ClamNotif: A tool to send you ClamAV notifications

Overview

ClamNotif: A tool to send you ClamAV notifications

ClamNotif, a.k.a ClamAV Notification, is a handy and simple tool written in Python, which is able to forward notifications to different recipients categorised by two severity levels of the regular health reports produced by clamscan bundled with the ClamAV antivirus engine.

What challenge we had faced

We, PiSoft Company Ltd., is a software company based in Macao S.A.R. For more than a decade, we have been developing , operating and maintaining software systems for many clients. For system security, we use ClamAV to scan the server regularly.

Usually, that is done in the form of a daily heath check on the server. Because ClamAV is an antivirus engine only, in order to make our operation as automatic as possible, we have to find a solution to forward those health reports automatically.

As part of our daily operations, if ClamAV doesn't find any thing infected, a health report should be forwarded to our maintenance team as a heart-beating signal. This is quite important, especially during the pilot period, which is the very beginning of a new system running in Production.

On the other hand, if ClamAV finds some files infected, the health report shall be forwarded to our maintenance team as well as the representative of our client as an alert.

We googled for a solution with no luck, only some pieces of bash scripts cooperating with mailx available. Perhaps, building a tool ourselves for our requirement seems unavoidable.

Installation

First of all, we can install ClamNotif by

$ pip3 install clamnotif

let's check if it works properly

$ python3 -m clamnotif

We should see

$ python3 -m clamnotif
Welcome for using ClamNotif v0.1.0 brought to you by PiSoft Company Ltd.
Usage: python3 -m clamnotif [--test-smtp|--check-report]

Configuration

Prepare Our Configurations

The configuration file of ClamNotif is an ini file designed with intuitive variable names. Please make sure to save the configuration file as ~/.clamnotif/clamnotif.cfg.

ClamNotif always reads all configurations under the home folder of the current user. Thus the read permission of the configuration file needs to be granted to ClamNotif, which should be the default in most cases.

Once our configuration completes, please make sure the ClamAVReportFolder as well as the files inside the folder can be read by the current user. In the following case, we have to check the directory ~/.ClamAV/daily/.

When the system is getting more and more stable, a daily notification would not be necessary. We can fine-tune how often a heart-beat is sent by setting HeartbeatDayGap. In the following example, suppose ClamNotif forwarded a heart-beat on 17/Apr, the next heart-beat would be sent on 19/Apr, i.e., 2 days later. This value has no impact on the sending of alerts. Once an alert is detected, it will be sent to the recipients immediately.

[SMTP]
SMTPServerHost = smtp.gmail.com
SMTPServerPort = 465
SMTPTLSEnabled = false

[Notification]
SenderAddress = [email protected]
SenderPasswd = [email protected]
AlertSubject = My System Antivirus Notification - Alert !!!
AlertReceiverAddresses = [email protected],[email protected],[email protected]
HeartbeatSubject = My System Antivirus Heartbeating Notification
HeartbeatReceiverAddresses = [email protected]
HeartbeatDayGap = 2

[ClamAV]
ClamAVReportFolder = ~/.ClamAV/daily/

Test Our Configurations

Let's send a testing email to all recipients defined in the configuration file above by turning on the flag --test-smtp. Check our email box to see if we can receive the email for testing.

$ python3 -m clamnotif --test-smtp
Successfully sent a testing email with title 'ClamNotif Testing' to [email protected] and [email protected],[email protected],[email protected].

If it works, we can go further. The flag --check-report tells ClamNotif to check the ClamAVReportFolder and to send a notification to the appropriate recipients.

$ python3 -m clamnotif --check-report
[clamnotif] 2021-11-12 19:39:47 looking up reports from /Users/developer/.clamnotif/ClamAV/daily/ ..
.
[clamnotif] 2021-11-12 19:39:47 no files infected. Try sending a heartbeat...
[clamnotif] 2021-11-12 19:39:47 no heartbeat send. should wait for 1 more day(s).
[clamnotif] 2021-11-12 19:39:47 done.

python3 -m clamnotif --check-report is the most common usage of ClamNotif.

Run ClamNotif Daily

We are able to run clamnotif regularly by registering it as a schedule job with crontab.

Here is an article Complete Beginners Tutorial for your reference.

Bash Scripts

There are some handy bash scripts which we use to wrap clamscan and clamnotif under the bash folder. Just see if they are helpful.

Acknowledgement

We built this tool in memory of Mr Brain Iu, who was a visionary in the field of software development and had been promoting the Python Programming Language in Macao long before it became all the rage .

Hope you find it useful. Drop me a line if you like it!

You might also like...
A nonebot2 plugin, send news information in a picture form.
A nonebot2 plugin, send news information in a picture form.

A nonebot2 plugin, send news information in a picture form.

Simple script with AminoLab to send ghost messages

Simple script with AminoLab to send ghost messages

Program to send ROM files to Turbo Everdrive; reverse-engineered and designed to be platform-independent
Program to send ROM files to Turbo Everdrive; reverse-engineered and designed to be platform-independent

PCE_TurboEverdrive_USB What is this "TurboEverdrive USB" thing ? For those who have a TurboEverdrive v2.x from krikzz.com, there was originally an opt

A tool to flash .ofp files in bootloader mode without needing MSM Tool, an alternative to official realme tool
A tool to flash .ofp files in bootloader mode without needing MSM Tool, an alternative to official realme tool

Oppo/Realme Flash .OFP File on Bootloader A tool to flash .ofp files in bootloader mode without needing MSM Tool, an alternative to official realme to

