[rt-users] Automatted parsing of mails entering an RT queue

Matt Zagrabelny mzagrabe at d.umn.edu
Thu Mar 2 09:43:26 EST 2017


What version are you using CK?

-m

On Thu, Mar 2, 2017 at 2:35 AM, Christopher Kunz <chrislist at de-punkt.de> wrote:
> Hi all,
>
> we've been using RT for almost 15 years now with great success, but our
> growing company needs a little more automation now. As we are a hosting
> company /carrier, we frequently receive abuse reports and security
> advisories (for example, automatted scans for UDP amplifiers by the
> German national CERT). These enter our abuse queue.
>
> I would like to parse these mails automatically, and write a parsing
> toolkit for each different type of abuse mail (either by sender, or by
> specific content signature, or something like that), in order to extract
> the affected URIs / IP addresses from the mails and pass them on to an
> abuse handling script for further action.
>
> How would I do that? Are there any articles in the RT wiki that might be
> a good starting point? Unfortunately, the "automating RT" page is more
> about crontool than about the kind of automation I'm looking for.
>
> Thanks a lot,
>
> --ck
> ---------
> RT 4.4 and RTIR Training Sessions https://bestpractical.com/training
> * Paris - April 24-26, 2017



More information about the rt-users mailing list