SrvReport - Automatic Server Reporting System


SrvReport is a simple and featurefull server monitoring and reporting system. It can send every day a mail with the latest state of the server including:

  • Network traffic report (including graph per hour)
  • Network traffic via 'iptables'
  • Web-server traffic and vhost report
  • CPU usage report (including dayly graph per quater)
  • Xfer-logs (ftp)
  • Analyse of postfix/sendmail mail-log (to, from, size)
  • Analyse of qpopper checks (username, # of checks, time)
  • Last authenticated users
  • Report of server warnings
  • System informations (mounted volumes / meminfo)
  • Optional test for rootkits (with chkrootkit)
  • Optional may other reports (via config-file)

The email report will be in HTML (mime with graphics) and text-only format. It is primarily designed for admins who has a server on a remote location and who wants to know what is going on, without always looking at some log-files.

Additional feature:

  • Fully localized
  • Design is flexible via CSS
  • Highly configurable via config-file and different reporting modules

Here is a full mail-example

Project page


Releases can be found here.

Sometimes SF has some problems with the download. If this happens you can also download it from here


The change log is available here.



The configuration is located in bin/srvreport.conf. The configuration is very easy. There are only a few global settings and then you just need to specify which "modules" you want to use.

Global Settings


Here is an complete example for an configuration


Reports are generated via "modules". This are perl modules which implement the report generation for a specific task. In the actual state, the following report-modules are already available.

Each module config section starts with the names in square brackets: [name]
This name is also used in the order setting under global settings. In the following each section must contain at least the following keys:


With this report-module you can simply show any kind of log-entries or outputs from some command in your reports.
I use it for reporting of server warnings, FTP-log entries, a list of the logins (via /usr/bin/last-commandentries and for checking of rootkits (via chkrootkit).

The configuration is very flexible. It contains the following entries:

This file will be read and used for analyse. The name of the file can also contain special keywords, which will be repaced during processing:
If this is set to 1 then the whole file is processed against the pattern or regex (if specified). If this is not set or set to 0, then it is tried to check against the pattern which contains a "%timex" key. And only the lines which contains the actual date of the report is used.
For more info see:Pattern syntax
If you do not specify a pattern, you can also use some regual expression.
module      = LogReport
description = FTP-Logs
file        = /var/log/xferlog
pattern     = %o %time1
Here is a more complete example for an configuration
And here is the given mail-output


With this you can analyse web-server logfiles (like apache logfiles). One problem of analysing log files is logrotate. To overcome this I used an for the apache server. With this pipelog it is possible to create an logfile for every day without restarting or reloading the web server. This logfile can now be analysed (if the day is over) and afterwords deleted.

The apache is also included in this release (in the bin directory).
If you want to use this, you just need to change the /etc/httpd/httpd.conf and add the following entries (if you have vhosts):

LogFormat "%v \"%{Host}i\" %h %t \"%r\" %>s %b" srvreport
CustomLog |/root/srvreport-x.xx/bin/ srvreport

You also can use any kind of LogFormat. You then only have to change the default pattern string in the srvreport.conf files.

module      = HttpdReport
description = Web-Server
file        = /var/log/httpd/srvreport_%%YYYY-%%MM-%%DD
wholeFile = 1
showHTTPStatus = 1
pattern     = %o %"vhost %o %time3 %"o %state %bytes
Here is a more complete example for an configuration
And here is the given mail-output


For reporting the traffic, the /proc/net/dev file is used. It reports in/out traffic since system boot. All values are read every 15 minutes and are stored in a separate file in data directory. This file is then read right after midnight when the report is generated. Afterwords, this file is deleted.
module      = TrafficReport
description = Traffic report
file        = /proc/net/dev
interface   = eth0:
pattern     = %interface %in %o %o %o %o %o %o %o %out
Here is a more complete example for an configuration
And here is the given mail-output


It used the /usr/bin/uptime command. This is read as "normal" file via the "pipe" symbol (|) at the end. To find the correct value for the 15 minute CPU usage, a regular expression is ueed.
module      = CPUReport
description = CPU Usage
file        = /usr/bin/uptime |
regex       = load average:\s+\d\.\d\d,\s+\d\.\d\d,\s+(\d\.\d\d)
Here is a more complete example for an configuration
And here is the given mail-output


This will create an report for postfix logfiles /etc/mail.
module      = PostfixReport
description = Postfix
file        = /var/log/mail
pattern     = %time2
# with the following you can specify the report(s) that will be 
# generated from the mail-log
# You can combine the values to get multiple statistics
# Bit 0 =>  1: Overview
# Bit 1 =>  2: Detailed list with all mail-IDs
# Bit 2 =>  4: Grouped by "to"
# Bit 3 =>  8: Popper-analyze
# Bit 4 => 16: Reject-report
# Bit 5 => 32: Graphical report with #Msgs / bytes per hour
# Bit 6 => 64: Table Report with #Msgs / bytes per hour
# Default is 1+4+8+16+32+64=125

mailReportType = 125

Here is a more complete example for an configuration
And here is the given mail-output

Pattern syntax

Some modules support the "pattern" config entry. A pattern contains one or more keys. A pattern-key always starts with the percent (%) character followed by some keyword. Between such pattern-keys there must be always ONE space. The following keywords are defined:

Problems and solutions


If you want to analyse some system log files, then you might run into the problem that this file was just rotated via logrotate. The effect is that you loose some info.

To overcome this there are several solutions: For apache websever I added an CustomLog and use my to do my own logging for every day. This file is then deleted if the report is generated.

Create your own reporting-module

This software has a OO-design, so it can be easy extended by other programmers.

You can either derive your report-module from BaseReport or from BaseFileReport (which is usualy the case)


Known variables


Known variables Logo