[clamav-users] Remote scanning hostname?
G.W. Haywood
clamav at jubileegroup.co.uk
Fri May 29 16:52:14 UTC 2020
Hi there,
On Fri, 29 May 2020, John Robison wrote:
> We use a client/server setup where clamd runs on one server and exposes a
> port, and other servers connect to it using TCPAddr in their configuration.
>
> I see that on the clamd server I can use something like `VirusEvent `echo
> "Virus detected: %v"` when a virus is detected, but this doesn't tell me
> which client node has the virus. Is there a way for the clamd server to
> report the hostname (or IP, or any kind of identifier) of the client when a
> virus is detected?
It already does that:
# grep FOUND mail.info | tail -n 1
May 17 00:19:43 mailscanner clamd[1427]: instream(192.168.44.25 at 37210): Sanesecurity.Spam.12727.UNOFFICIAL FOUND
Perhaps you can share your configuration?
--
73,
Ged.
More information about the clamav-users
mailing list