Re: [Declude.Virus] log file grepping
On 6 Dec 2004 at 10:25, Johan Driesmans wrote:
Hi Johan,
I'm interested in your mrtg configuration, can you send me this as
an
example?
Below is the cfg file - it will give you total virus vs total
scanned. Bill did unxtools extract which I munged slightly to make
mrtg like it better. I am running this in Windows w/Active State perl
the latest mrtg program. If you need to know more let me know.
Note: The Target[index]:. is _one_ line.
[Also I believe Darrell ([EMAIL PROTECTED]) is working on
a mrtg ver of a virus analyzer which does this and more... No idea
of a release date - ]
-Nick
###
WorkDir: E:\mrtg-graphs\Imail\grep_virus
Title[index]: Connections MRTG
PageTop[index]: hrbrh3Server: MX1.MADRIVERACCESS.COMbr
Viruses Detected / Total Email Scanned/h3
MaxBytes[index]: 100
AbsMax[index]: 100
Options[index]: gauge,unknaszero,nopercent,growright
Target[index]: `egrep File\(|Scanned: (Virus|Error)|Skipping
e:\imail\spool\vir1206.log | gawk {print $1,$4,$5,$6} | sed
s/\/2004 / TOTAL\n/g | egrep File|TOTAL | gawk {print $(NF)} |
usort | uniq -c | cut -b -8 | sed $!N;s/\n//`
YLegend[index]: Scanned
ShortLegend[index]: Scanned
Legend1[index]: Viruses
Legend2[index]: Scanned
LegendI[index]: nbsp;Scanned
LegendO[index]: nbsp;Viruses
###
---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
---
This E-mail came from the Declude.Virus mailing list. To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type unsubscribe Declude.Virus.The archives can be found
at http://www.mail-archive.com.
Re: [Declude.Virus] clamAV - OT ClamAV For Windows 0.80-10
I just received the folloing from the Clam list - there appears to be an issue with UDP ports and cygwin -Nick On 6 Dec 2004 at 9:24, Brian Bruns wrote: From: Brian Bruns [EMAIL PROTECTED] To: [EMAIL PROTECTED] Date sent: Mon, 6 Dec 2004 09:24:37 -0500 Subject:[clamav-announce] ClamAV For Windows 0.80-10 Hello all, Its been a while since I sent out a notice of a new version, so here it is - v0.80-10 of ClamAV. Its fresh off the compiler and should be working well. However, I've been notified of a serious issue surrounding ClamAV and Cygwin. Apparently, clamd.exe causes UDP ports to be opened for no reason, and they hang in the open state. The only way to really fix this is to kill off clamd.exe and restart it. I use a program from http://www.beyondlogic.org/consulting/processutil/processutil.htm which makes it rather easy to kill off clamd.exe cleanly. Using the regular clamscan.exe is the only way to completely avoid this issue - but you end up taking a major performance hit. We believe this problem is with Cygwin and not ClamAV, so theres limited I can do on my end until I can hash out the issue with a Cygwin developer. Anyways, latest version is up at: http://www.sosdg.org/clamav-win32 Enjoy! -- Brian Bruns The Summit Open Source Development Group Open Solutions For A Closed World / The AHBL http://www.sosdg.org / http://www.ahbl.org ___ ClamAV For Windows Announcement Mailing List http://lists.sosdg.org/mailman/listinfo/clamav-announce --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com.
[Declude.Virus] Virus MRTG
[Also I believe Darrell ([EMAIL PROTECTED]) is working on a mrtg ver of a virus analyzer which does this and more... No idea of a release date - ] -Nick For the most part its done. I just havent posted it to the web site yet because I havent had a chance to create documentation for it. I will have it posted by the end of the week. Darrell http://www.invariantsystems.com --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com.
[Declude.Virus] Virus MRTG Now Posted
FYI - The Virus MRTG script/program has been posted on our site. You can monitor the following [1] Overall Viruses / Total Messages [2] Specific Virus Scanner / Total Messages Any questions let me know. Darrell --- Check out http://www.invariantsystems.com for utilities for Declude And Imail. IMail/Declude Overflow Queue Monitoring, MRTG Integration, and Log Parsers. - Original Message - From: DLAnalyzer Support [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, December 06, 2004 2:41 PM Subject: [Declude.Virus] Virus MRTG [Also I believe Darrell ([EMAIL PROTECTED]) is working on a mrtg ver of a virus analyzer which does this and more... No idea of a release date - ] -Nick For the most part its done. I just havent posted it to the web site yet because I havent had a chance to create documentation for it. I will have it posted by the end of the week. Darrell http://www.invariantsystems.com --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com.
