Nagios plugin for monitoring ClamAV virus scans.
Install ClamAV.
Define a cron task for ClamAV to perform a scan, capturing the output in a logfile, e.g.
0 0 * * * root clamscan -r -i /var/www/uploads > /tmp/clamav.logDownload the check_clamav_scan script and make it executable.
Define a new command in the Nagios config, e.g.
define command {
command_name check_clamav_scan
command_line $USER1$/check_clamav_scan -l /tmp/clamav.log
}
Usage: ./check_clamav_scan -l <path> [options]
# exit OK if 0 infected files detected, CRITICAL if 1 or more detected
./check_clamav_scan -l /tmp/clamav.log
# exit UNKNOWN if logfile is more than 1 hour old
./check_clamav_scan -l /tmp/clamav.log -e '1 hour'
# exit OK if 0 infected files detected, WARNING if upto 10 detected, CRITICAL if 10 or more detected
./check_clamav_scan -l /tmp/clamav.log -c 10
# exit OK if upto 4 infected files detected, WARNING if upto 5 detected, CRITICAL if 10 or more detected
./check_clamav_scan -l /tmp/clamav.log -c 10 -w 5-l, --logfile <path> path to clamscan logfile
-e, --expiry <duration> expiry threshold for logfile
-w, --warning <number> number of infected files treat as WARNING
-c, --critical <number> number of infected files to treat as CRITICAL
-v, --verbose include the scan summary in the output
-V, --version output version
-h, --help output help information
-e/--expiryshould be a human readable duration, e.g. '1 hour', or '7 days'.-c/--criticaltakes priority over-w/--warning.
- Bash
cut,grep,rev,sed