On 24.12.24 14:11, Adalfarus Theodoric via clamav-users wrote:
I hope this message finds you well. I’m new to using ClamAV and am
currently in the process of implementing it on our production servers.
During our testing phase, I encountered a couple of performance-related
issues that I’d like to address with your guidance.
1.
*RAM Usage*: There’s a significant memory usage spike for approximately
5 minutes during certain operations, although I’m unsure of the root cause.
which operations? I would expect same delays in case clamscan or clamd are
loading virus database, although on my system this taker slightly over one
minute.
2.
*High CPU Usage During Scans*: I understand that ClamAV scans are
resource-intensive by design (this is the case even for enterprise AV), but
I’d like to explore ways to reduce their impact. Specifically, I’m
considering reducing scan times by excluding specific folders, though I’m
not entirely sure which folders are safe to whitelist with low risk for the
system.
what do you scan and when?
My main goal is to prepare a config of ClamAV that prioritizes performance
with low risks in undetecting threats. Could you please advise on the
following?
- Are there existing best practices, configurations, or builds designed
specifically for optimizing ClamAV’s performance on production servers?
- Can you recommend approaches to safely whitelist folders or files
without undermining security?
- Are there any specific configuration parameters or tools within ClamAV
that can help mitigate RAM spikes and reduce CPU usage?
Thank you for your time and support!
the best I can think of is:
1. use clamd which does not reload database everytime scan is done
2. avoid repeated scanning of the same content
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Emacs is a complicated operating system without good text editor.
_______________________________________________
Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation
https://docs.clamav.net/#mailing-lists-and-chat
