Re: ClamAV not LOGGING viruses was [Clamav-users] 0.90.1not findingviruses

John Fleming Thu, 15 Mar 2007 19:02:21 -0800

----- Original Message -----From: "Dennis Peterson" <[EMAIL PROTECTED]>

To: "ClamAV users ML" <clamav-users@lists.clamav.net>
Sent: Thursday, March 15, 2007 10:42 PM

Subject: Re: ClamAV not LOGGING viruses was [Clamav-users] 0.90.1notfindingviruses

John Fleming wrote:
If not syslog, then the the clamd run-as user have write permissions tothe log?
Yes, clamav:clamav both owner and group 0640
Just saw your next post come in - check for sure the run-as user isclamav.
Is the log < 2gig in size?
Yeah, only about 5K right now. It's been recreated several times latelyvia reinstall and manually, to no avail, but that's why it's so small.It only grows when the daemon is restarted or the database changes, asthese do get logged.
If syslog is used, is
the facility in the syslog.conf file for the clamav.log file the same asthat in the clamd.conf file?
[not using syslog]
Ok - if you have lsof installed, run it and grep clamd and see if one ofthe files clamd has open is your log file.


# lsof|grep clamd
clamd     22702    clamav  cwd       DIR        3,1      4096          2 /
clamd     22702    clamav  rtd       DIR        3,1      4096          2 /

clamd 22702 clamav txt REG 3,1 52824 932224/usr/sbin/clamdclamd 22702 clamav mem REG 3,1 90248 703300/lib/ld-2.3.2.soclamd 22702 clamav mem REG 3,1 443880 556933/usr/lib/libclamav.so.2.0.1clamd 22702 clamav mem REG 3,1 73304 131177/lib/tls/libnsl-2.3.2.soclamd 22702 clamav mem REG 3,1 78233 131495/lib/tls/libpthread-0.60.soclamd 22702 clamav mem REG 3,1 1254660 131073/lib/tls/libc-2.3.2.soclamd 22702 clamav mem REG 3,1 62048 556147/usr/lib/libbz2.so.1.0.2clamd 22702 clamav mem REG 3,1 178868 557165/usr/lib/libgmp.so.3.3.3clamd 22702 clamav mem REG 3,1 200916 556024/usr/lib/libcurl.so.3.0.0clamd 22702 clamav mem REG 3,1 195404 556081/usr/lib/libidn.so.11.5.6clamd 22702 clamav mem REG 3,1 67468 556211/usr/lib/libz.so.1.2.2clamd 22702 clamav mem REG 3,1 198576 2305690/usr/lib/i686/cmov/libssl.so.0.9.7clamd 22702 clamav mem REG 3,1 1029704 2305689/usr/lib/i686/cmov/libcrypto.so.0.9.7clamd 22702 clamav mem REG 3,1 9872 131493/lib/tls/libdl-2.3.2.soclamd 22702 clamav mem REG 3,1 28616 131492/lib/tls/libnss_compat-2.3.2.soclamd 22702 clamav mem REG 3,1 33440 131056/lib/tls/libnss_nis-2.3.2.soclamd 22702 clamav mem REG 3,1 34748 131193/lib/tls/libnss_files-2.3.2.soclamd 22702 clamav 0w CHR 1,3 639106/dev/nullclamd 22702 clamav 1w CHR 1,3 639106/dev/nullclamd 22702 clamav 2w CHR 1,3 639106/dev/nullclamd 22702 clamav 3w REG 3,1 5370 2682197/var/log/clamav/clamav.logclamd 22702 clamav 4w CHR 1,3 639106/dev/nullclamd 22702 clamav 5u unix 0xceb96380 768350/var/run/clamav/clamd.ctlclamd 22702 clamav 7u REG 3,1 0 277999/var/lib/clamav/.dbLock (deleted)

#

There's the log, but I need help understanding what's happening. - John


_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html

Re: ClamAV not LOGGING viruses was [Clamav-users] 0.90.1not findingviruses

Reply via email to