Hello;
Running for 525 minutes at >90% CPU seems not good. Causes noticeable
delay in command line activity for all users.
We've got this cronjob:
30 1 * * * /usr/bin/freshclam 2>&1 && /usr/bin/clamscan -o -i -r --quiet /
| mail -s "Clam AV Scan Results for $(hostname -s)" itdept@domain.com
on this Linux:
# uname -a
Linux server.domain.com 2.6.32-754.2.1.el6.x86_64 #1 SMP Fri Jul 13
12:50:12 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
Clamscan appeared as the busiest process in top, 8 hours after launch:
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
23043 root 20 0 765m 639m 2520 R 90.6 16.2 525:56.48 clamscan
3071 mysql 20 0 2228m 50m 3552 S 2.3 1.3 4778:31 mysqld
28772 apache 20 0 349m 17m 5652 S 1.7 0.4 0:16.38 httpd
Producing these logs:
--------------------------------------
ClamAV update process started at Sun May 19 01:30:01 2019
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.100.1 Recommended version: 0.101.2
DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav
main.cvd is up to date (version: 58, sigs: 4566249, f-level: 60,
builder: sigmgr)
Downloading daily-25454.cdiff [100%]
daily.cld updated (version: 25454, sigs: 1574664, f-level: 63, builder: raynman)
bytecode.cld is up to date (version: 328, sigs: 94, f-level: 63, builder: neo)
[LibClamAV] Detected duplicate databases /var/lib/clamav/main.cvd and
/var/lib/clamav/main.cld, please manually remove one of them
Database updated (6141007 signatures) from db.local.clamav.net (IP:
104.16.219.84)
--------------------------------------
ClamAV update process started at Sun May 19 03:14:01 2019
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.100.1 Recommended version: 0.101.2
DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav
main.cvd is up to date (version: 58, sigs: 4566249, f-level: 60,
builder: sigmgr)
daily.cld is up to date (version: 25454, sigs: 1574664, f-level: 63,
builder: raynman)
bytecode.cld is up to date (version: 328, sigs: 94, f-level: 63, builder: neo)
Any help would be greatly appreciated!
Thank you -
Clarkman
Running for 525 minutes at >90% CPU seems not good. Causes noticeable
delay in command line activity for all users.
We've got this cronjob:
30 1 * * * /usr/bin/freshclam 2>&1 && /usr/bin/clamscan -o -i -r --quiet /
| mail -s "Clam AV Scan Results for $(hostname -s)" itdept@domain.com
on this Linux:
# uname -a
Linux server.domain.com 2.6.32-754.2.1.el6.x86_64 #1 SMP Fri Jul 13
12:50:12 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
Clamscan appeared as the busiest process in top, 8 hours after launch:
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
23043 root 20 0 765m 639m 2520 R 90.6 16.2 525:56.48 clamscan
3071 mysql 20 0 2228m 50m 3552 S 2.3 1.3 4778:31 mysqld
28772 apache 20 0 349m 17m 5652 S 1.7 0.4 0:16.38 httpd
Producing these logs:
--------------------------------------
ClamAV update process started at Sun May 19 01:30:01 2019
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.100.1 Recommended version: 0.101.2
DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav
main.cvd is up to date (version: 58, sigs: 4566249, f-level: 60,
builder: sigmgr)
Downloading daily-25454.cdiff [100%]
daily.cld updated (version: 25454, sigs: 1574664, f-level: 63, builder: raynman)
bytecode.cld is up to date (version: 328, sigs: 94, f-level: 63, builder: neo)
[LibClamAV] Detected duplicate databases /var/lib/clamav/main.cvd and
/var/lib/clamav/main.cld, please manually remove one of them
Database updated (6141007 signatures) from db.local.clamav.net (IP:
104.16.219.84)
--------------------------------------
ClamAV update process started at Sun May 19 03:14:01 2019
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.100.1 Recommended version: 0.101.2
DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav
main.cvd is up to date (version: 58, sigs: 4566249, f-level: 60,
builder: sigmgr)
daily.cld is up to date (version: 25454, sigs: 1574664, f-level: 63,
builder: raynman)
bytecode.cld is up to date (version: 328, sigs: 94, f-level: 63, builder: neo)
Any help would be greatly appreciated!
Thank you -
Clarkman