-
Notifications
You must be signed in to change notification settings - Fork 18
/
clamscan-daily-script.sh
42 lines (35 loc) · 1.39 KB
/
clamscan-daily-script.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
#!/bin/bash
# written by Tomas Nevar ([email protected])
# 17/01/2014 (dd/mm/yy)
# copyleft free software
#
LOGFILE="/var/log/clamav/clamav-$(date +'%Y-%m-%d').log";
HOST="$(hostname --long)";
EMAIL_MSG="Please see the log file attached.";
EMAIL_FROM="clamav-daily@${HOST}";
EMAIL_TO="[email protected]";
DIRTOSCAN="/home";
# Check for mail installation
type mail >/dev/null 2>&1 || { echo >&2 "I require mail but it's not installed. Aborting."; exit 1; };
# Update ClamAV database
echo "Looking for ClamAV database updates...";
freshclam --quiet;
TODAY=$(date +%u);
if [ "$TODAY" == "6" ];then
echo "Starting a full weekend scan.";
# be nice to others while scanning the entire root
nice -n5 clamscan -ri / --exclude-dir=/sys/ --exclude-dir=/proc/ &>"${LOGFILE}";
else
# total size if we use something like /home/*/public_html for scanning
DIRSIZE=$(du -shc $DIRTOSCAN 2>/dev/null| cut -f1 | tail -1)
echo -e "Starting a daily scan of ${DIRTOSCAN} directory.\nAmount of data to be scanned is ${DIRSIZE}.";
nice -n19 clamscan -ri $DIRTOSCAN &>"${LOGFILE}"
fi
# get the value of "Infected lines"
MALWARE=$(tail "${LOGFILE}"|grep Infected|cut -d" " -f3);
# if the value is not equal to zero, send an email with the log file attached
if [ "${MALWARE}" -ne "0" ]; then
echo "${EMAIL_MSG}"|mail -a "${LOGFILE}" -s "ClamAV: Malware Found" -r "${EMAIL_FROM}" "${EMAIL_TO}";
fi
echo "The script has finished.";
exit 0;