Thank you for this On Mon, Dec 19, 2022 at 4:47 PM Sylvain Robitaille <s...@encs.concordia.ca> wrote:
> On Thu, 15 Dec 2022, Michael Kyriacou wrote: > > > Hello, is there a way to see how viruses/malware clamav current > > protects us from. Additionally, is there a way to see the amount of > > added virus definitions/signatures per update if clamav? > > I know that this isn't what was being asked for, but I suspect that it > may be more useful to know how many messages that clamav has matched > against which virus / malware signature. In other words, how many > viruses and other malware did clamav protect *our* (users') systems > from today? To that end, I use the following (admittedly simple) > script, run nightly on each mail relay server, and I get a daily > report that I can point to, to show what is being protected against. > > #!/bin/sh > # > # @(#)maillog_report_clamav_matches 2022-11-25 Sylvain Robitaille > # > # report on which clamav signatures have matched, and how many times > # each have matched from the latest maillog file (or the file(s) named > # as argument(s). > > PATH=/usr/local/bin:/usr/bin:/bin > # <space><tab><newline> > IFS=" > " > export PATH; > export IFS; > umask 022 > > # if we have no arguments, we'll default to the current maillog file; > # else the arguments are the list; > if [ "$*" ]; then > MAILLOG=$* > else > MAILLOG="/var/log/maillog" > fi > > # That's it ... > grep -w FOUND ${MAILLOG} |\ > awk '{print $(NF-1)}' |\ > sort -h |\ > uniq -c |\ > sort -rh |\ > awk '{total+=$1; print} END {if (NR > 1) print "total:", total}' > > > I'm hoping that this can help, or it might perhaps inspire a script > that's more relevant to your own situation. > > -- > ---------------------------------------------------------------------- > Sylvain Robitaille s...@encs.concordia.ca > > Systems analyst / Postmaster / AITS Concordia University > Faculty of Engineering and Computer Science Montreal, Quebec, Canada > ---------------------------------------------------------------------- > _______________________________________________ > > Manage your clamav-users mailing list subscription / unsubscribe: > https://lists.clamav.net/mailman/listinfo/clamav-users > > > Help us build a comprehensive ClamAV guide: > https://github.com/Cisco-Talos/clamav-documentation > > https://docs.clamav.net/#mailing-lists-and-chat >
_______________________________________________ Manage your clamav-users mailing list subscription / unsubscribe: https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/Cisco-Talos/clamav-documentation https://docs.clamav.net/#mailing-lists-and-chat