AW: Monitoring clamav signature updates
Schmitz, Carsten
Carsten.Schmitz at aegon.com
Mon Feb 21 11:48:12 CET 2005
> but how to integrate with Nagios?
Shell script. Code your "signature compare" logic in your prefered shell using awk or cut and test (or perl or any other language), output error level 0 for okay, 1 warning, 2 error.
But I have troubles seeing how to deduct the signature freshness from those commands (maybe thats just me, my clamav isn't production and not up-to-date).
But why not just use freshclam for Nagios? Call freshclam from shell script, grep for "<filename.cvd> is is up to date", return code 0 if found, 2 if not. Much easier.
Here's my (much outdated ;) freshclam output so you can see what to grep for:
freshclam
ClamAV update process started at Mon Feb 21 11:43:30 2005
Reading CVD header (main.cvd): OK
main.cvd is up to date (version: 29, sigs: 29086, f-level: 3, builder: tomek)
Reading CVD header (daily.cvd): OK
daily.cvd is up to date (version: 718, sigs: 1929, f-level: 4, builder: tkojm)
WARNING: Your ClamAV installation is OUTDATED - please update immediately!
WARNING: Current functionality level = 3, required = 4
Cheers,
Carsten
-----Original Message-----
From: nagios-users-admin at lists.sourceforge.net
[mailto:nagios-users-admin at lists.sourceforge.net]On Behalf Of Tommy
Abrahamsson
Sent: Monday, February 21, 2005 8:36 AM
To: nagios-users at lists.sourceforge.net
Subject: Re: AW: [Nagios-users] Monitoring clamav signature updates
Thank you, but maybe I wasn't clear enough. Sending emails is not a
problem, Nagios does this very well. I'm interested in seeing the status
of a clamav daemon - whether it's updated or not - with the latest virus
signatures. The 2 mentioned commands, can get the values, but how to
integrate with Nagios?
Thanks.
Best regards
On Mon, 2005-02-21 at 08:16 +0100, Thomas Jungbauer wrote:
> Hi,
>
> I am using a perl script, which can be downloaded at: http://www.logix.cz/michal/devel/smtp/smtp-client.pl
>
> However, to use this script together with nagios you will have to make some modifications on the script. (ie: using utils and libs for nagios and changing some error-codes, to retrieve correct return states which can be used by the nagios deamon.)
>
> Best Regards
> Thomas
>
>
>
> -----Ursprüngliche Nachricht-----
> Von: nagios-users-admin at lists.sourceforge.net [mailto:nagios-users-admin at lists.sourceforge.net] Im Auftrag von Tommy Abrahamsson
> Gesendet: Sonntag, 20. Februar 2005 17:27
> An: nagios-users at lists.sourceforge.net
> Betreff: [Nagios-users] Monitoring clamav signature updates
>
> Hi
>
> I'm trying to figure out the best way of monitoring if a ClamAV daemon
> (www.clamav.net) is updated properly with the latest signatures.
>
> My idea was to have some kind of plugin comparing the local value -
> "sigtool -i /path/to/signature" - with the official values - "host -t
> txt current.cvd.clamav.net".
>
> It'll be cool if Nagios could do this. So do somebody out here already
> have experiences with this, or maybe already written a plugin?
> What would be the best way, using a NSCA or NRPE to achieve this kind of
> monitoring?
>
> Thanks in advance.
> Best regards
>
>
>
>
> -------------------------------------------------------
> SF email is sponsored by - The IT Product Guide
> Read honest & candid reviews on hundreds of IT Products from real users.
> Discover which products truly live up to the hype. Start reading now.
> http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
> _______________________________________________
> Nagios-users mailing list
> Nagios-users at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/nagios-users
> ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue.
> ::: Messages without supporting info will risk being sent to /dev/null
>
-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_ide95&alloc_id396&op=ick
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue.
::: Messages without supporting info will risk being sent to /dev/null
More information about the Users
mailing list