-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathclamscan_daily.sh
45 lines (37 loc) · 1.59 KB
/
clamscan_daily.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
#!/bin/bash
#============================================#
# User configuration section #
#============================================#
# email subject for detection of infected items
SUBJECT="VIRUS DETECTED ON `hostname`!!!"
#email subject for no infected items
SUBJECTOK="ClamAV daily scan on `hostname` = OK"
# Email To ?
EMAIL="[email protected]"
# Log location
LOG=/var/log/clamav/scan.log
#============================================#
check_scan () {
# Check the last set of results. If there are any "Infected" counts that aren't zero, we have a problem.
if [ `tail -n 12 ${LOG} | grep Infected | grep -v 0 | wc -l` != 0 ]
then
EMAILMESSAGE=`mktemp /tmp/virus-alert.XXXXX`
echo "To: ${EMAIL}" >> ${EMAILMESSAGE}
echo "From: [email protected]" >> ${EMAILMESSAGE}
echo "Subject: ${SUBJECT}" >> ${EMAILMESSAGE}
echo "Importance: High" >> ${EMAILMESSAGE}
echo "X-Priority: 1" >> ${EMAILMESSAGE}
echo "`tail -n 50 ${LOG}`" >> ${EMAILMESSAGE}
sendmail -t < ${EMAILMESSAGE}
else
EMAILMESSAGE=`mktemp /tmp/virus-alert.XXXXX`
echo "To: ${EMAIL}" >> ${EMAILMESSAGE}
echo "From: [email protected]" >> ${EMAILMESSAGE}
echo "Subject: ${SUBJECTOK}" >> ${EMAILMESSAGE}
echo "X-Priority: 1" >> ${EMAILMESSAGE}
echo "Daily scan completed with 0 infected items discovered" >> ${EMAILMESSAGE}
sendmail -t < ${EMAILMESSAGE}
fi
}
ionice -c3 nice -n 19 clamscan -r / --exclude-dir=/sys/ --exclude-dir=/dev --exclude-dir=/proc--quiet --infected --log=${LOG}
check_scan