ClamAV Log Rotation (WAS: Antivirus suggestion...)

Jonathan T. Sage sagejona at theatre.msu.edu
Tue Mar 16 16:16:16 PST 2004 

Wayne Sierke wrote:

> <snip>
> 
>>Clamd log rotation:
>>
>>first and foremost, make sure that clamav is gonna drop a pidfile.  in 
>>/usr/local/etc/clamav.conf, uncomment:
>>
>># This option allows you to save the process identifier of the listening
>># daemon (main thread).
>>PidFile /var/run/clamd.pid
>>
>>then, add the following (one line) to /etc/newsyslog.conf
>>
>>/var/log/clamd.log 			644  3     *    $W0D1 BJ \
>>     /var/run/clamd.pid  1
>>
>>this will rotate the log once a week, keep 3 of them (current log +3 
>>weeks).  it will also compress the old one with bzip2 and SIGHUP the 
>>clamd process.  seems to work just fine for me, running clamav-devel on 
>>-current (Mar 3 or so right now)
>>
> 
> Here's what I got:
> 
> # ls -lrt /var/log/clamd*
> -rw-r-----  1 clamav  clamav      0 Mar 17 06:00 /var/log/clamd.log
> -rw-r-----  1 clamav  clamav  35873 Mar 17 09:00 /var/log/clamd.log.0
> 
> # tail -n 6 /var/log/clamd.log.0
> Wed Mar 17 05:58:54 2004 -> SelfCheck: Database status OK.
> Wed Mar 17 06:00:00 2004 -> SIGHUP catched: log file re-opened.
> Wed Mar 17 06:00:00 2004 -> ERROR: accept() failed.
> Wed Mar 17 06:59:32 2004 -> SelfCheck: Database status OK.
> Wed Mar 17 08:00:10 2004 -> SelfCheck: Database status OK.
> Wed Mar 17 09:00:48 2004 -> SelfCheck: Database status OK.
> 
> # portversion -v "clamav*"
>  clamav-0.67.1               =  up-to-date with port
> 
> 
> Hmm, just saw a submission to -ports for an update to 0.70-rc, looks
> like that version is needed to have the SIGHUP handling (according to
> its NEWS file).
> 


Ah.  yes, When I wrote this, i was using clamav-devel, and the SIGHUP 
handling works fine there.  thanks for the info though.

~j


-- 
Jonathan T. Sage
Theatrical Lighting / Set Designer
Professional Web Design

[HTTP://www.JTSage.com]
[sagejona at msu.edu]
[See Headers for Contact Info]
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 254 bytes
Desc: OpenPGP digital signature
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20040316/7775b80b/signature.bin

More information about the freebsd-questions mailing list