#8 Support for clamav statistics
ClamAV (http://clamav.sf.net/) is a great free open
source antivirus package. It can easily be connected
to sendmail/postfix/etc so it is an invaluable tool on
a Unix server.
It can record its results in either its own log file or
syslog. Here are a couple examples:
/var/log/clamav/clamd.log
Tue Jun 15 15:31:23 2004 -> stream: Worm.SomeFool.P FOUND
Tue Jun 15 15:53:05 2004 -> stream: Worm.Bagle.Z FOUND
Tue Jun 15 16:00:41 2004 -> stream: Worm.Bagle.Gen-1 FOUND
/var/log/messages:
Jun 15 15:31:23 shark clamd[1576]: stream:
Worm.SomeFool.P FOUND
Jun 15 15:53:05 shark clamd[1576]: stream: Worm.Bagle.Z
FOUND
Jun 15 16:00:41 shark clamd[1576]: stream:
Worm.Bagle.Gen-1 FOUND
It should be fairly simple to modify current "worms"
module to gather statistics on types and numbers of
viruses found by clamav. The graph should then display
the total number of viruses found and also an
aggregation by virus type.
Also, be aware that clamd.log is automatically rotated
by clamav into clamd.log.1, clamd.log.2, etc.
