Skip to content
Snippets Groups Projects
Select Git revision
  • a9fa48334dda6d105655658e4051accabe5810f8
  • master default protected
  • 133-fail2ban-page
  • reorganisation
  • 16-maintenace-service
  • 11-fail2ban
  • 6-monit-update
  • 7-dolibarr-fail2ban
  • 6-surveillance-interne-des-serveur
  • test-glpi
  • 2-migrate-to-phpfpm
  • jessie
  • github
13 results

clamav-weekly.sh

Blame
    • user avatar
    Licences
    David Beniamine authored 
    Github message
    a9fa4833
    History
    user avatar a9fa4833
    History
    clamav-weekly.sh 1.84 KiB
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40
    41
    42
    43
    44
    45
    46
    47
    48
    49
    50
    51
    52
    53
    54
    55
    56
    57
    58
    59
    60
    61
    62 
    

    

    

    #!/bin/bash

# Copyright (C) 2017  Tetras Libre <admin@tetras-libre.fr>
# Author: Beniamine, David <David@Beniamine.net>
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program.  If not, see <http://www.gnu.org/licenses/>.


LOGFILE="/tmp/clamav-$(date +'%Y-%m-%d').log";
EMAIL_TO="root";
DIRTOSCAN="/var/www /home";

do_sendmail(){
    message+="\n\n==== LOG  ====\n\n"
    while read line 
    do
        message+="$line\n"
    done < $LOGFILE
    (echo "Subject: [NoCloud ClamAv] $subject";
    echo "To: $EMAIL_TO";
    echo "Content-Type: text/plain; charset=UTF-8";
    echo "";
    echo -e "${message}") | sendmail -t
}

for S in ${DIRTOSCAN}; do
    DIRSIZE=$(du -sh "$S" 2>/dev/null | cut -f1);

    echo "Demarrage du scan hebdomadaire pour le repertoire: '$S'. Quantité de données à analyser : '$DIRSIZE'";

    clamscan -ri "$S" >> $LOGFILE

    # get the value of "Infected lines"
    MALWARE=$(tail "$LOGFILE"|grep Infected|cut -d" " -f3);

done

if [ $MALWARE -ne 0 ]
then
    subject="Menace detectée"
    message="Une menace a été detecté sur votre serveur.\n Merci de vous
    référer au log ci dessous et si besoin de contacter vos
    administrateur.rice système."
else
    subject="Aucune menace detectée"
    message="Aucune menace detectée durant l'analyse hebdomadaire de votre serveur."
fi

do_sendmail
rm $LOGFILE