I’m very new to Graylog and now I’m stuck in analyzing my MX server. The MX is a CentOS 7 with a Postfix MTA with Postgrey greylisting and AMaVisD-New for spam and virus protection. Now I wanted to read the sender, the recipient and the sending SMTP server. But when I look in the logs there are more than one line I need to read and extract to get my information. I searched the marketplace and Google for a solution but I didn’t find anything. Has anyone a way to get the information I need.
Thanks a lot