Can't parse virus log
Kamil Juřík - AFX
jurik at afx.cz
Wed Aug 6 17:09:36 IST 2003
Hi,
I've got a problem described below. I tried to repair regexp but it
didn't work.
I'm sending you a log made by ProcessBitDefenderOutput, printed $line:
Kamil Jurik
Aug 6 17:00:59 itest MailScanner[12168]: Variable
Line............^[[1;36;40mBDC/Linux-Console v7.0 (build 2420) (i386)
(Feb 27 2003 13:55:18)
Aug 6 17:00:59 itest MailScanner[12168]: Variable
Line............Copyright (C) 1996-2003 SOFTWIN SRL. All rights
reserved.^[[0;37;40m
Aug 6 17:00:59 itest MailScanner[12168]: Variable Line............Last
updated Mon Jan 20 15:35:29 2003
Aug 6 17:00:59 itest MailScanner[12168]: Variable Line............CORE
v1.0.2 i386 (Feb 27 2003 13:48:20)
Aug 6 17:00:59 itest MailScanner[12168]: Variable Line............
Aug 6 17:00:59 itest MailScanner[12168]: Variable
Line............^[[0;37;40m/var/spool/MailScanner/incoming/12168/./E0612C0DC/eicar_com.zip=>eicar.com
^[[1;31;40minfected: EICAR-Test-File (not a virus)^[[0;37;40m
<------------| Why is there ^[[1;31;40m instead of '\t'??? Parser
can't found infection because it search for \tinfected: Original
antivirus log contains all lines with \t and
no ^[[1;31;40m and nothing similar.
Aug 6 17:00:59 itest MailScanner[12168]: Variable
Line............^[[1;37;40m
Aug 6 17:00:59 itest MailScanner[12168]: Variable Line............
Aug 6 17:00:59 itest MailScanner[12168]: Variable Line............Results:
Aug 6 17:00:59 itest MailScanner[12168]: Variable
Line............Folders :4
Aug 6 17:00:59 itest MailScanner[12168]: Variable
Line............Files :8
Aug 6 17:00:59 itest MailScanner[12168]: Variable
Line............Packed :0
Aug 6 17:00:59 itest MailScanner[12168]: Variable
Line............Archives :1
Aug 6 17:00:59 itest MailScanner[12168]: Variable
Line............Infected files :1
Aug 6 17:00:59 itest MailScanner[12168]: Variable
Line............Suspect files :0
Aug 6 17:00:59 itest MailScanner[12168]: Variable
Line............Warnings :0
Aug 6 17:00:59 itest MailScanner[12168]: Variable
Line............Identified viruses:1
Aug 6 17:00:59 itest MailScanner[12168]: Variable Line............I/O
errors :0
Aug 6 17:00:59 itest MailScanner[12168]: Variable Line............
Aug 6 17:00:59 itest MailScanner[12168]: Variable
Line............^[[0;37;40m^[[0;37;40m
Tento e-mail byl zkontrolovan na postovnim serveru AFX
More information about the MailScanner
mailing list