Re: [clamav-users] Configuring LogFacility

Tue, 27 Sep 2011 05:57:30 -0700 

Thanks for the answer, yes i'm using rsyslogd, could you put me on docs on how 
to match on msg?

thanks again


On Tue, 27 Sep 2011 14:09:36 +0300
Török Edwin <[email protected]> wrote:

> On 2011-09-27 13:13, Forlani M. wrote:
> > 
> > Hi all, i'm new here, please excuse my little english.
> > I have a centralized syslog server and i've configured clamd to send logs 
> > as LogFacility local1.
> > It's working fine, but this is what i'm obtaining:
> > files/folders clamd can't access as local1.warning
> > files infected local1.info
> > 
> > There's a way to set local1.critical or alert for infected files?
> 
> No you can't configure it from clamd.conf, please open an enhancement request 
> on bugs.clamav.net:
> 
> You could write a virusevent script, put VirusEvent /path/to/yourscript in 
> clamd.conf, and in yourscript:
> #!/bin/sh
> /usr/bin/logger -t clamd -p local1.alert "$CLAM_VIRUSEVENT_FILENAME: 
> $CLAM_VIRUSEVENT_VIRUSNAME FOUND"
> 
> > It's more simply find a critical/alert message in syslog, and in this way i 
> > can "refine" logs and reports.
> > 
> > I'm using clamav on centos 5.5, installed from rpmforge repository: ClamAV 
> > 0.97.2/13679
> > Thanks
> > 
> 
> If you're using rsyslogd it should be possible to match on msg content FOUND 
> and send the output to a different place,
> or override the loglevel.
> 
> Best regards,
> --Edwin
> _______________________________________________
> Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
> http://www.clamav.net/support/ml
> 
> __________ Informazioni da ESET NOD32 Antivirus, versione del database delle 
> firme digitali 6497 (20110927) __________
> 
> Il messaggio _ stato controllato da ESET NOD32 Antivirus.
> 
> www.nod32.it
> 
> 
> 


-- 
Forlani M. <[email protected]>
 
 
 --
 Caselle da 1GB, trasmetti allegati fino a 3GB e in piu' IMAP, POP3 e SMTP 
autenticato? GRATIS solo con Email.it http://www.email.it/f
 
 Sponsor:
 Vuoi fare un regalo davvero originale? Su MisterCupido.com puoi crearlo tu! 
Personalizza con le tue foto: quadri, tazze, puzzle, cuscini, peluche...
 Clicca qui: http://adv.email.it/cgi-bin/foclick.cgi?mid450&d'-9
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml

Reply via email to