[clamav-users] ClamAV Splunk app
PJ Balsley
pbalsley at ragingwire.com
Fri Nov 14 19:47:44 UTC 2014
This is not an advertisement, this is a request for features.
I use clamav on hundreds of linux systems in our network. In an effort to get visibility scan results I created a Splunk app. While I've built reports and dashboards that are helpful to our organization, I would like to improve it to benefit other users. I figured this was a good place to ask.
I have reports on:
# of completed scans
# of Risks detected
Hosts most at risk
Top 10 virus category
Top 10 infected files
Scan time/duration by host
ClamAV errors
DLP scan summary
PUA scan summary
Quarantined file summary
You are welcome to let me know what updates, reports, etc... you would like to see in the app. What do you care about?
Splunk app: ClamAV
Link: https://apps.splunk.com/app/1798/
Thank you for your time!
PJ
More information about the clamav-users
mailing list