Thank you for this
On Mon, Dec 19, 2022 at 4:47 PM Sylvain Robitaille <s...@encs.concordia.ca>
wrote:
> On Thu, 15 Dec 2022, Michael Kyriacou wrote:
>
> > Hello, is there a way to see how viruses/malware clamav current
> > protects us from. Additionally, is there a way to see the amount of
> > added virus definitions/signatures per update if clamav?
>
> I know that this isn't what was being asked for, but I suspect that it
> may be more useful to know how many messages that clamav has matched
> against which virus / malware signature. In other words, how many
> viruses and other malware did clamav protect *our* (users') systems
> from today? To that end, I use the following (admittedly simple)
> script, run nightly on each mail relay server, and I get a daily
> report that I can point to, to show what is being protected against.
>
> #!/bin/sh
> #
> # @(#)maillog_report_clamav_matches 2022-11-25 Sylvain Robitaille
> #
> # report on which clamav signatures have matched, and how many times
> # each have matched from the latest maillog file (or the file(s) named
> # as argument(s).
>
> PATH=/usr/local/bin:/usr/bin:/bin
> # <space><tab><newline>
> IFS="
> "
> export PATH;
> export IFS;
> umask 022
>
> # if we have no arguments, we'll default to the current maillog file;
> # else the arguments are the list;
> if [ "$*" ]; then
> MAILLOG=$*
> else
> MAILLOG="/var/log/maillog"
> fi
>
> # That's it ...
> grep -w FOUND ${MAILLOG} |\
> awk '{print $(NF-1)}' |\
> sort -h |\
> uniq -c |\
> sort -rh |\
> awk '{total+=$1; print} END {if (NR > 1) print "total:", total}'
>
>
> I'm hoping that this can help, or it might perhaps inspire a script
> that's more relevant to your own situation.
>
> --
> ----------------------------------------------------------------------
> Sylvain Robitaille s...@encs.concordia.ca
>
> Systems analyst / Postmaster / AITS Concordia University
> Faculty of Engineering and Computer Science Montreal, Quebec, Canada
> ----------------------------------------------------------------------
> _______________________________________________
>
> Manage your clamav-users mailing list subscription / unsubscribe:
> https://lists.clamav.net/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/Cisco-Talos/clamav-documentation
>
> https://docs.clamav.net/#mailing-lists-and-chat
>
_______________________________________________
Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation
https://docs.clamav.net/#mailing-lists-and-chat
