Skip to content
/ ClamAV-Autoscan-Telegram-and-email-alerts Public

Daily virus and malware scan with ClamAV. This script will send notifications by Telegram and / or email when malware is detected.

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

migcm/ClamAV-Autoscan-Telegram-and-email-alerts

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
README.md
README.md
 
 
clam_scan.sh
clam_scan.sh
 
 

Repository files navigation

ClamAV Autoscan (Telegram and email alerts)

Daily virus and malware scan with ClamAV. This script will send notifications by Telegram and / or email when malware is detected.

This script is designed and tested in Debian 9.

Installation

  • Install ClamAV and all its components:
sudo apt-get update && apt-get install clamav clamav-docs clamav-daemon clamav-freshclam
  • Install different packages so that ClamAV can also analyze the compressed files:
sudo apt-get install arc arj bzip2 cabextract lzop nomarch p7zip pax tnef unrar-free unzip zoo
  • Install the sendmail package (to send notifications by email), curl package (to send notifications to Telegram) and cpulimit (so that the scan doesn't consume all the CPU):
sudo apt-get install sendmail curl cpulimit

ClamAV configuration

  • Edit the /etc/clamav/freshclam.conf file and modify the number of daily checks (replace 24 by 1):
sudo vi /etc/clamav/freshclam.conf

...
Checks 1
...
  • Restart service:
sudo service clamav-freshclam restart

Install and configure the script

  • Insert the script "clam_scan.sh" in the /root directory.

  • Edit the configuration variables (sudo vi /root/clam_scan.sh):

    • LOG_FILE: Name for the log files.
    • HOST_NAME: Name of the host.
    • CPU_LIMIT: Maximum percentage of CPU to be consumed by malware scanning.
    • MSG_SUBJECT: Subject of notifications when malware is detected.
    • MSG_INFO: Notification information when malware is detected. Some HTML tags (those allowed by Telegram) can be used.
    • EMAIL: If an email notification should be sent when detecting malware (true) or not (false).
    • EMAIL_FROM: Sender email address.
    • EMAIL_TO: Recipient email address.
    • TELEGRAM: If a malware notification should be sent to Telegram (true) or not (false).
    • TELEGRAM_TOKEN: Token of the Telegram bot to be able to notifications.
    • TELEGRAM_CHATID: Id of the Telegram chat to send the notifications to.
    • DIR_TO_SCAN: Directory/s to scan. Several can be indicated separated by a blank space.

  • Give script permissions:

chmod 0755 /root/clam_scan.sh
  • Create a cron to run the script at the time you want:
crontab -e

00 03 * * * /root/clam_scan.sh
  • To verify that the script works correctly, run:
/root/clam_scan.sh

Contribution

Feel free to contribute!

About

Daily virus and malware scan with ClamAV. This script will send notifications by Telegram and / or email when malware is detected.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages