Hi Team,
I have setup almost 15 relay MTAs for relaying my mails. And I am pushing the /var/log/maillog to ELK Stack.
I was able to use the grok filters and create the indices, documents, fields and so and also I am able to see in Kibana too.
I got a new requirement that my supervisor wants to know how many mails from a specific client say 180.190.30.46 are sent and how many are deferred and how many are softbounce.
As the client IP 180.190.30.46 is recorded in one document of the index and the mail sent status is recorded in the another document of course of the same index, I am not able to write a search query either in Elasticsearch or in Kibana.
So, is there a way that would solve my requirement ? This has become a great challenge from past few days for me.