[clamav-users] log representation
Frans de Boer
frans at fransdb.nl
Wed Oct 23 13:03:05 UTC 2019
On 22-10-2019 22:33, G.W. Haywood via clamav-users wrote:
> Hi there,
>
> On Tue, 22 Oct 2019, Frans de Boer wrote:
>
>> Does anybody knows how to make the log output of the ClamAV daemons
>> the same as normal log's. That is, with an ISO date, followed by host
>> name, program/daemon name and concluding with the real message.
>
> That's normally done by syslog (or equivalent: rsyslog, syslog-ng, ...)
> so if you tell the daemon to log via syslog it should be taken care of
> for you.
>
> If you're very fussy about the date format you may need to do a little
> work, but remember that there's a *lot* of code Out There which parses
> the 'standard' Unix-style logs and if you move away from that format
> it may come back to bite you later on.
>
Nope, 0.102.0 for instance does not pass the program name. I only get
the '->' characters.
I use to output to individual files, but now I have to use syslog-ng to
capture and filter out unwanted messages of the new clamAV suite.
However, I have to know that a message is indeed coming for one of the
components and not say systemd or others.
I know that I can transform the date into an ISO date and add the host
myself. But having only -> does not tell me if the data came from clamd,
freshclamd or clamonacc.
--- Frans.
More information about the clamav-users
mailing list