Mailing List Archive

Hi there,

On Wed, 30 Sep 2020, Carlos André via clamav-users wrote:

> I'm new to Clamav and have one question regarding the scan summary.
>
> When running the command clamdscan I'm unable to get a report as detailed
> as the one obtained via clamscan.

That's right.

> Do you know if it's possible to output that missing information?

Do you understand the main differences between clamscan and clamdscan?
It really depends what you call 'missing'. Some of it is simply not
available when you use clamdscan because, although its name is very
similar, it is a completely different tool from clamscan. Other parts
of it might be fudged by some means, but if you can tell us what you
actually need it will help determine the level of effort required in
the fudging process. If it's just about comfort level, then you might
need to work on that in other ways.

> Maybe I missed some configuration in /etc/clamd.d/scan.conf that
> enables that information.

I've never personally seen a file called 'scan.conf' on any system
with ClamAV installed on it. You don't get one if you install from
the source as distributed by Cisco/Talos on the ClamAV Website, so I
know that you must have installed from some distribution's package or
other. Perhaps you can tell us a little more about your system and
about how you obtained ClamAV, and - perhaps more importantly - why.

> To get an idea of this difference, here follows an example:
>
> [root@ip-x-x-x-x ~]# clamdscan --stdout -i /root

The '-i' option has no effect on clamdscan, please read the 'man' page
for clamdscan. You might want to check out the other man pages too.

Are you romping around your system logged in as root? If so, that's a
Very Bad Idea.

--

73,
Ged.

_______________________________________________

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

> On Wed, 30 Sep 2020 5:12 AM, G.W. Haywood via clamav-users wrote:
> On Wed, 30 Sep 2020, Carlos André via clamav-users wrote:
> > Maybe I missed some configuration in /etc/clamd.d/scan.conf that
> > enables that information.
>
> I've never personally seen a file called 'scan.conf' on any system with ClamAV
> installed on it. You don't get one if you install from the source as distributed
> by Cisco/Talos on the ClamAV Website, so I know that you must have installed
> from some distribution's package or other. Perhaps you can tell us a little
> more about your system and about how you obtained ClamAV, and - perhaps
> more importantly - why.

I think " /etc/clamd.d/scan.conf " is Fedora's equivalent of clamd.conf. It's obnoxious that they've gone and renamed it, but it should function the same.

For Carlos: No there's no option to make the clamdscan summary match the clamscan summary. ClamDscan gets scan results from ClamD over a socket and a public protocol. Clamscan on the other hand has all the data readily available so it's much easier to add summary info to Clamscan than ClamDscan. The protocol used to communicate with ClamD also has to be stable because there are 3rd-party programs which interact with ClamD. For this reason, Clamscan has more info in the summary. It would certainly be nice to have the outputs match, but I'm not sure how easy that will be without breaking the API. Then again, I’m really not that familiar with the protocol. It might not be too bad.

Anyways, TL;DR is that yes ClamDscan has less detail in the summary, and no - there's not much to be done about it at present.

-Micah

_______________________________________________

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml