Arnaud,
I now understand that we do not run the daemon. We update and scan from cron. I stumbled on a work around I *think*
$ sigtool --version
ClamAV 0.99.4/25394/Wed Mar 20 07:52:02 2019
VS
$freshclam -V
ClamAV 0.99.4
Thanks,
Sean Clark <> Sr Network Engineer
“An ounce of prevention is worth a pound of cure”
ServiceNow <> office 425-305-2269
From: Arnaud Jacques <webmaster@securiteinfo.com>
Date: Wednesday, March 20, 2019 at 9:32 AM
To: ClamAV users ML <clamav-users@lists.clamav.net>
Cc: Sean Clark <Sean.Clark@servicenow.com>, Alexandru Cojan <alexandru.cojan@servicenow.com>
Subject: Re: [clamav-users] freshclam -V output
[External Email]
Sean,
Here is the resolution I applied when I get this problem (on Debian OS) :
# clamdscan -V
ClamAV 0.100.0
(not information about loaded databases)
vi /etc/systemd/system/clamav-daemon.socket.d/extend.conf
[Socket]
ListenStream=127.0.0.1:3310
(check if the 2 above lines are present)
systemctl --system daemon-reload
systemctl restart clamav-daemon.socket
systemctl restart clamav-daemon.service
vi /etc/clamav/clamd.conf
TCPSocket 3310
TCPAddr 127.0.0.1
/etc/init.d/clamav-daemon restart
(it worked at this point).
Hope it helps....
Le 20/03/2019 à 13:12, Sean Clark via clamav-users a écrit :
Arnaud,
Thank you so much for the direction! I am still having problems. I get a server working, but I try to apply what I thought was the fix to other servers and it does not work. I am missing the target ???? Could you/or someone help me with the failure scenarios?
* the virus database is not (already) loaded in memory
How do I verify for this?
* when clamdscan client cannot connect to clamd daemon
$ps -aux | grep clam
sean.cl+ 372 0.0 0.0 13136 1052 pts/0 S+ 11:48 0:00 grep clam
$ freshclam -V
ClamAV 0.100.2
I don’t see any daemon running on the servers that are working and not working. What are the connection details for this? Just to recap the problem statement is that ‘freshclam -V’ does not have the right output.
Thanks,
Sean Clark <> Sr Network Engineer
“An ounce of prevention is worth a pound of cure”
ServiceNow <> office 425-305-2269
From: clamav-users <clamav-users-bounces@lists.clamav.net><mailto:clamav-users-bounces@lists.clamav.net> on behalf of Arnaud Jacques <webmaster@securiteinfo.com><mailto:webmaster@securiteinfo.com>
Reply-To: ClamAV users ML <clamav-users@lists.clamav.net><mailto:clamav-users@lists.clamav.net>
Date: Thursday, March 14, 2019 at 9:43 AM
To: "clamav-users@lists.clamav.net"<mailto:clamav-users@lists.clamav.net> <clamav-users@lists.clamav.net><mailto:clamav-users@lists.clamav.net>
Subject: Re: [clamav-users] freshclam -V output
[External Email]
Hello Sean,
Le 14/03/2019 à 13:53, Sean Clark via clamav-users a écrit :
Hello,
I have read through the archives and could not find a solution. Also I apologize in advance as this might be dumb question. We have our monitoring setup to check the update status from the output of `freshclam -V`. We are using clamav on Ubuntu and CentOS. We cannot figure out what controls the output behavior described below.
This is what we have always seen:
(CentOS Linux release 7.4.1708 (Core))
$ freshclam -V
ClamAV 0.98.7/25387/Wed Mar 13 11:24:46 2019
This is the problem we are facing when porting over to Ubuntu
(Ubuntu 18.04.1 LTS)
$ freshclam -V
ClamAV 0.99.4
OR
$ freshclam -V
ClamAV 0.100.2
As you can see its lacking what we believe is the ‘latest definitions update time’. I see the man page says `-V` should just be version so I am not sure how we are getting that time stamp. Any thoughts on this?
It happens when the virus database is not (already) loaded in memory and/or when clamdscan client cannot connect to clamd daemon (tcp or socket problem).
--
Cordialement / Best regards,
Arnaud Jacques
Gérant de SecuriteInfo.com
Téléphone : +33-(0)3.44.39.76.46
E-mail : aj@securiteinfo.com<mailto:aj@securiteinfo.com>
Site web :
https://www.securiteinfo.com<
https://urldefense.proofpoint.com/v2/url?u=https-3A__www.securiteinfo.com&d=DwMDaQ&c=Zok6nrOF6Fe0JtVEqKh3FEeUbToa1PtNBZf6G01cvEQ&r=bsOGoFUL2hxM4uEAycB9huubhS2KF5MoFEHyC01Cs0w&m=uB7EYN5Kyqg0eo0tdJfmthbYA1hmqqv1NWCfJZqonXU&s=gxkxeXtiQ-oISdE05ScylHwhsRgiuRnGyE5Lfc21DAU&e=>
Facebook :
https://www.facebook.com/pages/SecuriteInfocom/132872523492286<
https://urldefense.proofpoint.com/v2/url?u=https-3A__www.facebook.com_pages_SecuriteInfocom_132872523492286&d=DwMDaQ&c=Zok6nrOF6Fe0JtVEqKh3FEeUbToa1PtNBZf6G01cvEQ&r=bsOGoFUL2hxM4uEAycB9huubhS2KF5MoFEHyC01Cs0w&m=uB7EYN5Kyqg0eo0tdJfmthbYA1hmqqv1NWCfJZqonXU&s=9EskCuuMdLCkfRpJPI7CAhohVsNrxuyxaRJmb_8z4zg&e=>
Twitter : @SecuriteInfoCom
Securiteinfo.com
La Sécurité Informatique - La Sécurité des Informations.
266, rue de Villers
60123 Bonneuil en Valois
_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net<mailto:clamav-users@lists.clamav.net>
https://lists.clamav.net/mailman/listinfo/clamav-users<
https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.clamav.net_mailman_listinfo_clamav-2Dusers&d=DwMDaQ&c=Zok6nrOF6Fe0JtVEqKh3FEeUbToa1PtNBZf6G01cvEQ&r=bsOGoFUL2hxM4uEAycB9huubhS2KF5MoFEHyC01Cs0w&m=7Et_Vt35fcd0cVkcek2kS8AxpVcN-pZ9cgtDYBWmkyY&s=fM6L3oZACYTt5SXv6ulyy7fNtLKYlqqg1zV3nWFE26g&e=>
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq<
https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_vrtadmin_clamav-2Dfaq&d=DwMDaQ&c=Zok6nrOF6Fe0JtVEqKh3FEeUbToa1PtNBZf6G01cvEQ&r=bsOGoFUL2hxM4uEAycB9huubhS2KF5MoFEHyC01Cs0w&m=7Et_Vt35fcd0cVkcek2kS8AxpVcN-pZ9cgtDYBWmkyY&s=8SYyct6OU5VhYQwtHh784OV3oQ_EPU-HKaBbo_Nbd3A&e=>
http://www.clamav.net/contact.html#ml<
https://urldefense.proofpoint.com/v2/url?u=http-3A__www.clamav.net_contact.html-23ml&d=DwMDaQ&c=Zok6nrOF6Fe0JtVEqKh3FEeUbToa1PtNBZf6G01cvEQ&r=bsOGoFUL2hxM4uEAycB9huubhS2KF5MoFEHyC01Cs0w&m=7Et_Vt35fcd0cVkcek2kS8AxpVcN-pZ9cgtDYBWmkyY&s=22C6LsJ90dQuGrcS3I9rKD6e3IWh-bnWhGoGd_Gu1d0&e=>
--
Cordialement / Best regards,
Arnaud Jacques
Gérant de SecuriteInfo.com
Téléphone : +33-(0)3.44.39.76.46
E-mail : aj@securiteinfo.com<mailto:aj@securiteinfo.com>
Site web :
https://www.securiteinfo.com<
https://urldefense.proofpoint.com/v2/url?u=https-3A__www.securiteinfo.com&d=DwMDaQ&c=Zok6nrOF6Fe0JtVEqKh3FEeUbToa1PtNBZf6G01cvEQ&r=bsOGoFUL2hxM4uEAycB9huubhS2KF5MoFEHyC01Cs0w&m=7Et_Vt35fcd0cVkcek2kS8AxpVcN-pZ9cgtDYBWmkyY&s=t5dQmObPUgd1ob-duCMIrjrvcaAih_2d81WOoDbUD3M&e=>
Facebook :
https://www.facebook.com/pages/SecuriteInfocom/132872523492286<
https://urldefense.proofpoint.com/v2/url?u=https-3A__www.facebook.com_pages_SecuriteInfocom_132872523492286&d=DwMDaQ&c=Zok6nrOF6Fe0JtVEqKh3FEeUbToa1PtNBZf6G01cvEQ&r=bsOGoFUL2hxM4uEAycB9huubhS2KF5MoFEHyC01Cs0w&m=7Et_Vt35fcd0cVkcek2kS8AxpVcN-pZ9cgtDYBWmkyY&s=54VWLBtUaz6p1yVq6BDZ4qq70dNAki-fens_w2ek2VE&e=>
Twitter : @SecuriteInfoCom
Securiteinfo.com
La Sécurité Informatique - La Sécurité des Informations.
266, rue de Villers
60123 Bonneuil en Valois