clamscan_hourly

1. #!/bin/bash
2.  
3. # email subject
4. SUBJECT="VIRUS DETECTED ON `hostname`!!!"
5. # Email To ?
6. EMAIL="[email protected]"
7. # Log location
8. LOG=/var/log/clamav/scan.log
9.  
10. check_scan () {
11.  
12.     # Check the last set of results. If there are any "Infected" counts that aren't zero, we have a problem.
13.     if [ `tail -n 12 ${LOG}  | grep Infected | grep -v 0 | wc -l` != 0 ]
14.     then
15.         EMAILMESSAGE=`mktemp /tmp/virus-alert.XXXXX`
16.         echo "To: ${EMAIL}" >>  ${EMAILMESSAGE}
17.         echo "From: [email protected]" >>  ${EMAILMESSAGE}
18.         echo "Subject: ${SUBJECT}" >>  ${EMAILMESSAGE}
19.         echo "Importance: High" >> ${EMAILMESSAGE}
20.         echo "X-Priority: 1" >> ${EMAILMESSAGE}
21.         echo "`tail -n 50 ${LOG}`" >> ${EMAILMESSAGE}
22.         sendmail -t < ${EMAILMESSAGE}
23.     fi
24.  
25. }
26.  
27. find / -not -wholename '/sys/*' -and -not -wholename '/proc/*' -mmin -61 -type f -print0 | xargs -0 -r clamscan --exclude-dir=/proc/ --exclude-dir=/sys/ --quiet --infected --log=${LOG}
28. check_scan
29.  
30. find / -not -wholename '/sys/*' -and -not -wholename '/proc/*' -cmin -61 -type f -print0 | xargs -0 -r clamscan --exclude-dir=/proc/ --exclude-dir=/sys/ --quiet --infected --log=${LOG}
31. check_scan
32.