[prev in list] [next in list] [prev in thread] [next in thread] 

List:       clamav-users
Subject:    [clamav-users] Query on Clam Logrotate
From:       "Anglin, Charlie via clamav-users" <clamav-users () lists ! clamav ! net>
Date:       2024-01-02 9:33:56
Message-ID: PA4PR02MB69896825CC097A76D8B4A26C8961A () PA4PR02MB6989 ! eurprd02 ! prod ! outlook ! com
[Download RAW message or body]

Hello,

I'm wondering if someone can tell me more about what Clam's logrotate funct=
ionality offers, in particular if it can compress and/or deletes log files?=
 If Clam does compress / delete log files, how is it deciding when to do so=
 (e.g. does it delete log files of a certain age)?

In our current Clam config we don't specify values for either the LogFileMa=
xSize nor the LogRotate settings. From reading the config comments I unders=
tand that LogFileMaxSize will default to 1M and therefore LogRotate will be=
 enabled. When running our container we can see log files being created and=
 rotated once they reach the size of 1M. However, we're seeing that our con=
tainer is slowly getting filled up with these log files as they don't seem =
to be being deleted.

Does Clam's logrotate provide any compressing or deletion of log files? If =
so, what settings does it use? If this isn't functionality that's included =
in Clam's logroate, what's the recommended pattern to follow? I assume that=
 would be to create config for a custom logrotate job which is then coped o=
ver when defining the Clam docker image?

For reference, we're making use of the Clam image clamav:1.0.1 from here<ht=
tps://hub.docker.com/r/clamav/clamav>.

Thank you.
________________________________

Capgemini is a trading name used by the Capgemini Group of companies which =
includes Capgemini UK plc, a company registered in England and Wales (numbe=
r 943935) whose registered office is at No. 1, Forge End, Woking, Surrey, G=
U21 6DB.
This message contains information that may be privileged or confidential an=
d is the property of the Capgemini Group. It is intended only for the perso=
n to whom it is addressed. If you are not the intended recipient, you are n=
ot authorized to read, print, retain, copy, disseminate, distribute, or use=
 this message or any part thereof. If you receive this message in error, pl=
ease notify the sender immediately and delete all copies of this message.

[Attachment #3 (text/html)]

