On 9/15/10 7:47 AM, Tomasz Kojm wrote:
On Tue, 14 Sep 2010 09:22:48 -0700 Dennis Peterson<[email protected]> wrote:Time tests of sigtool --find-sigs compared to grep. The output of either sigtool or grep can be piped back in to sigtool --decode-sigs: $ time sigtool --find-sigs Sanesecurity.Spam.10995 Sanesecurity.Spam.10995:4:*:46726f6d3a20{-50}5066697a6572*5375626a6563743a20{-100}2520 real 2m4.16s user 1m46.65s sys 0m2.88sHi David, how many signatures are you using and which OS? On my 3-year old Linux box the search takes 3 seconds (~965k sigs): $ time sigtool --find-sigs Sanesecurity.Spam.10995 Sanesecurity.Spam.10995:4:*:46726f6d3a20{-50}5066697a6572*5375626a6563743a20{-100}2520 real 0m3.076s user 0m2.952s sys 0m0.124s
There are 823070 signatures in the current daily.cld, main.cld, and bytecode.cld, and 190586 signatures in the various Sane Security files. This is a Sun Sparc box running Solaris.
Which begs another question - anyone have a single command that will generate these numbers based on signature files in the DataDictionary directory?
dp _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
