Hello Alessandro.
I agree that all measurements are tricky :-)
In contrast to your approach, I'm measuring scan time. To alleviate things like
noisy neighbour and other problems, here I ran the test with one old ClamAV
virus DB I have handy 10 times, then updated and ran it 10 times again.
Something like:
$ du -hs /bin/
1.8G /bin/
$ for i in 1 2 3 4 5 6 7 8 9 10; do echo "===== $i ====="; /bin/time
--verbose clamscan /bin/ 2>&1; done | tee -a /tmp/clamav-old.log
$ sudo freshclam
$ for i in 1 2 3 4 5 6 7 8 9 10; do echo "===== $i ====="; /bin/time
--verbose clamscan /bin/ 2>&1; done | tee -a /tmp/clamav-new.log
Resulting graph of these 20 "wall clock" times attached.
It shows that scan is now ~9.15% slower, while number of virus signatures
raised by ~0.05% only. So this is perfectly fine to me as the regression (?) we
have seen between 27709 and 27710 virus DB versions was far bigger. But still,
I would expect only 0.05% slowdown if only 0.05% new signatures was added.
So the question here is: is this expected?
Regards,
Jan_______________________________________________
Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation
https://docs.clamav.net/#mailing-lists-and-chat
