AnsweredAssumed Answered

ClamAV Automation and Notification

Question asked by Andrew Hunter on Mar 1, 2018
Latest reply on Mar 8, 2018 by Andrew Hunter

Hi,

 

I'm running RSA Authentication Manager 8.2 SP1 on some new Intel Appliances and enabled ClamAV scanning from the command line.

Has anyone out there managed to enable email (or any other automated method) notification  that clamscan has run on an RSA Appliance and detected an infection?

I've configured 2 cron jobs, one for freshclam updates and the other for a daily clamscan.

I then tried to compile a script which would email me if an infection was found (SMTP is configured and working for report notification), however it appears I can't leverage the SMTP settings of the RSA application from the CLI. Sendmail/postx etc.aren't installed and I understand the implications of installing 3rd party software on a hardened security appliance.

I found 2 posts which don't fill me with hope:

 

Is it possible to send email from RSA 8.2 Virtual Appliance 

000014856 - Possibility of sending email from the RSA SecurID Appliance 3.0 

 

Suggestions gratefully received, cheers

Outcomes