diff options
Diffstat (limited to 'debian/man/rspamd_stats.8')
| -rw-r--r-- | debian/man/rspamd_stats.8 | 153 |
1 files changed, 153 insertions, 0 deletions
diff --git a/debian/man/rspamd_stats.8 b/debian/man/rspamd_stats.8 new file mode 100644 index 0000000..902ad8f --- /dev/null +++ b/debian/man/rspamd_stats.8 @@ -0,0 +1,153 @@ +.\" Automatically generated by Pandoc 1.19.2.4 +.\" +.TH "RSPAMD_STATS" "8" "March 5, 2018" "" "" +.hy +.SH NAME +.PP +rspamd_stats \- analyze Rspamd rules by parsing log files +.SH SYNOPSIS +.PP +rspamd_stats [\f[I]options\f[]] [\f[I]\-\-symbol=SYM1\f[] +[\f[I]\-\-symbol=SYM2\f[]...]] [\f[I]\-\-log file\f[]] +.SH DESCRIPTION +.PP +rspamd_stats will read the given log file (or standard input) and +provide statistics for the specified symbols: +.IP +.nf +\f[C] +Symbol:\ BAYES_SPAM\ (weight\ 3.763)\ (381985\ hits,\ 26.827%) +Ham\ hits:\ 184557\ (48.315%),\ total\ ham:\ 1095487\ (ham\ with\ BAYES_SPAM:\ 16.847%) +Spam\ hits:\ 15134\ (3.962%),\ total\ spam:\ 16688\ (spam\ with\ BAYES_SPAM:\ 90.688%) +Junk\ hits:\ 182294\ (47.723%),\ total\ junk:\ 311699\ (junk\ with\ BAYES_SPAM:\ 58.484%) +Spam\ changes\ (ham/junk\ \->\ spam):\ 7026\ (1.839%),\ total\ percentage\ (changes\ /\ spam\ hits):\ 42.102% +Junk\ changes\ (ham\ \->\ junk):\ 95192\ (24.920%),\ total\ percentage\ (changes\ /\ junk\ hits):\ 30.540% +\f[] +.fi +.PP +Where there are the following attributes: +.IP \[bu] 2 +Weight: average score for a symbols +.IP \[bu] 2 +Total hits: total number of hits and percentage of symbol hits divided +by total number of messages +.IP \[bu] 2 +HAM hits: provides the following information about HAM messages with the +specified symbol (from left to right): +.IP "1." 3 +total symbol hits: number of messages that has this symbol and are HAM +.IP "2." 3 +ham percentage: number of symbol hits divided by overall HAM messages +count +.IP "3." 3 +total ham hits: overall number of HAM messages +.IP "4." 3 +ham with symbol percentage: percentage of number of hits with specified +symbol in HAM messages divided by total number of HAM messages. +.IP \[bu] 2 +SPAM hits: provides the following information about SPAM messages \- +same as previous but for SPAM class. +.IP \[bu] 2 +Junk hits: provides the following information about Junk messages \- +same as previous but for JUNK class. +.IP \[bu] 2 +Spam changes: displays data about how much messages switched their class +because of the specific symbol weight. +.IP \[bu] 2 +Junk changes: displays data about how much messages switched their class +because of the specific symbol weight. +.SH OPTIONS +.TP +.B \-\-log +Specifies log file or directory to read data from. +If a directory is specified rspamd_stats analyses files in the directory +including known compressed file types. +Number of log files can be limited using \-\-num\-logs and +\-\-exclude\-logs options. +This assumes that files in the log directory have newsyslog(8)\- or +logrotate(8)\-like name format with numeric indexes. +Files without indexes (generally it is merely one file) are considered +the most recent and files with lower indexes are considered newer. +.RS +.RE +.TP +.B \-\-reject\-score +Specifies the reject (spam) threshold. +.RS +.RE +.TP +.B \-\-junk\-score +Specifies the junk (add header or rewrite subject) threshold. +.RS +.RE +.TP +.B \-\-alpha\-score +Specifies the minimum score for a symbol to be considered by this +script. +.RS +.RE +.TP +.B \-\-symbol +Add symbol or pattern (pcre format) to analyze. +.RS +.RE +.TP +.B \-\-num\-logs +If set, limits number of analyzed logfiles in the directory to the +specified value. +.RS +.RE +.TP +.B \-\-exclude\-logs +Number of latest logs to exclude (0 by default). +.RS +.RE +.TP +.B \-\-correlations +Additionally print correlation rate for each symbol displayed. +This routine calculates merely paired correlations between symbols. +.RS +.RE +.TP +.B \-\-search\-pattern +Do not process input unless finding the specified regular expression. +Useful to skip logs to a certain position. +.RS +.RE +.TP +.B \-\-exclude +Exclude log lines if certain symbols are fired (e.g. +GTUBE). +You may specify this option multiple time to skip multiple symbols. +.RS +.RE +.TP +.B \-\-start +Select log entries after this time. +Format: "YYYY\-MM\-DD HH:MM:SS" (can be truncated to any desired +accuracy). +If used with \-\-end select entries between \-\-start and \-\-end. +The omitted date defaults to the current date if you supply the time. +.RS +.RE +.TP +.B \-\-end +Select log entries before this time. +Format: "YYYY\-MM\-DD HH:MM:SS" (can be truncated to any desired +accuracy). +If used with \-\-start select entries between \-\-start and \-\-end. +The omitted date defaults to the current date if you supply the time. +.RS +.RE +.TP +.B \-\-help +Print a brief help message and exits. +.RS +.RE +.TP +.B \-\-man +Prints the manual page and exits. +.RS +.RE +.SH AUTHORS +Vsevolod Stakhov. |