Hello,
I have a question for those of you how uses the CLAMAV Plugin.
My log /var/log/clamav/clamav.log looks all like this:
Tue Apr 21 21:10:28 2020 -> fd[10]: OK
Tue Apr 21 21:10:28 2020 -> fd[10]: OK
Tue Apr 21 21:10:28 2020 -> fd[10]: OK
Tue Apr 21 21:10:28 2020 -> fd[10]: OK
Tue Apr 21 21:10:28 2020 -> fd[10]: OK
Tue Apr 21 21:10:28 2020 -> fd[10]: OK
Tue Apr 21 21:10:28 2020 -> fd[10]: OK
Tue Apr 21 21:10:28 2020 -> fd[10]: OK
Tue Apr 21 21:10:28 2020 -> fd[10]: OK
Tue Apr 21 21:10:28 2020 -> fd[10]: OK
Tue Apr 21 21:10:28 2020 -> fd[10]: OK
If have tested the EICAR Testfile ( see: https://easyengine.io/tutorial…server/testing/antivirus/ ) and put the file to /tmp.
Now I scanned using this command: sudo clamdscan /tmp/ --fdpass
This is how the log looks.
Tue Apr 21 21:17:40 2020 -> fd[10]: Win.Test.EICAR_HDB-1(44d88612fea8a8f36de82e1278abb02f:68) FOUND
I do not now why or how I can get to see the filename. I mean, its nice to see a warning that a virus is detected, but with a log like this I dont know with file caused the alert.
Has someone a hint on how I can see the filename.
My environment:
OMV 5.39.x
CLAMAV Plugin: openmediavault-clamav 5.0.9-1
HardDisk are 2 SSDs in Raid1 (SoftRaid by OMV) and formated in EXT4
Here my conf file
root@MYNAS:/tmp# cat /etc/clamav/clamd.conf
# This file is auto-generated by openmediavault (https://www.openmediavault.org)
# WARNING: Do not edit this file, your changes will get lost.
LocalSocket /run/clamav/clamd.ctl
FixStaleSocket true
LocalSocketGroup clamav
LocalSocketMode 666
AlertEncrypted false
AlertEncryptedArchive false
AlertEncryptedDoc false
MaxDirectoryRecursion 15
FollowDirectorySymlinks False
FollowFileSymlinks False
ReadTimeout 120
MaxThreads 3
MaxConnectionQueueLength 15
LogSyslog false
LogRotate false
LogFacility LOG_LOCAL6
LogClean false
LogVerbose false
DatabaseDirectory /var/lib/clamav
SelfCheck 3600
Foreground false
Debug false
ScanPE True
MaxEmbeddedPE 10M
ScanOLE2 True
ScanPDF False
ScanHTML True
MaxHTMLNormalize 10M
MaxHTMLNoTags 2M
MaxScriptNormalize 5M
MaxZipTypeRcg 1M
ScanSWF true
ScanELF True
ScanArchive False
ScanMail false
AlertBrokenExecutables False
ExitOnOOM false
LeaveTemporaryFiles false
HeuristicAlerts True
IdleTimeout 30
PhishingSignatures true
PhishingScanURLs false
AlertPhishingSSLMismatch false
AlertPhishingCloak false
AlertPartitionIntersection false
DetectPUA False
ScanPartialMessages false
HeuristicScanPrecedence false
StructuredDataDetection false
CommandReadTimeout 30
SendBufTimeout 500
MaxQueue 100
ExtendedDetectionInfo true
AlertOLE2Macros false
AllowAllMatchScan true
ForceToDisk false
DisableCertCheck false
DisableCache false
MaxScanSize 100M
MaxFileSize 25M
MaxRecursion 16
MaxFiles 10000
MaxPartitions 50
MaxIconsPE 100
PCREMatchLimit 10000
PCRERecMatchLimit 5000
PCREMaxFileSize 25M
ScanXMLDOCS true
ScanHWP3 true
MaxRecHWP3 16
StreamMaxLength 25M
LogFile /var/log/clamav/clamav.log
LogTime true
LogFileUnlock false
LogFileMaxSize 0
Bytecode true
BytecodeSecurity TrustSigned
BytecodeTimeout 60000
OfficialDatabaseOnly false
CrossFilesystems true
VirusEvent /bin/run-parts --lsbsysinit -- /etc/clamav/virusevent.d/
User clamav
OnAccessMaxFileSize 100M
OnAccessMaxThreads 5
OnAccessDisableDDD false
OnAccessPrevention true
OnAccessExtraScanning true
OnAccessExcludeUname clamav
OnAccessRetryAttempts 3
Any help is welcome.
oem111