microsoft/CSS-Exchange

Exchange SMTP Protocol Logging Reviewer

Open

#891 创建于 2022年2月9日

在 GitHub 查看
 (0 评论) (0 反应) (0 负责人)PowerShell (985 star) (234 fork)batch import
Low PriorityNew Tool Requesthelp wanted

描述

Is your request related to a problem? Please describe. It is hard to follow the flow of the protocol logging and call out possible issues.

Describe The Request Create a new script that is able to assist with SMTP protocol logging review.

Key points to included:

  • Generic review of the log to find any issues like sessions being started but never used
  • Following a single message from start to finish hopping between servers
    • Call out possible logs missing for full review
  • Call out large time gaps between entries - Example: BDAT sending 700 bytes the next entry is a session closed 5 minutes later.
  • Able to run on Exchange - Made easier to hop between servers following a message due to EMS
  • Able to run on Engineer computer who collected the logs for off-site review
  • If entire message is found and delivered, do a report that includes time stamps and flow of the message

贡献者指南

技术栈
shell
领域
observabilitytooling
议题类型
feature
难度面向新贡献者的预计实现难度,1 表示很小改动,5 表示专家级工作。
3
预计时间有经验贡献者完成调查、实现、测试并准备 pull request 的粗略时间范围。
3-5 days
活动状态议题当前的可参与程度:新鲜、活跃、陈旧、阻塞或等待维护者输入。
stale
清晰度议题是否清楚说明期望改动、验收标准和下一步。
clear
前置要求
Exchange SMTP logging familiarityPowerShell scriptingLog analysis concepts
新手友好度1-100 的估计分数,表示该议题对首次贡献者的友好程度。
50
研究方向
Examine existing log parsing tools in the repository. Understand the format of Exchange SMTP protocol logs (typically text files). Create a script that can scan logs for anomalies like abandoned sessions, track message flow across multiple servers, and detect large time gaps. Consider adding options for reporting and exporting results.