How to tell if clamav have detected some malware?

Kent Brockman

Well-Known Member
PartnerNOC
Jan 20, 2008
1,287
64
178
Buenos Aires, Argentina
cPanel Access Level
Root Administrator
Hello guys. After one year of functions, I want to evaluate if ClamAV have found any threats in our servers/mails. Is there any logs being saved? Are quarantined files saved to any folder? Do you have any docs on this?

Thanks!
 

ModServ

Well-Known Member
Oct 17, 2006
337
5
168
Egypt
cPanel Access Level
Root Administrator
Did you schedule ClamAV to work on specific times, perform scans manually or do you use CallUploadScript?

In all situations you can use the command like this:
Code:
clamdscan --quiet --log=/var/log/threats.log
Check those also:
Code:
clamdscan --help
clamscan --help
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,904
2,218
463
Hello :)

Keep in mind that ClamAV only scans your email by default. You can see recent activity with a command such as:

Code:
zgrep -Hn "This message contains a virus or other harmful content" /var/log/exim_rejectlog*
It won't scan your system files automatically, unless you setup a cron job to do so.

Thank you.