Hi there,
On Mon, 21 Feb 2022, An Schall via clamav-users wrote:
Yes, I am using exactly this approach at the moment. However, I
execute clamdscan from within a custom bash script. This bash script
logs several messages to a defined log file. As part of this
information the verbose clamdscan logs should also be captured in this
log file.
With clamscan it was easy to simply pipe the verbose output to tee and
append the custom log file. Now I have to use "cat" and it seems like
this introduces some error.
As I've already said, by design clamscan and clamdscan do produce
different information in their output streams. Having said that, I
can't imagine what "error" might be introduced by 'cat' but I'm sure
you don't have to use it. The Unix system logging facilities are very
flexible. I'd be very surprised if you could not use them to do what
you want, and if it isn't possible I'd probably wonder what on Earth
you want to do and why you want to do it. Apart from a couple of cron
jobs, even for the odd one-liner (using 'logger') I use syslog-style
logging for more or less everything. This includes logging by clamd:
8<--------------------------
# grep Syslog .../clamd.conf
LogSyslog yes
8<--------------------------
You can pipe log messages through scripts, modify them on the fly, add
system-generated flags and timestamps (or not, as you choose), filter
them in many ways, send them to multiple files and/or remote systems,
... the list goes on. Take a look, for example, at the man pages for
syslog-ng and syslog-ng.conf. However I generally don't do anything
like that for clamd, I don't feel the need. I only use ClamAV to scan
mail, and the logging and reporting that I need is handled separately
by a suite of homebrew reporting tools.
On a multi-user multi-tasking system like Linux you always need to be
aware that more than one process may need to log to any particular log
file, and this can present issues which are not present if you just
have a single process logging directly to a file to which only it has
write access. Perhaps you're facing this sort of issue?
Little of this is specific to ClamAV. I suggest that you spend some
quality time with the syslog documentation and if you still can't do
what you want then please by all means get back to us with a precise
description of what you want to do and why you think you can't do it.
--
73,
Ged.
_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
