[clamav-users] Clamd: how can you get emails about viruses or at least save info about found viruses in a specific file?

Dennis Peterson dennispe at inetnw.com
Thu Mar 5 13:16:58 EST 2015


On 3/5/15 10:05 AM, Henry Collins wrote:
> So the normal ClamAV (not daemon) is working alright and I do not have any
> complaints. However, the daemon is not working or I cannot see how it is
> working. When I write "ps ax", I can see that it is running, but the
> problem is that I cannot find any information on what it found. I tried to
> move a fake virus to different folders, but I cannot see anything in
> ClamAVs logs.
>
> How do I see what daemon has found and how do I save these results to some
> file?
>

A standard ClamAV install doesn't do anything when the clamd daemon is started. 
You have to explicitly give it something to do. If you have a directory you wish 
to scan then you would run clamdscan from a command line with that directory as 
an argument. If the clamd user ID does not have permission to scan that 
directory or its contents then you have to provide file descriptors. The 
clamdscan tool communicates with the clamd daemon and is a fast means of 
scanning files because all the signatures are already loaded.

See man clamdscan.

You can also scan directories without using the daemon by invoking the clamscan 
command line tool. This tool has to load the signatures each time it is run and 
so has greater overhead, but it does not have ownership problems when scanning 
files you own. If you run it as root it will scan any file on your system. It's 
probably not a good idea to run this on device files and Unix special files.

See man clamscan

The clamd daemon is most useful for scanning incoming mail in real time. That 
requires an interface layer between clamd and your mail MTA or local delivery agent.

dp



More information about the clamav-users mailing list