Hi all,
I tried to find log entries of same mail using queue id from sendmail log. However, for the same time span, following search gives different results. e.g.
Gives all records at all time:
source="/tmp/sendmail.txt" from="<userA@my.domain.hk>" | fields qid | reverse
Only returns part of the records, with those at earlier time slots are missing:
source="/tmp/sendmail.txt" [search source="/tmp/sendmail.txt" from="<userA@my.domain.hk>" | fields qid ]| reverse
Would anyone please help?
Thanks and rgds,
/ST Wong
↧