Yogesh, I’m sorry to say VirusEvent for On-Access scanning has been disabled since 0.100 was released. I was unaware that there was nothing in the 0.100 release notes or that no other announcement was made. My apologies.
We’re actively re-working the OnAccess scanning feature, placing it in an external tool that interfaces with clamd, similar to how clamdscan or clamav-milter interface with clamd. Once this is complete, VirusEvent will work correctly with OnAccess scans. Regards, Micah From: clamav-users <[email protected]> on behalf of Yogesh Girikumar via clamav-users <[email protected]> Reply-To: ClamAV users ML <[email protected]> Date: Monday, April 15, 2019 at 10:48 AM To: "[email protected]" <[email protected]> Cc: Yogesh Girikumar <[email protected]> Subject: [clamav-users] VirusEvent notification Context: I'm trying to set up ClamAV on several servers a (Debian 9; )nd setup Slack/pagerduty-based notifications. But the command never fired. Searching around for clued, I found a forum post that mentions virusaction being disabled here: https://github.com/Cisco-Talos/clamav-devel/blob/dev/0.102/clamd/onaccess_fan.c#L85 This change has not reflected in the man page, neither is there any announcement on ClamAV website or social media. This needs to be fixed. Is there a different way I can setup a notification on virus detection that does not involve parsing logs? If not, are there examples that someone can point to where simple log parsing tools are used? I'm trying to not have to rely on something heavy like elasticsearch for this. -- Yogesh
_______________________________________________ clamav-users mailing list [email protected] https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
