Hi there,
thanks for your response, Ged.
We are using ClamAV as a TCP/IP Socket Scanner. Clamav-milter is not installed.
Thanks and regards
Max
-----Urspr?ngliche Nachricht-----
Von: clamav-users <clamav-users-bounces@lists.clamav.net> Im Auftrag von G.W. Haywood via clamav-users
Gesendet: Donnerstag, 23. April 2020 11:07
An: ClamAV users ML <clamav-users@lists.clamav.net>
Cc: G.W. Haywood <clamav@jubileegroup.co.uk>
Betreff: [EXTERN]Re: [clamav-users] Is there an option to see the scan duration in the log?
Hi there,
On Thu, 23 Apr 2020, Kreidenberg, Maximilian, 22D wrote:
> we are using clamav in our production environment and we need to find
> out how long a scan takes. Is there an option to display the duration
> of a scan in the logfile? I already searched for it in the
> documentation and manpage but I found nothing.
It depends very much on how you're scanning things. If you're running a scan from the command line or a script, you could simply send the output to the log instead of viewing it on the terminal, for example
clamdscan /path/to/directory_to_be_scanned/ | logger -t 'ClamAV'
If you're using a milter for example you may need to be a little more creative. My own milter logs data volumes and scan times (it calls functions in a high resolution time library), and calculates and logs scan rates. For example:
Apr 23 09:13:50 mail6 xm[19164]: 03N8DU43017692: xm_scan(9473): [167.89.86.166], Attempting to send [13890] bytes to ClamAV daemon from entire_message...
Apr 23 09:13:50 mail6 xm[19164]: 03N8DU43017692: xm_scan(9473): [167.89.86.166], Sent [13890] bytes to clamd...
Apr 23 09:13:51 mail6 xm[19164]: 03N8DU43017692: xm_scan(9473): [167.89.86.166], clamd on IP [192.168.44.7] port [3313] replied [stream: OK] Apr 23 09:13:51 mail6 xm[19164]: 03N8DU43017692: xm_scan(9473): [167.89.86.166], clamd on IP [192.168.44.7] port [3313] scanned [13890] bytes in [1.177] seconds (11.797 kbytes/sec), nothing found in entire_message
This example is running on a Raspberry Pi 4B, and the milter warns me if scan rates fall below some more or less arbitrary limit. I'm not sure now why I did that. :)
How are you scanning things?
--
73,
Ged.
_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
thanks for your response, Ged.
We are using ClamAV as a TCP/IP Socket Scanner. Clamav-milter is not installed.
Thanks and regards
Max
-----Urspr?ngliche Nachricht-----
Von: clamav-users <clamav-users-bounces@lists.clamav.net> Im Auftrag von G.W. Haywood via clamav-users
Gesendet: Donnerstag, 23. April 2020 11:07
An: ClamAV users ML <clamav-users@lists.clamav.net>
Cc: G.W. Haywood <clamav@jubileegroup.co.uk>
Betreff: [EXTERN]Re: [clamav-users] Is there an option to see the scan duration in the log?
Hi there,
On Thu, 23 Apr 2020, Kreidenberg, Maximilian, 22D wrote:
> we are using clamav in our production environment and we need to find
> out how long a scan takes. Is there an option to display the duration
> of a scan in the logfile? I already searched for it in the
> documentation and manpage but I found nothing.
It depends very much on how you're scanning things. If you're running a scan from the command line or a script, you could simply send the output to the log instead of viewing it on the terminal, for example
clamdscan /path/to/directory_to_be_scanned/ | logger -t 'ClamAV'
If you're using a milter for example you may need to be a little more creative. My own milter logs data volumes and scan times (it calls functions in a high resolution time library), and calculates and logs scan rates. For example:
Apr 23 09:13:50 mail6 xm[19164]: 03N8DU43017692: xm_scan(9473): [167.89.86.166], Attempting to send [13890] bytes to ClamAV daemon from entire_message...
Apr 23 09:13:50 mail6 xm[19164]: 03N8DU43017692: xm_scan(9473): [167.89.86.166], Sent [13890] bytes to clamd...
Apr 23 09:13:51 mail6 xm[19164]: 03N8DU43017692: xm_scan(9473): [167.89.86.166], clamd on IP [192.168.44.7] port [3313] replied [stream: OK] Apr 23 09:13:51 mail6 xm[19164]: 03N8DU43017692: xm_scan(9473): [167.89.86.166], clamd on IP [192.168.44.7] port [3313] scanned [13890] bytes in [1.177] seconds (11.797 kbytes/sec), nothing found in entire_message
This example is running on a Raspberry Pi 4B, and the milter warns me if scan rates fall below some more or less arbitrary limit. I'm not sure now why I did that. :)
How are you scanning things?
--
73,
Ged.
_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml