At 6:50 PM -0400 3/9/10, Timothy Legge wrote:
Hi
I am trying to schedule a cron job to scan files and if a virus is
noticed to log that via syslog so it can be sent to a remote syslog
server.
I have successfully done this by using clamd and clamdscan however the
logs show:
Mar 9 17:45:04 server1 clamd[26200]: fd[12]: Eicar-Test-Signature FOUND
I am assuming that the fd[12] is because I used:
clamdscan --fdpass --infected --quiet
I would prefer to get the file name in the logs but I had to pass
--fdpass as the option so clamd would scan files that it did not have
permission to scan.
Should I approach this in a different way like using clamscan instead?
It does not look like clamscan can write to syslog but I could be
wrong.
Tim
Why don't you just get rid of --fdpass and run the cron job as root?
Tom
--
Tom Shaw - Chief Engineer, OITC
<tshaw at oitc.com>, http://www.oitc.com/ local wx: http://www.oitc.com/weather
US Phone Numbers: 321-984-3714, 321-729-6258(fax), 321-258-2475
(cell/voice mail,pager) US skypeline: 321-622-9098
Text Paging: http://www.oitc.com/Pager/sendmessage.html
AIM/iChat: trs...@mac.com
Skype: trshaw
Fish more and Live longer
To err is human. To purr, feline
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
