Level up to Version 2025.4 for new, improved UI and faster file transfers | Download today.

Published in:

Perform directory virus scan using ClamAV

Words by

Van Glass

2 minutes

This custom trigger action performs a virus scan against a directory using ClamAV anti-virus software, specifically the clamscan command. Arguments supplied to the clamscan command may be used to quarantine or delete files upon detection of infected files.

Downloads

Source code and build instructions

How to scan a directory and move infected file using ClamAV

Let me now show you how to implement that.

1. Make sure you have already ClamAV installed in the server

Before creating a custom trigger action, you need to have ClamAVanti-virus softwareinstalled in the server where JSCAPE MFT Server is running.

2. Create a Trigger for ClamAV Scan and move Infected Files

Give the trigger aNameand then select theCurrent Timeevent type from the drop-down list.

ClickNextto Step 2 where a condition can be set to execute the trigger.

Below screen shows a condition that the trigger should execute at 22 Hours 30 minute . Set the condition asHour =22 AND Minute 30(Directory Scan will be performed every day at 22 hours 30 minutes )

Once the condition is set ClickNextto proceed

The step 3 asks to add an action, Add the action “Clam Av virus Scan” from drop down list.If the action not found read the build instructions (Source code and build instructions) .

Click OK to proceed

The Parameters for the action “Clam Av virus Scan” are ;

Location
Arguments
Output Log

As the name indicates, Location is the path where “clamscan” process is located. Arguments represent the parameters needed for “clamscan” command line to work. Multiple arguments can be passed using comma separator. For moving infected files use the parameter as ;

<directory-to-scan>,–move=<directory-to-move-infected-files>

Output log is the file where all scan information will be written.

Here, we have used directory to scan to be “/home/ec2-user/JSCAPE_MFT_Server/” and for directory to move infected files to be as “/home/ec2-user/claminfectd“.The parameter finally will be;

” /home/ec2-user/JSCAPE_MFT_Server/,–move=/home/ec2-user/claminfectd”

ClickOK to save the settings

That’s it. Now you know how to create a trigger to move infected files on Directory Scan Using ClamAV

Latest Articles

The IT/OT divide: Is your enterprise blind to a critical threat?

Your enterprise security strategy may be incomplete.

Learn More
From unplanned downtime to unmatched competitiveness

Why AI is making OT/IT convergence a C-Suite imperative.

Learn More
NERC-CIP: From regulatory burden to business catalyst

Go beyond compliance and uncover transformational data with JSCAPE by Redwood.

Learn More
Mind the (air) gap: Bridging the divide between IT and OT

If you’re in the business of manufacturing, oil and gas, utilities, transportation or mining, unanticipated downtime is a constant threat. Operational technology…

Learn More