[mrtg] Re: graphing clamd (antivirus) activity..

Jason jason at monsterjam.org
Tue Dec 14 02:45:17 MET 2004

> Possible solution for the problem:                                                                           
> * Apply 'stdout' patch to clamav, which enables logging to stdout.                                           
>   Note that you have to modify the patch manually so that it won't                                           
>   rejected.                                                                                                  
>   http://www.mail-archive.com/clamav-users@lists.sourceforge.net/msg07148/stdout-log.patch                   
Not sure I understand what this is supposed to do.                                                             
> * Start clamd via daemontools rather than usual init script.                                                 
>   See docs/clamd_supervised/clamd-daemontools-guide.txt                                                      
well, I looked this over but it doesnt seem to exist for clamav-0.80                                           
seems that some of the options changed in the clamd.conf file                                                  
i.e. "StreamSaveToDisk"                                                                                        
> > how do I get it to only look at that "10" for one hour then look for                                       
> > newer data?                                                                                                
> In theory, you have to add at least 2 functions, first part is to save                                       
> 'last seen' timestamp of last record of log file, second part is to                                          
> skip 'already seen' records which utilize the 'last seen' timestamp                                          
> saved by first part.                                                                                         
> Or, you can simply skip the records older than (current - 300secs).                                          
is there an example of how to do this somewhere I can look at?                                                 

Unsubscribe mailto:mrtg-request at list.ee.ethz.ch?subject=unsubscribe
Archive     http://www.ee.ethz.ch/~slist/mrtg
FAQ         http://faq.mrtg.org    Homepage     http://www.mrtg.org
WebAdmin    http://www.ee.ethz.ch/~slist/lsg2.cgi

More information about the mrtg mailing list