Building a log gathering agent
Hugo van der Kooij
hvdkooij at vanderkooij.org
Mon Mar 5 23:22:54 CET 2007
On Mon, 5 Mar 2007, Denis Beauchemin wrote:
> After testing the new version I find it much more interesting!
>
> I had the following misinterpreted line:
> McAfee:
> /l255g8Ct024133/msg-16689-948.txt/Update-KB7187-x86.zip/UPDATE-KB7187-X86.EXE
> Found trojan or variant New Malware.n:1
>
> I would also like to be able to call it without the "-l logfile" arguments,
> such as for:
> zcat /var/log/old/maillog.20070301.gz | ./maillog-virus.pl
> or
> zcat /var/log/old/maillog.20070301.gz | ./maillog-virus.pl -l -
> but the script just won't let me.
It does now accept - as filedescriptor if you fetch a new version or apply
this major patch:
--- maillog-virus.pl-20070305 2007-03-05 21:32:20.000000000 +0100
+++ maillog-virus.pl 2007-03-05 23:16:46.000000000 +0100
@@ -13,7 +13,7 @@
getopt('l');
if ($opt_l) {
$syslogfile = $opt_l;
- if (!(-r $syslogfile)) {
+ if (!(-r $syslogfile) && $syslogfile != "-") {
print "\n\tError:\tThe syslog file $syslogfile is not
readable!\n\n";
exit;
}
Hugo.
--
hvdkooij at vanderkooij.org http://hugo.vanderkooij.org/
This message is using 100% recycled electrons.
Some men see computers as they are and say "Windows"
I use computers with Linux and say "Why Windows?"
(Thanks JFK, for the insight.)
More information about the MailScanner
mailing list