[clamav-users] ClamAV Splunk app
PJ Balsley
pbalsley at ragingwire.com
Sun Nov 16 17:51:15 UTC 2014
Why? Such a great question.
Why not.
But is it why write a Splunk app, or why run clamav on linux?
First, why a splunk app? To get as much visibility as possible on my clam logs. And it was fun to do.
Why run it on linux? Am I worried about a linux virus? Actually no. I'm more concerned that someone storing a windows virus on a linux smb mount or embedded image executable on a web server.
And yes also for compliance reasons. As Dennis pointed out. With DLP enabled I can look for SSN and CCN to make the statement to my auditors that yes I am sure we do not store any of these in plain text.
pj
________________________________________
From: clamav-users [clamav-users-bounces at lists.clamav.net] on behalf of G.W. Haywood [clamav at jubileegroup.co.uk]
Sent: Saturday, November 15, 2014 9:22 AM
To: clamav-users at lists.clamav.net
Subject: Re: [clamav-users] ClamAV Splunk app
Hi there,
On Sat, 15 Nov 2014, PJ Balsley wrote:
> I use clamav on hundreds of linux systems in our network. ...
This is not a facetious question, it's one of genuine interest.
Why?
--
73,
Ged.
_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
More information about the clamav-users
mailing list