benzino77
commented
2 years ago I don't think this information is available via clamd API. As far as I know the clamd database update is made by external tool called freshclam - link.
Closed zodman closed 2 years ago
benzino77
commented
2 years ago I don't think this information is available via clamd API. As far as I know the clamd database update is made by external tool called freshclam - link.
zodman
commented
2 years ago The version comes with the signature and the last updated signature, then you could parse the date and check if is updated. this works for checking if the ClamAV is running and updated ...
benzino77
commented
2 years ago This means that I should check external service (probably call some api on clamav update site) for the latest signature and the latest date of the update - asking local clamav is not enough to decide whether it is up-to-date or not. In other words that information needs to be checked with "authoritative" source - the local instance of clamav (the one CRA is using) is not that source.
benzino77
commented
2 years ago There is new version of CRA pushed to dockerhub. It contains new API endpoit /api/v1/dbsignatures. Description is included in the README file
$ curl -s http://localhost:8080/api/v1/dbsignatures | jq
{
"success": true,
"data": {
"local_clamav_db_signature": "26604",
"remote_clamav_db_signature": "26604"
}
}You can use it to check if your local virus database is up-to-date or not (if the local signature number is lower then remote then it is not up-to-date). If you are using official clamav docker image, freshclam is configured (by default) to update virus database once a day (the checks parameter is set to '1'). You can change that frequency by setting FRESHCLAM_CHECKS env for clamav container/pod.
zodman
commented
2 years ago yahooo!
like