138
fetchkey: 172.21.2.103~2010-02-02~0001541804
date: 2010-02-02T09:39:53

===== MESSAGE 06 =========================
to: lalp@slt.com.lk
from: ezosiduu3973@proxad.net
action: Reject
subject: -
connecting relay: 82.64.173.70
downstream relay: 82.64.173.70
fetchkey: 172.21.2.103~2010-02-02~0001541592
date: 2010-02-02T09:39:52

===== MESSAGE 07 =========================
to: anu g@slt.com.lk
from: jyyjuzuw9362@t-com.hr
action: Reject
subject: -
connecting relay: 93.137.31.140
downstream relay: 93.137.31.140
fetchkey: 172.21.2.103~2010-02-02~0001540482
date: 2010-02-02T09:39:46

===== MESSAGE 08 =========================
to: telesi@slt.com.lk
from: iuryyja9360@vtr.net
action: Reject
subject: -
connecting relay: 190.44.127.4
downstream relay: 190.44.127.4
fetchkey: 172.21.2.103~2010-02-02~0001540909
date: 2010-02-02T09:39:46

===== MESSAGE 09 =========================
to: swby@slt.com.lk
from: inoteudu6659@mchsi.com
action: Reject
subject: -
connecting relay: 173.30.28.255
downstream relay: 173.30.28.255
fetchkey: 172.21.2.103~2010-02-02~0001540696
date: 2010-02-02T09:39:46

===== MESSAGE 10 =========================
to: Ushan.Alawaththage@dialog.lk
from: ayodhya@slt.com.lk
action: Deliver
subject: RE: Request for re-creation of XCQTO73 route as DTP O/G route
connecting relay: 172.25.1.111
downstream relay: spamwall2.dialog.lk[202.69.200.129]:25
fetchkey: 172.21.2.103~2010-02-02~0001543162
date: 2010-02-02T09:39:44

:1073
Cancel
Vote Up 0 Vote Down

Cancel
0 Barney over 13 years ago

Hi guys,
I have the same problem ... what was the solution?
Cheers,
Barney
:16673
Cancel
Vote Up 0 Vote Down

Cancel
0 JasonWong over 13 years ago

Hi Barney,
If you see the 408 time-out error when running the pmx-logsearch command this is usually a sign that the communicaton between the PureMessage hosts are taking too long to answer and the logsearch command timing out. You can adjust the time-out by looking in /opt/pmx/etc/logsearch.conf. You can read more information about the logsearch.conf file by doing 'man logsearch.conf' as the pmx user.
-Jason
:16711
Cancel
Vote Up 0 Vote Down

Cancel