[clamav-users] Clamd logging dictionary to aid integration with SIEM application

[Chris Needham2]

Hi,

I have gone through the archives of this particular mailing list and 
couldn't find anything related to this.

Pretty much all in the subject.

I'm looking for a logging dictionary or something similar that will give 
me a list of message formats so i can build parsing for our SIEM 
application.

Any help would be greatly appreciated!

Cheers,

Chris N
Unless stated otherwise above:
IBM United Kingdom Limited - Registered in England and Wales with number 
741598. 
Registered office: PO Box 41, North Harbour, Portsmouth, Hampshire PO6 3AU
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Clamd logging dictionary to aid integration with SIEM application

[Steven Morgan]

All clamav messages are embedded in the code. They should be pretty easy to
fish out of the code using greps of 'logg" for clamd messages and
CLI_ERRMSG/CLI_WARNMSG for messages from the engine.

Hope this helps,
Steve

On Thu, Sep 17, 2015 at 6:08 AM, Chris Needham2  wrote:

> Hi,
>
> I have gone through the archives of this particular mailing list and
> couldn't find anything related to this.
>
> Pretty much all in the subject.
>
> I'm looking for a logging dictionary or something similar that will give
> me a list of message formats so i can build parsing for our SIEM
> application.
>
> Any help would be greatly appreciated!
>
> Cheers,
>
> Chris N
> Unless stated otherwise above:
> IBM United Kingdom Limited - Registered in England and Wales with number
> 741598.
> Registered office: PO Box 41, North Harbour, Portsmouth, Hampshire PO6 3AU
> ___
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml