Skip to content

ClamAv

/etc/cron.d/clamav_scan

#
15 4    * * *   root  /etc/clamav/scan_www.sh >/dev/null 2>&1
#

/etc/clamav/scan_www.sh

#!/bin/bash
# Debian 8
Log="/var/log/clamav/scan_www.log"
# dir
Dir="/var/www"
#
echo `date +"%Y-%m-%d %H:%M:%S"` START SCAN ${Dir} >>${Log}
ionice -c 3 nice -10 clamscan -l ${Log} -i -r ${Dir}
#
if [ `tail -n 12 ${Log} | grep Infected |  awk {'print $3'}` != 0 ]
then
cat ${Log} | mail -s "`hostname` Virus on Webserver!" root
fi

/etc/logrotate.d/clamav-scan

/var/log/clamav/scan_www.log
{
     rotate 14
     daily
     compress
     delaycompress
     missingok
}

cформируем список файлов из лога 

cat /var/log/clamav/scan_wwww.log  | grep FOUND | awk -F ":" {'print $1'} > /tmp/virus_clamav