Mailing List Archive: FW: How to programmatically determine if I have latest clamd software

FW: How to programmatically determine if I have latest clamd software

Jun 10, 2020, 5:42 PM

Post #1 of 3 (464 views)

Thanks.

I also have a similar cron script that updates clam daily.

What I’m looking for is a way to double check in case the script encounters a problem and cannot notify.

Unfortunately, your method using freshclam takes about 20 seconds, which is too long for a dashboard.

What I am looking for is a very quick way to determine if clam software is out of date.

I already know how to get the version on the server: Clamscan -V

I guess freshclam is the only way, but it has to do a bazillion things before it gives an answer.

I Was hoping for a quick way to ping somewhere and get the most recent version for comparison.

But I guess I’ll have to pull in the whole downloads page and read the version off that ?

From: Rick Cooper <rcooper@dwford.com>
Sent: Wednesday, June 10, 2020 7:21 PM
To: 'ClamAV users ML' <clamav-users@lists.clamav.net>
Cc: chayes@afo.net
Subject: RE: [clamav-users] How to programmatically determine if I have latest clamd software

look in the man page for freshclam:

--on-outdated-execute=COMMAND
Execute COMMAND when freshclam reports outdated version. In the command string %v will be replaced by the new version number.

in the config file OnOutdatedExecute

I have a script that sends me an email when freshclam sees the new version, and it's not talking about the DB version

you will also see log lines like this even when the dbs are up todate:

Your ClamAV installation is OUTDATED!
Local version: x.xxx.x Recommended version: y.yyy.y
DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav

Where x is the current version and y is the newest version

A very simple way to check is: freshclam --on-outdated-execute=">&2 echo %v" > /dev/null

which would return the new version if outdated and nothing otherwise.

My script parses the log and gets the Local version line for the email

Rick

_____

From: clamav-users [mailto:clamav-users-bounces@lists.clamav.net] On Behalf Of Cliff via clamav-users
Sent: Wednesday, June 10, 2020 5:02 PM
To: clamav-users@lists.clamav.net <mailto:clamav-users@lists.clamav.net>
Cc: chayes@afo.net <mailto:chayes@afo.net>
Subject: [clamav-users] How to programmatically determine if I have latest clamd software

I am building a php dashboard.

I would like to be able to ping my servers and get notified if clamd software (not signatures) is out of date.

This is for situations where my normal update process breaks for whatever reason.

Is there a command that will give me a yes/no answer?

If not, is there a URL I can ping to return the latest version number? Then I can run clamscan -V and compare the two.

Re: FW: How to programmatically determine if I have latest clamd software [ In reply to ]

clamav-users at lists

Jun 10, 2020, 6:38 PM

Post #2 of 3 (463 views)

Permalink

> Date: Wednesday, June 10, 2020 19:42:18 -0500
> From: Cliff via clamav-users <clamav-users@lists.clamav.net>
>
> I also have a similar cron script that updates clam daily.
>
> What I’m looking for is a way to double check in case the script
> encounters a problem and cannot notify.
>
> Unfortunately, your method using freshclam takes about 20 seconds,
> which is too long for a dashboard.
>
> What I am looking for is a very quick way to determine if clam
> software is out of date.
>

The current version can be gotten from the dns txt record of

current.cvd.clamav.net

The command:

dig +short current.cvd.clamav.net txt

will return the one line with that information, which (after a little
parsing) you can then compare with the version that your machines are
running.

_______________________________________________

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users

Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: FW: How to programmatically determine if I have latest clamd software [ In reply to ]

rcooper at dwford

Jun 11, 2020, 6:04 AM

Post #3 of 3 (460 views)

Permalink

You misunderstand what I meant, that was an example of how it works not an example to use in your dashboard. In my case if freshclam fails it sends me an email (another script trigger in the .conf file) and if it sees an outdated clam version it also sends me an email with the info from the log I showed you the first time. In your case I would think you would just parse the current version and recommended version and write them to a data file to be used by your dashboard and it would only be updated when the version changes, wouldn't make sense to query when the information change can be triggered by freshclam it's self anytime it updates. Freshclam it's self can trigger notice when there is an update issue.

Rick

_____

From: clamav-users [mailto:clamav-users-bounces@lists.clamav.net] On Behalf Of Cliff via clamav-users
Sent: Wednesday, June 10, 2020 8:42 PM
To: 'ClamAV users ML'
Cc: chayes@afo.net
Subject: [clamav-users] FW: How to programmatically determine if I have latest clamd software

Thanks.

I also have a similar cron script that updates clam daily.

What I’m looking for is a way to double check in case the script encounters a problem and cannot notify.

Unfortunately, your method using freshclam takes about 20 seconds, which is too long for a dashboard.

What I am looking for is a very quick way to determine if clam software is out of date.

I already know how to get the version on the server: Clamscan -V

I guess freshclam is the only way, but it has to do a bazillion things before it gives an answer.

I Was hoping for a quick way to ping somewhere and get the most recent version for comparison.

But I guess I’ll have to pull in the whole downloads page and read the version off that ?

From: Rick Cooper <rcooper@dwford.com>
Sent: Wednesday, June 10, 2020 7:21 PM
To: 'ClamAV users ML' <clamav-users@lists.clamav.net>
Cc: chayes@afo.net
Subject: RE: [clamav-users] How to programmatically determine if I have latest clamd software

look in the man page for freshclam:

--on-outdated-execute=COMMAND
Execute COMMAND when freshclam reports outdated version. In the command string %v will be replaced by the new version number.

in the config file OnOutdatedExecute

I have a script that sends me an email when freshclam sees the new version, and it's not talking about the DB version

you will also see log lines like this even when the dbs are up todate:

Your ClamAV installation is OUTDATED!
Local version: x.xxx.x Recommended version: y.yyy.y
DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav

Where x is the current version and y is the newest version

A very simple way to check is: freshclam --on-outdated-execute=">&2 echo %v" > /dev/null

which would return the new version if outdated and nothing otherwise.

My script parses the log and gets the Local version line for the email

Rick

_____

From: clamav-users [mailto:clamav-users-bounces@lists.clamav.net] On Behalf Of Cliff via clamav-users
Sent: Wednesday, June 10, 2020 5:02 PM
To: clamav-users@lists.clamav.net
Cc: chayes@afo.net
Subject: [clamav-users] How to programmatically determine if I have latest clamd software

I am building a php dashboard.

I would like to be able to ping my servers and get notified if clamd software (not signatures) is out of date.

This is for situations where my normal update process breaks for whatever reason.

Is there a command that will give me a yes/no answer?

If not, is there a URL I can ping to return the latest version number? Then I can run clamscan -V and compare the two.