Enhancement #2289

squidclamav: enable logging to /var/log/c-icap/server.log

Added by Giacomo Sanchietti about 6 years ago. Updated almost 6 years ago.

Status:CLOSEDStart date:
Priority:NormalDue date:
Assignee:-% Done:

100%

Category:nethserver-squidclamav
Target version:v6.5-beta3
Resolution: NEEDINFO:No

Description

Enable squidclamav log redirection to c-icap log file: all virus detection will be logged to /var/log/c-icap/server.log.

Add this option to /etc/squidclamav.conf file:

logredir 1

Related issues

Related to NethServer 6 - Enhancement #2288: c-icap: disable access log CLOSED

History

#1 Updated by Giacomo Sanchietti about 6 years ago

  • Description updated (diff)

#2 Updated by Giacomo Sanchietti about 6 years ago

  • Status changed from NEW to TRIAGED
  • % Done changed from 0 to 20
  • Estimated time set to 0.50

#3 Updated by Giacomo Sanchietti almost 6 years ago

  • Status changed from TRIAGED to ON_DEV
  • Assignee set to Giacomo Sanchietti
  • % Done changed from 20 to 30

#4 Updated by Giacomo Sanchietti almost 6 years ago

  • Status changed from ON_DEV to MODIFIED
  • % Done changed from 30 to 60

#5 Updated by Giacomo Sanchietti almost 6 years ago

  • Status changed from MODIFIED to ON_QA
  • Assignee deleted (Giacomo Sanchietti)
  • % Done changed from 60 to 70
Packages in nethserver-testing:
  • nethserver-squidclamav-1.0.3-1.0gitac8ae1b7.ns6.noarch.rpm

Test case

Check that virus detection events are logged in /var/log/c-icap/server.log.

#6 Updated by Davide Principi almost 6 years ago

  • Assignee set to Davide Principi

#7 Updated by Davide Principi almost 6 years ago

  • Status changed from ON_QA to VERIFIED
  • Assignee deleted (Davide Principi)
  • % Done changed from 70 to 90

VERIFIED

After upgrading to
  • nethserver-c-icap-1.0.1-3.0git1d80dafb.ns6.noarch.rpm
  • nethserver-squidclamav-1.0.3-1.0gitac8ae1b7.ns6.noarch.rpm

sent an HTTP request to download an EICAR test file.

  • /var/log/c-icap/server.log:
    Thu Jan  2 16:05:47 2014, 7929/250844928, INFO squidclamav_end_of_data_handler: Virus redirection: http://davidep3.vboxnet0.tld/cgi-bin/squidclamav/clwarn.cgi?url=http://davidep1/nethserver/eicar.com.txt.gz&source=192.168.8.1&user=-&virus=stream: Eicar-Test-Signature FOUND.
    
  • /var/log/clamav/clamd.log:
    Thu Jan  2 16:05:47 2014 -> instream(local): Eicar-Test-Signature FOUND
    
  • /var/log/c-icap/access.log is unchanged

#8 Updated by Davide Principi almost 6 years ago

  • Status changed from VERIFIED to CLOSED
  • % Done changed from 90 to 100

Released in nethserver/6.5/base repository.

Also available in: Atom PDF