A plugin for poetry that allows you to execute scripts defined in your pyproject.toml, just like you can in npm or pipenv

poetry-exec-plugin A plugin for poetry that allows you to execute scripts defined in your pyproject.toml, just like you can in npm or pipenv Installat

Do you need a screensaver for CircuitPython? Of course you do

circuitpython_screensaver Do you need a screensaver for CircuitPython? Of course you do Demo video of dvdlogo screensaver: screensaver_dvdlogo.mp4 Dem

Allow you to create you own custom decentralize job management system.

ants Allow you to create you own custom decentralize job management system. Install $ git clone https://github.com/hvuhsg/ants.git Run monitor exampl

Wordless - the #1 app for helping you cheat at Wordle, which is sure to make you popular at parties

Wordless Wordless is the #1 app for helping you cheat at Wordle, which is sure t

A tool to help you to do the monthly reading requirements

Monthly Reading Requirement Auto ⚙️ A tool to help you do the monthly reading requirements Important ⚠️ Some words can't be translated Links: Synonym

Releases(v0.1.0)
Owner
PiSoft Company Ltd.
We are a software development company in Macao. We are specialising in Vue JS, Java, Python and Operational Research Algorithms.
PiSoft Company Ltd.
i3wm helper tool for workspaces on multiple monitors

i3screens A helper tool for managing i3wm workspaces on multiple monitors. Use-case You have a multi-monitor setup and want to have the "same" workspa

Sebastian Neef 1 Dec 05, 2022
Project5 Data processing system

Project5-Data-processing-system User just needed to copy both these file to a folder and open Project5.py using cmd or using any python ide. It is to

1 Nov 23, 2021
Code and data for learning to search in local branching

Code and data for learning to search in local branching

Defeng Liu 7 Dec 06, 2022
Data on Free Food at MIT

MIT Free Food Timing Procrastinating research by plotting data on how long it takes emails on the free-food at mit edu mailing list to go through. Dat

Peter Sharpe 2 Nov 01, 2021
Solutions to the language assignment for Internship in JALA Technologies.

Python Assignment Solutions (JALA Technologies) Solutions to the language assignment for Internship in JALA Technologies. Features Properly formatted

Samyak Jain 2 Jan 17, 2022
Repo created for the purpose of adding any kind of programs and projects

Programs and Project Repository A repository for adding programs and projects of any kind starting from beginners level to expert ones Contributing to

Unicorn Dev Community 3 Nov 02, 2022
Types for the Rasterio package

types-rasterio Types for the rasterio package A work in progress Install Not yet published to PyPI pip install types-rasterio These type definitions

Kyle Barron 7 Sep 10, 2021
A functional standard library for Python.

Toolz A set of utility functions for iterators, functions, and dictionaries. See the PyToolz documentation at https://toolz.readthedocs.io LICENSE New

4.1k Jan 04, 2023
This repository contains Python games that I've worked on. You'll learn how to create python games with AI. I try to focus on creating board games without GUI in Jupyter-notebook.

92_Python_Games 🎮 Introduction 👋 This repository contains Python games that I've worked on. You'll learn how to create python games with AI. I try t

Milaan Parmar / Милан пармар / _米兰 帕尔马 166 Jan 01, 2023
Blender pluggin (python script) that adds a randomly generated tree with random branches and bend orientations

Blender pluggin (python script) that adds a randomly generated tree with random branches and bend orientations

Travis Gruber 2 Dec 24, 2021
🌌 Economics Observatory Visualisation Repository

Economics Observatory Visualisation Repository Website | Visualisations | Data | Here you will find all the data visualisations and infographics attac

Economics Observatory 3 Dec 14, 2022
A Python package that provides physical constants.

PhysConsts A Python package that provides physical constants. The code is being developed by Marc van der Sluys of the department of Astrophysics at t

Marc van der Sluys 1 Jan 05, 2022
An end-to-end Python-based Infrastructure as Code framework for network automation and orchestration.

Nectl An end-to-end Python-based Infrastructure as Code framework for network automation and orchestration. Features Data modelling and validation. Da

Adam Kirchberger 15 Oct 14, 2022
A Python software implementation of the Intel 4004 processor

Pyntel4004 A Python software implementation of the Intel 4004 processor. General Information Two pass assembler using the original mnemonics, directiv

alshapton 5 Oct 01, 2022
【AI创造营】参赛作品

-AI-emmmm 【AI创造营】参赛作品 鬼畜小视频 AiStuido地址:https://aistudio.baidu.com/aistudio/projectdetail/1647685 BiliBili视频地址:https://www.bilibili.com/video/BV1Zv411b

107 Nov 09, 2022
Brython (Browser Python) is an implementation of Python 3 running in the browser

brython Brython (Browser Python) is an implementation of Python 3 running in the browser, with an interface to the DOM elements and events. Here is a

5.9k Jan 02, 2023
Spartan implementation of H.O.T.T.

Down The Path I was walking down the line, Trying to find some peace of mind. Then I saw you, You were takin' it slow, And walkin' it one step at a ti

Trebor Huang 25 Aug 05, 2022
- Auto join teams teams ( from calendar invite )

Auto Join Teams Meetings Requirements: Python 3.7 or higher Latest Google Chrome This script automatically logins to your account and joins the meetin

Prajin Khadka 10 Aug 20, 2022
Stock Monitoring

Stock Monitoring Description It is a stock monitoring script. This repository is still under developing. Getting Started Prerequisites & Installing pi

Sission 1 Feb 03, 2022
Svg-turtle - Use the Python turtle to write SVG files

SaVaGe Turtle Use the Python turtle to write SVG files If you're using the Pytho

Don Kirkby 7 Dec 21, 2022