Home Miscellaneous Automating Linux Anti-Virus Using ClamAv and Cron
Miscellaneous

Automating Linux Anti-Virus Using ClamAv and Cron

by Bella
written by Bella

Clam AntiVirus (ClamAV) is a free, cross-platform antivirus tool-kit able to detect many types of malicious software, including viruses. One of its main uses is on mailservers as a server-side email virus scanner. The application was developed for Unix and has third party versions available for AIX, BSD, HP-UX, LINUX, MAC OS X, openVMS, OSF (Tru64) and Solaris.Here in this section we will try to automate the entire Process of clamAv using cronjob.We are using Red-hat enterprises Linux platform to test this.

Step 1: Install ClamAV

We can use yum command to install clamav in the server.

# yum install clamav clamav-db clamd

Try to start the clamav by typing the command below.

# /etc/init.d/clamd start

This automatically sets up a daily cron job which runs fresh clam to update virus definitions.

Step 2 : Create new cron jobs to run daily virus scans

First we need to create a file clamscan_daily in cron.daily folder.It will help us to paste our script in this file,all the files or scripts in this folder will run automatically daily.

Create a clamscan_daily file in the folder cron.daily

#vi /etc/cron.daily/clamscan_daily

Paste the below script in the file and save.

#!/bin/bash

# email subject

SUBJECT=”VIRUS DETECTED ON `hostname`!!!”

# Email To ?

EMAIL=”alert@domain.com”

# Log location

LOG=/var/log/clamav/scan.log

check_scan () {

# Check the last set of results. If there are any “Infected” counts that aren’t zero, we have a problem.

if [ `tail -n 12 ${LOG} | grep Infected | grep -v 0 | wc -l` != 0 ]

then

EMAILMESSAGE=`mktemp /tmp/virus-alert.XXXXX`

echo “To: ${EMAIL}” >> ${EMAILMESSAGE}

echo “From: alert@domain.com” >> ${EMAILMESSAGE}

echo “Subject: ${SUBJECT}” >> ${EMAILMESSAGE}

echo “Importance: High” >> ${EMAILMESSAGE}

echo “X-Priority: 1” >> ${EMAILMESSAGE}

echo “`tail -n 50 ${LOG}`” >> ${EMAILMESSAGE}

sendmail -t < ${EMAILMESSAGE}

fi

}

clamscan -r / –exclude-dir=/sys/ –quiet –infected log=${LOG}

Step 3 : set-up proper permission to the file

#chmod +x /etc/cron.hourly/clamscan_hourly

This steps will help to setup automation of clamav in the server and reports are send directly to the email given in the script.

If you require help, contact SupportPRO Server Admin

Server not running properly? Get A FREE Server Checkup By Expert Server Admins - $125 Value

How to Enable HTTP/3 and QUIC for Faster...

Practical migration roadmap from VMware to AWS 

5 Common Cloud Management Challenges and How to...

How to Troubleshoot “{name} is Not an IMAP4...

AWS Cost Optimization: Proven Strategies to Lower Your...

Application Server and Web Server: The Difference

SmarterMail Troubleshooting: Fixing Delayed, Failed, and Undelivered Emails.

Step-by-step Guide to upgrade Disk Space in Xen...

Resolving the “Import Process Timed Out” Error in...

Resolving the “Remote Desktop Connection: An Internal Error...

Leave a Comment

CONTACT US

Sales and Support

Phone: 1-(847) 607-6123
Fax: 1-(847)-620-0626
Sales: sales@supportpro.com
Support: clients@supportpro.com
Skype ID: sales_supportpro

Postal Address

1020 Milwaukee Ave, #245,
Deerfield, IL-60015
USA

©2022  SupportPRO.com. All Rights Reserved

X-twitter Facebook Linkedin Rss