Re: [clamav-users] Sending ClamAV's logs to OSSIM

[Florian Schaal]

Am 21.01.2013 11:13, schrieb Rachid ZAHRAOUI:
> Hello,
> 
> I’m running ClamAV on a Linux Server and I want to send ClamAV events to
> syslog server that I manage. How can i do that and what configuration files
> do I have to update to make it work?
> 
> Thanks for Help
> 
You can try something like

VirusEvent /bin/logger -d -t clamav "VIRUS ALERT: %v"

in your clamd.conf

To send messages created by VirusEvent/logger will be send to your local
syslog. Those messages could easly be forwarded to your syslog server.

regards
Florian
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml

Re: [clamav-users] Sending ClamAV's logs to OSSIM

[Benny Pedersen]

Rachid ZAHRAOUI skrev den 21-01-2013 11:13:

I’m running ClamAV on a Linux Server and I want to send ClamAV events 
to
syslog server that I manage. How can i do that and what configuration 
files

do I have to update to make it work?


clamd.conf freshclam.conf clamav-milter.conf

all 3 have syslog support, but you just need to update the ones you use



___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml