Hello All,

 

We have started using ClamAV for SUSE Linux servers in one of our project. I have a few points that needs clarification w.r.t Antivirus best practices.

 

1. How frequently is it recommended to perform complete scan (clamscan) on servers. From my testing I understand that each scan on a server takes about 5-7 hours. Is it recommended to scan Linux servers daily or weekly basis?
2. Will there be a performance impact on servers when the scan is running for such long hours?
3. We have planned to write a  script which automates the scanning of servers i.e.

• run clamscan command and share its output by email
• Drop clamscan output on the terminal
• Ex: clamscan -r / -i <this command scans all files, directories and prints only infected files>

             While testing the above command, infected files and also error messages are printed.

              Is there a better command to scan the entire system, and just show the scan summary rather than printing error messages.

 

Regards,

SS