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<style type="text/css" style="display:none;"> P {margin-top:0;margin-bottom:0;} \
</style> </head>
<body dir="ltr">
<div><span class="x_elementToProof" style="font-size: 12pt; font-family: Aptos, \
Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; margin: 0px; \
color: rgb(0, 0, 0); background-color: rgb(255, 255, 255);">Hello,</span></div> <div \
class="x_elementToProof" style="font-size: 12pt; font-family: Aptos, \
Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; margin: 0px; \
color: rgb(0, 0, 0); background-color: rgb(255, 255, 255);"> <br>
</div>
<div class="x_elementToProof elementToProof" style="font-size: 12pt; font-family: \
Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; \
margin: 0px; color: rgb(0, 0, 0); background-color: rgb(255, 255, 255);"> I'm \
wondering if someone can tell me more about what Clam's logrotate functionality \
offers, in particular if it can compress and/or deletes log files? If Clam does \
compress / delete log files,&nbsp;how is it deciding when to do so (e.g. does it \
delete log files  of a certain age)?</div>
<div class="x_elementToProof" style="font-size: 12pt; font-family: Aptos, \
Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; margin: 0px; \
color: rgb(0, 0, 0); background-color: rgb(255, 255, 255);"> <br>
</div>
<div class="x_elementToProof" style="font-size: 15px; margin: 0px; color: rgb(36, 36, \
36); background-color: rgb(255, 255, 255);"> <span style="font-size: 12pt; \
font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, Helvetica, \
sans-serif; margin: 0px; color: rgb(0, 0, 0);">In our current Clam config we don't \
specify values for either the<span>&nbsp;</span><i>LogFileMaxSize</i>&nbsp;nor  \
the<span>&nbsp;</span><i>LogRotate</i>&nbsp;settings. From reading the config \
comments I understand that<span>&nbsp;</span><i>LogFileMaxSize</i>&nbsp;will default \
to<span>&nbsp;</span><i>1M</i>&nbsp;and therefore<span>&nbsp;</span></span><span \
style="font-size: 16px; font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, \
Calibri, Helvetica, sans-serif; margin: 0px; color: rgb(0, 0, 0); background-color: \
rgb(255, 255, 255);"><i>LogRotate</i></span><span style="font-size: 12pt; \
font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, Helvetica, \
sans-serif; margin: 0px; color: rgb(0, 0, 0);">&nbsp;will  be enabled. When running \
our container we can see log files being created and rotated once they reach the size \
of 1M. However, we're seeing that our container is slowly getting filled up with \
these log files as they don't seem to be being deleted.</span></div> <div \
class="x_elementToProof" style="font-size: 15px; margin: 0px; color: rgb(36, 36, 36); \
background-color: rgb(255, 255, 255);"> <span style="font-size: 12pt; font-family: \
Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; \
margin: 0px; color: rgb(0, 0, 0);"><br> </span></div>
<div class="x_elementToProof" style="font-size: 15px; margin: 0px; color: rgb(36, 36, \
36); background-color: rgb(255, 255, 255);"> <span style="font-size: 12pt; \
font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, Helvetica, \
sans-serif; margin: 0px; color: rgb(0, 0, 0);">Does Clam's logrotate provide any \
compressing or deletion of log files? If so, what settings does it  use? If this \
isn't functionality that's included in Clam's logroate, what's the recommended \
pattern to follow? I assume that would be to create config for a custom logrotate job \
which is then coped over when defining the Clam docker image?</span></div> <div \
class="x_elementToProof" style="font-size: 15px; margin: 0px; color: rgb(36, 36, 36); \
background-color: rgb(255, 255, 255);"> <span style="font-size: 12pt; font-family: \
Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; \
margin: 0px; color: rgb(0, 0, 0);"><br> </span></div>
<div class="x_elementToProof" style="font-size: 15px; margin: 0px; color: rgb(36, 36, \
36); background-color: rgb(255, 255, 255);"> <span style="font-size: 16px; \
font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, Helvetica, \
sans-serif; margin: 0px; color: rgb(0, 0, 0); background-color: rgb(255, 255, \
255);">For reference, we're making use of the Clam image clamav:1.0.1  from&nbsp;<a \
href="https://hub.docker.com/r/clamav/clamav" target="_blank" rel="noopener \
noreferrer" data-auth="NotApplicable" id="OWA4313c0c5-3efe-a573-6b70-af8904cb9ae7" \
class="x_OWAAutoLink" title="https://hub.docker.com/r/clamav/clamav" \
data-loopstyle="linkonly" data-linkindex="0" style="margin: 0px; text-align: left; \
background-color: rgb(255, 255, 255);">here</a>.</span></div> <div \
class="x_elementToProof" style="font-size: 15px; margin: 0px; color: rgb(36, 36, 36); \
background-color: rgb(255, 255, 255);"> <span style="font-size: 16px; font-family: \
Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; \
margin: 0px; color: rgb(0, 0, 0); background-color: rgb(255, 255, 255);"><br> \
</span></div> <span class="x_elementToProof" style="font-size: 15px; margin: 0px; \
color: rgb(36, 36, 36); background-color: rgb(255, 255, 255);"><span \
style="font-size: 16px; font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, \
Calibri, Helvetica, sans-serif; margin: 0px; color: rgb(0, 0, 0); background-color: \
rgb(255, 255, 255);">Thank  you.</span></span> <br>
<hr>
<font face="Arial" color="Gray" size="1"><br>
Capgemini is a trading name used by the Capgemini Group of companies which includes \
Capgemini UK plc, a company registered in England and Wales (number 943935) whose \
registered office is at No. 1, Forge End, Woking, Surrey, GU21 6DB.<br> </font>
<p></p>

<p></p>

<p></p>

<p style="font-size: 9px; ">This message contains information that may be privileged \
or confidential and is the property of the Capgemini Group. It is intended only for \
the person to whom it is addressed. If you are not the intended recipient, you are \
not authorized to read, print, retain, copy, disseminate, distribute, or use this \
message or any part thereof. If you receive this message in error, please notify the \
sender immediately and delete all copies of this message.</p></body> </html>



_______________________________________________

Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation

https://docs.clamav.net/#mailing-lists-and-chat

--===============3551455161473469508==--


[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic