On Tue, Apr 08, 2008 at 08:11:23PM +1000, Ted Cooper wrote:
>
> Someone asked about this kind of thing last year and I suggested they
> use the clamd PING to see if it's there. They took that idea and created
> an awesome little system and posted the entire thing to the mailing
> list. You could use something very similar to test to see if clamd is
> working and if it's not, skip or defer the malware tests.
>
> The existence of the socket file does not mean that clamd is running,
> just that it wasn't deleted if clamd crashed.
>
> It's available in the archive here:
>
>
>http://lists.exim.org/lurker/message/20070918.172526.ff9818ec.en.html
Thanks for the link.
We use something simple that also seems to work: Two nagios plugins:
=================
#!/bin/bash
function usage {
echo "Gebruik: toets_clamd"
exit -1
}
aantal_clam_sokke=`sudo netstat -plnx | grep \/clamd -c`
if [ $aantal_clam_sokke -eq 1 ]
then
echo OK - Clamd luister
exit 0
fi
if [ $aantal_clam_sokke -eq 0 ]
then
echo Krities - Clamd-sok bestaan nie
exit 2
fi
exit 3
=================
It uses netstat to determine whether clamd is listening and if not
nagios will restart the daemon.
I see the latest nagios has a built-in plugin "check_clamav" .
Regards
Johann
--
Johann Spies Telefoon: 021-808 4036
Informasietegnologie, Universiteit van Stellenbosch
"Be careful for nothing; but in every thing by prayer
and supplication with thanksgiving let your requests
be made known unto God. And the peace of God, which
passeth all understanding, shall keep your hearts
hearts and minds through Christ Jesus."
Philippians 4:6,7
