[clamav-users] Scanning result in socket connection for each file under a folder?

Tue Jan 10 18:24:39 UTC 2023

Hi,

I'm trying to avoid log reading.
What I wish to have is the scanning status sent back for every scanned file
using the clamd socket connection; the same socket I've used to send the
SCAN [folder] command.
Thanks

Jorge

El mar, 10 ene 2023 a las 15:14, newcomer01 via clamav-users (<
clamav-users at lists.clamav.net>) escribió:

> you can do tis on a similar way:
>
> >     #!/bin/sh
> >      #
> >      #       @(#)maillog_report_clamav_matches 2022-11-25 Sylvain
> Robitaille
> >      #
> >      # report on which clamav signatures have matched, and how many times
> >      # each have matched from the latest maillog file (or the file(s)
> named
> >      # as argument(s).
> >
> >      PATH=/usr/local/bin:/usr/bin:/bin
> >      # <space><tab><newline>
> >      IFS="
> >      "
> >      export PATH;
> >      export IFS;
> >      umask 022
> >
> >      # if we have no arguments, we'll default to the current maillog
> file;
> >      # else the arguments are the list;
> >      if [ "$*" ]; then
> >         MAILLOG=$*
> >      else
> >         MAILLOG="/var/log/maillog"
> >      fi
> >
> >      # That's it ...
> >      grep -w FOUND ${MAILLOG} |\
> >         awk '{print $(NF-1)}' |\
> >         sort -h |\
> >         uniq -c |\
> >         sort -rh |\
> >         awk '{total+=$1; print} END {if (NR > 1) print "total:", total}'
>
>
>
> Von / From: Clamav User Mailinglist <mailto:clamav-users at lists.clamav.net>
> An / To: Newcomer01 <mailto:newcomer01 at posteo.de>
> CC / CC: Jorge Elissalde <mailto:elissalde.j.e at gmail.com>
> Gesendet / Sent: Dienstag, Januar 10, 2023 um 16:16 (at 04:16 PM) +0100
> Betreff / Subject: [clamav-users] Scanning result in socket connection for
> each file under a folder?
> > Hi,
> >
> > When I scan a folder using socket connection to clamd (SCAN [folder]) I
> don't get an individual result for each file in the connection.
> > For example, if I send to scan the folder c:\testme, I will get (if
> everything goes ok) only the line: c:\testme: OK
> > Individual files scanned and result are stored in the log file, like
> this one:
> >
> > LOG> c:\testme\file1: OK
> > LOG> c:\testme\file2: OK
> > SOCKET> c:\testme: OK
> >
> > Is there a chance to get every individual scanned file result also
> reported in the socket connection?
> >
> > Thank you
> >
> > Jorge
> >
> > _______________________________________________
> >
> > Manage your clamav-users mailing list subscription / unsubscribe:
> > https://lists.clamav.net/mailman/listinfo/clamav-users
> >
> >
> > Help us build a comprehensive ClamAV guide:
> > https://github.com/Cisco-Talos/clamav-documentation
> >
> > https://docs.clamav.net/#mailing-lists-and-chat
>
> _______________________________________________
>
> Manage your clamav-users mailing list subscription / unsubscribe:
> https://lists.clamav.net/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/Cisco-Talos/clamav-documentation
>
> https://docs.clamav.net/#mailing-lists-and-chat
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.clamav.net/pipermail/clamav-users/attachments/20230110/ace2a3a5/attachment.htm>