Mailing List Archive

* Vu, Hong-Duc V. via clamav-users <clamav-users@lists.clamav.net>:
> Hello everyone,
>
> I'm running clamav 103.9 on RHEL8 and RHEL7 from the EPEL repository. I notice the configuration file has a feature that rotates logs when it reaches a size I can configure: LogFileMaxSize. Is there an option in the configuration file that also compresses the log file when it rotates? I understand the logrotate service can do this but I would prefer if I could configure this in the clamav configuration file /etc/clamd.d/scan.conf along with LogFileMaxSize.
>
> Can this be added to a future release?

Use logrotate:
==============

/var/log/clamav/clamav.log {
rotate 7
daily
compress
delaycompress
create 640 clamav adm
postrotate
if [ -d /run/systemd/system ]; then
systemctl -q is-active clamav-daemon && systemctl kill --signal=SIGHUP clamav-daemon || true
else
invoke-rc.d clamav-daemon reload-log > /dev/null || true
fi
endscript
}


/var/log/clamav/freshclam.log {
rotate 28
daily
compress
delaycompress
missingok
create 640 clamav adm
postrotate
if [ -d /run/systemd/system ]; then
systemctl -q is-active clamav-freshclam && systemctl kill --signal=SIGHUP clamav-freshclam || true
else
invoke-rc.d clamav-freshclam reload-log > /dev/null ||true
fi
endscript
}


--
Ralf Hildebrandt
Charité - Universitätsmedizin Berlin
Geschäftsbereich IT | Abteilung Netz | Netzwerk-Administration
Invalidenstraße 120/121 | D-10115 Berlin

Tel. +49 30 450 570 155
ralf.hildebrandt@charite.de
https://www.charite.de
_______________________________________________

Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation

https://docs.clamav.net/#mailing-lists-and-chat

> Use logrotate:
==============


Thank you Ralf. I take that to mean there is no compression directive in the configuration file by default.

Are there plans to add this feature to a future release, Micah?


Hong-Duc Vu
Email: hong-duc.vu@jhuapl.edu




_______________________________________________

Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation

https://docs.clamav.net/#mailing-lists-and-chat

On Tue, 24 Oct 2023, Vu, Hong-Duc V. via clamav-users wrote:

>> Use logrotate:
> ==============
>
>
> Thank you Ralf. I take that to mean there is no compression directive in the configuration file by default.
>
> Are there plans to add this feature to a future release, Micah?

I guess this might be useful in docker or a similar container,
but it would be a lot if work to do it on every platform
and unless you include the right optional features, a lot
of people will use logrotate anyway.

--
Andrew C. Aitchison Kendal, UK
andrew@aitchison.me.uk
_______________________________________________

Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation

https://docs.clamav.net/#mailing-lists-and-chat

There are no plans to add compression for log files. And I can't recall any prior feature request asking for this though I see the appeal. Feel free to put in a feature request issue on GitHub.

I imagine it wouldn't be hard to add this feature. If anyone wants to contribute this feature, you're welcome to. My team is unfortunately down a developer, and already behind on other work. It is unlikely that we'll pick it up ourselves.

Regards,
Micah


Micah Snyder
ClamAV Development
Talos
Cisco Systems, Inc.
________________________________
From: clamav-users <clamav-users-bounces@lists.clamav.net> on behalf of Andrew C Aitchison via clamav-users <clamav-users@lists.clamav.net>
Sent: Tuesday, October 24, 2023 12:20 PM
To: Vu, Hong-Duc V. via clamav-users <clamav-users@lists.clamav.net>
Cc: Andrew C Aitchison <clamav@aitchison.me.uk>; Vu, Hong-Duc V. <HD.Vu@jhuapl.edu>
Subject: Re: [clamav-users] [ext] Compressing log files with clamav

On Tue, 24 Oct 2023, Vu, Hong-Duc V. via clamav-users wrote:

>> Use logrotate:
> ==============
>
>
> Thank you Ralf. I take that to mean there is no compression directive in the configuration file by default.
>
> Are there plans to add this feature to a future release, Micah?

I guess this might be useful in docker or a similar container,
but it would be a lot if work to do it on every platform
and unless you include the right optional features, a lot
of people will use logrotate anyway.

--
Andrew C. Aitchison Kendal, UK
andrew@aitchison.me.uk
_______________________________________________

Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation

https://docs.clamav.net/#mailing-lists-and-chat