Monitoring clamav signature updates

Bryan Loniewski brylon at jla.rutgers.edu
Mon Feb 21 16:48:59 CET 2005


> Hi
>
> I'm trying to figure out the best way of monitoring if a ClamAV daemon
> (www.clamav.net) is updated properly with the latest signatures.
>
> My idea was to have some kind of plugin comparing the local value -
> "sigtool -i /path/to/signature" - with the official values - "host -t
> txt current.cvd.clamav.net".
>
> It'll be cool if Nagios could do this. So do somebody out here already
> have experiences with this, or maybe already written a plugin?
> What would be the best way, using a NSCA or NRPE to achieve this kind of
> monitoring?
>
> Thanks in advance.
> Best regards

We kind of do this... We just check the file age of our *.cvd file and if its older than X
(we use 48 hours to warn and 72 hours for critical) determine if in fact it should have
been updated!  In the past few months since we've been doing this check, we rarely ever
see the warning and I don't ever recall seeing the critical.

Bryan


-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null





More information about the Users mailing list