Sv: Re: Panda not working

Andreas Svensson andreas.svensson at HALLSBERG.SE
Mon May 9 15:24:16 IST 2005 

This sounds ok to me.
I'm glad if we get it working.
/Andreas


>>> rcooper at DWFORD.COM 2005-05-09 15:57:22 >>>
This is not necessarily the case. If you do *not* use the -nor switch
each
time pavcl is run it produces a plain text version of it's console
output in
/var/log/panda named pavcl.rpt. Example:

---------------------------------------------------
Date                : 09/05/2005
Time                : 07:39:41
File checked        : /opt/bdc/eicar.rar[eicar.com]

   Found virus :EICAR-AV-TEST-FILE



                 Panda Antivirus Linux, (c) Panda Software 2004

Time employed for scan .............: 00:00:00
Number of files scanned ............: 2
Number of files infected ...........: 1
Number of files disinfected ........: 0
Number of files renamed ............: 0
Number of files deleted ............: 0

                            Copyright Panda Software

Shouldn't be particularly tough to parse.  example using the wrapper
script:

pavcl -aut -aex -heu -nso -eng /opt/bdc/eicar.rar &> /dev/null
#(although I
don't generally trust heuristic)
if [ -f /var/log/panda/pavcl.rpt ]; then
    cat /var/log/panda/pavcl.rpt
else
    echo "pavcl.rpt file is missing"
fi

Of course it's an over simplified example but it appears to be
consistently
accurate. If you wanted to do away with the wrapper e altogether this
could
be processed through the Message.pm::SafePipe function.

If Julian thinks there is enough call for the panda handling and
doesn't
have the time to mess with it I could probably do something with it
this
week.


--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).

Support MailScanner development - buy the book off the website!

------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).

Support MailScanner development - buy the book off the website!

More information about the MailScanner mailing list