ClamWin Free Antivirus Forum Index
ClamWin Free Antivirus
Support and Discussion Forums
ClamWin Free Antivirus Forum Index » General Suggestions/Questions
Reply to topic
Log Results to Syslog
vreid47362


Joined: 05 Jul 2006
Posts: 0
Post Posted: Thu Feb 28, 2008 2:46 am Reply with quote
Hello,

I have question about ClamWin's capability.

I have noticed that clam AV is able to log actions to a syslog server. Does this capability exist for ClamWin also? If it does, where can I find documentation about configuration, etc.?

If it doesn't currently exist, this would be a great feature for future versions.

Thanks for any information.

Vaughn
Indiana, USA
View user's profileSend private message
sherpya


Joined: 22 Mar 2006
Posts: 0
Location: Italy
Post Posted: Thu Feb 28, 2008 8:30 am Reply with quote
currently not implemented in our port but I may look at if I get users interest
View user's profileSend private message
Interest
vreid47362


Joined: 05 Jul 2006
Posts: 0
Post Posted: Thu Feb 28, 2008 6:43 pm Reply with quote
Thanks for your response. The clarification is greatly appreciated. Very Happy

I, for one, would be very interested in both the ability to send data to a remote syslog server and the ability to log to Windows Event Logs.

This would provide some real background scanning and reporting abilities when combined with an "at" job on a Windows machine.

In the meantime, can the command line clamscan.exe be configured to email its results? I know I can get this functionality from the clamtray GUI, but I sometimes need to use an "at" job to scan in the background, so that user's don't inadvertently or intentionally terminate a scan.


Vaughn Reid III
Indiana, USA
View user's profileSend private message
sherpya


Joined: 22 Mar 2006
Posts: 0
Location: Italy
Post Posted: Sat Mar 01, 2008 6:05 pm Reply with quote
re-routing syslog calls to windows eventlog is not a big deal
the remote syslog has is own protocol that I'll need to look at, it would be nice if supported
in the unix version

email are created by clamwin so clamscan has not this capability, also the unix version
perhaps there are some cmdline tools around to scripts emails
View user's profileSend private message
Script to Log Results to Win32 App Log and send email
vreid47362


Joined: 05 Jul 2006
Posts: 0
Post Posted: Mon Jun 23, 2008 4:19 am Reply with quote
After my last post, I got busy for a few weeks and didn't have any more time to think about my request. I am still very interested in a log to syslog component.

In the mean time, I've created a windows command line language script file that uses the Blat open source command line emailer to log scan results to the Window Application log and send a message to one or more email accounts. This is all done from the command line, so the Windows at or schtasks commands can be used to run the scan at pre-defined times without user interaction.

I'm posting my procedures and script below.

First, download Blat from here: https://www.blat.net/

Second, create a Blat profile for your script to use. Instructions are here: https://www.blat.net/examples/

Next, I created the following batch script. Please feel free to use this as a template and modify it to suit your needs. If you have some suggestions for improvement, please feel free to post those too.

Here's my batch script:

Code:
echo off
cls
echo this script was created by Vaughn L. Reid III on June 6, 2008
echo Batch Script using open source anti-virus and public domain mailer software to check computer for viruses and report status
echo this batch script uses clamwin anti-virus, available at http://www.clamwin.com
echo this batch script uses blat mailer software, available at http://www.blat.net/

cls

echo checking Documents and Settings Folder for viruses and sending summary email
c:\"Program Files"\clamwin\bin\clamscan.exe --database="C:\Documents and Settings\All Users\.clamwin\db" --recursive "C:\Documents and Settings" >c:\clam-results.txt 2>&1
goto answer%errorlevel%

:answer0
echo No Viruses found in scan of c:\documents and settings
eventcreate /l APPLICATION /so clamwin /t INFORMATION /id 1 /d "No viruses found in scan of c:\documents and settings"
C:\scripts\blat262\full\blat.exe c:\clam-results.txt -to email_address_here -subject "Virus Scan Complete" -p blat_mail_profile
echo Scan complete
echo Check c:\clam-results.txt for more info
goto end

:answer1
echo Possible virus found in scan of c:\documents and settings
eventcreate /l APPLICATION /so clamwin /t WARNING /id 2 /d "Possible Virus found in scan of c:\documents and settings"
C:\scripts\blat262\full\blat.exe c:\clam-results.txt -to email_address_here -subject "Virus Found" -p blat_mail_profile
echo Scan complete Possible viruses found
echo Check c:\clam-results.txt for more info
goto end

:end
exit


Basically, the batch file runs a scan and then writes messages into the Windows Application log and sends an email based upon the results of the scan. I'm not a programmer, but I'm posting this because someone might find the information listed above helpful.

--Vaughn Reid III
View user's profileSend private message
Log Results to Syslog
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
 		All times are GMT  
Page 1 of 1  
  
  
ClamWin Free Antivirus Forum Index » General Suggestions/Questions
 Reply to topic