From: Micah A. <mi...@ri...> - 2005-11-25 22:49:30
|
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Speaking of spam, has anyone done this for clamav in general? The newer clam packages output what worms/phishing scams/virii they find in /var/log/clamav/clamav.log... it would be easy to parse this to count the different occurances of found crud. I dont know the best way to do this outside of logtail, nor how to deal with the sheer number of potential graph elements (perhaps only the top 10 are graphed?)... An example from the log: Fri Nov 25 14:34:05 2005 -> /var/lib/amavis/tmp/amavis-20051125T143245-05482/parts/part-00003: Worm.Sober.U FOUND Fri Nov 25 14:25:50 2005 -> /var/lib/amavis/tmp/amavis-20051125T142355-03691/parts/part-00001: HTML.Phishing.Pay-17 FOUND Fri Nov 25 14:14:05 2005 -> /var/lib/amavis/tmp/amavis-20051125T141213-00770/parts/part-00001: HTML.Phishing.Auction-34 FOUND Fri Nov 25 13:43:42 2005 -> /var/lib/amavis/tmp/amavis-20051125T134323-26929/parts/part-00001: HTML.Phishing.Azon FOUND Fri Nov 25 13:12:28 2005 -> /var/lib/amavis/tmp/amavis-20051125T130958-20280/parts/part-00003: Worm.Mytob.HX FOUND Fri Nov 25 13:14:49 2005 -> SelfCheck: Database status OK. Fri Nov 25 13:15:23 2005 -> /var/lib/amavis/tmp/amavis-20051125T131057-20457/parts/part-00003: Worm.Sober.U FOUND Most of them are Sober.U right now... Micah Lupe Christoph wrote: > Quoting David Obando <da...@cr...>: > > >>enhancements are highly welcome! >>I use this plugin on a a Debian Sarge system with qmail/qmailscan. > > >>Get it at http://cryptix.de/david/downloads/munin-virus2. > > > David, can you please submit you plugins on SourceForge for inclusion > in the development branch, contributed plugins? And you should probably > name them something like qmailscanvcount or so to distinguish from > other plugins that provide statistics for AMaViS etc. > > Thanks, > Lupe Christoph -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) iD8DBQFDh5Up9n4qXRzy1ioRArS7AJwJh/iJNjHH1BatbTLhNrGwBdGJ3wCglyCg PZRLzEdiNcy8Z4YxHQtEkNQ= =iBmj -----END PGP SIGNATURE----- |