This custom trigger action performs a virus scan against a directory using ClamAV anti-virus software, specifically the clamscan command. Arguments supplied to the clamscan command may be used to quarantine or delete files upon detection of infected files.
How to scan a directory and move infected file using ClamAV
Let me now show you how to implement that.
1. Make sure you have already ClamAV installed in the server
Before creating a custom trigger action, you need to have ClamAV anti-virus software installed in the server where JSCAPE MFT Server is running.
2. Create a Trigger for ClamAV Scan and move Infected Files
Login into admin console of JSCAPE MFT Server > Triggers and Click Add to create a Trigger
Give the trigger a Name and then select the Current Time event type from the drop-down list.
Click Next to Step 2 where a condition can be set to execute the trigger.
Below screen shows a condition that the trigger should execute at 22 Hours 30 minute . Set the condition as Hour =22 AND Minute 30 ( Directory Scan will be performed every day at 22 hours 30 minutes )
Once the condition is set Click Next to proceed
The step 3 asks to add an action, Add the action "Clam Av virus Scan" from drop down list. If the action not found read the build instructions (Source code and build instructions) .
Click OK to proceed
The Parameters for the action "Clam Av virus Scan" are ;
- Output Log
As the name indicates, Location is the path where "clamscan" process is located. Arguments represent the parameters needed for "clamscan" command line to work. Multiple arguments can be passed using comma separator. For moving infected files use the parameter as ;
Output log is the file where all scan information will be written.
Here, we have used directory to scan to be "/home/ec2-user/JSCAPE_MFT_Server/" and for directory to move infected files to be as "/home/ec2-user/claminfectd". The parameter finally will be;
Click OK to save the settings
That's it. Now you know how to create a trigger to move infected files on Directory Scan Using ClamAV