<html>
Ok, here are all the responses:<br><br>
<b>1. From <$1> To <$2> virus <$3><br><br>
</b>Impossible to generically extract the name of the virus, so this
would have to include the whole virus report.<br><br>
<b>2. something that grep could sniff out easily ONLY for caught
viruses.</b> <b>Or do you have a better solution? The Email ID to go
along with it as well would be nice. for ones that were scanned and ones
that were found to be infected<br><br>
</b>Such as?<br><br>
<b>3. I would definately like the virus name reported by the virus
engine<br><br>
</b>See (1)<br><br>
<b>4. making the logging as machine freindly as possible <br><br>
</b>I will do what I can.<br><br>
<b>5. entries that could be used to create email usage reports. For
each email to have To, From, Subject, Date, bytes, and names of any
attachments would allow for easier creation of user reports.<br><br>
</b>Is there a limit on the length of a log entry? These would be *very*
long.<br><br>
<b>6. Identifiable tag<br>
When you get a chance would you consider altering the logging code
for<br>
matches on filename rules to have an identifiable tag. E.g. instead
of<br>
logging:<br>
"Executable file in filename.exe" and "Possible MS-Dos
shortcut attack<br>
in filename.pif"<br>
Log:<br>
"Filename Rules: Executable file in filename.exe" and
"Filename rules:<br>
Possible MS-Dos shortcut attack in filename.pif"<br><br>
</b>Definite good idea.<br><br>
Any more thoughts from anyone?<br>
<div>-- </div>
<div>Julian
Field
Teaching Systems Manager</div>
<div>jkf@ecs.soton.ac.uk
Dept. of Electronics & Computer Science</div>
<div>Tel. 023 8059
2817 University of
Southampton</div>
Southampton SO17 1BJ
</html>