[clamav-users] connect clamscan output to journal with systemd-cat

Dave Nelson lists at traduction.biz
Wed Apr 3 15:20:48 UTC 2019 

Also, it should be totally unnecessary to scan your filesystem every 
minute, and will place an unnecessary load on your server. Postfix (or 
whatever) will run clamav when it needs to. And you can maybe run a full 
scan on your filesystem once every 24 hours if you feel paranoid. 
(IMHO.)
Postfix will log every detection of an incoming virus, so you can watch 
that log, too, for a fuller view of what's happening (/var/log/mail.log 
by default on an Ubuntu system).
Dave

On 2019-04-03 17:48, Dave Nelson via clamav-users wrote:
> You can configure a log specially for clamav, and that should be
> plenty. Also, you can install logwatch and get mail updates once a day
> or more often. You can also install netdata if you want to monitor in
> real time, or simply watch the output of 'tail -f
> /var/log/clamav/clamav.log' .... it's every server admin's pleasure
> and duty to watch his/her server's logs roll by in a terminal window
> periodically. ;-)
> Dave
> 
> On 2019-04-03 15:58, SCOTT PACKARD via clamav-users wrote:
>> Logfiles are a place where a sysadmin notices a host running smoothly
>> (lack of anything in logs) or has problems (error messages about the
>> programs show up in the logs).
>> 
>> Looks like you are trying to misuse logfiles as a place to put
>> successful/unsuccessful output that's produced by a program.
>> 
>> You'll want to create a separate log for your program, foo.log, and
>> write it to /var/log/ directory.
>> 
>> Others can comment about scanning a host every minute.
>> 
>> Regards, Scott
>> 
>> FROM: clamav-users <clamav-users-bounces at lists.clamav.net> ON BEHALF
>> OF Kretschmer, Jens
>> SENT: Wednesday, April 03, 2019 1:34 AM
>> TO: clamav-users at lists.clamav.net
>> SUBJECT: [External] [clamav-users] connect clamscan output to journal
>> with systemd-cat
>> 
>> Hi,
>> 
>> I would like to redirect the output of clamscan to the journal, which
>> should by possible by
>> 
>> /usr/bin/clamscan -r /root/ 2>&1 | /usr/bin/systemd-cat
>> --identifier="clamscan"
>> 
>> or
>> 
>> /usr/bin/systemd-cat --identifier="clamscan" /usr/bin/clamscan -r
>> /root/
>> 
>> While both commands work when executed manually in the terminal, the
>> output is not redirected when executed by a cronjob. If I put the
>> following line into the file /etc/cron.d/clamav
>> 
>> * * * * * root /usr/bin/systemd-cat --identifier="clamscan"
>> /usr/bin/clamscan -r /root/
>> 
>> I can see that the clamscan process is started every minute, but the
>> output is not redirected to the journal.
>> 
>> If I put the line
>> 
>> * * * * * root /usr/bin/systemd-cat --identifier="clamscan" ls /root/
>> 
>> Into the file /etc/cron.d/clamav, it is executed every minute as well
>> and I can see the output of ls in the journal.
>> 
>> Do you have any idea what could be causing the issue?
>> 
>> Best regards,
>> Jens
>> 
>> _______________________________________________
>> 
>> clamav-users mailing list
>> clamav-users at lists.clamav.net
>> https://lists.clamav.net/mailman/listinfo/clamav-users
>> 
>> 
>> Help us build a comprehensive ClamAV guide:
>> https://github.com/vrtadmin/clamav-faq
>> 
>> http://www.clamav.net/contact.html#ml
> 
> --
> With all best wishes,
> Dave
> 
> _______________________________________________
> 
> clamav-users mailing list
> clamav-users at lists.clamav.net
> https://lists.clamav.net/mailman/listinfo/clamav-users
> 
> 
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
> 
> http://www.clamav.net/contact.html#ml

-- 
With all best wishes,
Dave

More information about the clamav-users mailing list