Jump to content

Scripting, Automation, Central Reporting Options?


jt_sb

Recommended Posts

I'd be interested in learning how to script the installation of ClamAV for Windows, specifically addressing:

 

-Scripting with a MSWindows .bat batch file

 

-NOT installing the Toolbar

 

-Accepting the license

 

-Installing onto the computer

 

-Setting up a scheduled Full Scan

 

-Setting up daily Flash Scans

 

-Setting the config to NOT remove any files, just warn about them

 

-Location of the scan report (to set up the computer (via scheduled task and another .bat file) to copy the weekly scan reports to a centralized server)

 

Can anyone assist with these questions?

Link to comment
Share on other sites

  • 3 weeks later...

I'd be interested in learning how to script the installation of ClamAV for Windows, specifically addressing:

 

-Scripting with a MSWindows .bat batch file

 

-NOT installing the Toolbar

 

-Accepting the license

 

-Installing onto the computer

 

-Setting up a scheduled Full Scan

 

-Setting up daily Flash Scans

 

-Setting the config to NOT remove any files, just warn about them

 

-Location of the scan report (to set up the computer (via scheduled task and another .bat file) to copy the weekly scan reports to a centralized server)

 

Can anyone assist with these questions?

 

Same here, jt! We're experimenting with ClamAV for Windows in our office and some form of centralized management/monitoring would be fantastic. Some additional features like limiting the ability to close the application would be great too!

 

Trent

Link to comment
Share on other sites

I'd be interested in learning how to script the installation of ClamAV for Windows, specifically addressing:

 

-Scripting with a MSWindows .bat batch file

 

-NOT installing the Toolbar

 

-Accepting the license

 

-Installing onto the computer

 

-Setting up a scheduled Full Scan

 

-Setting up daily Flash Scans

 

-Setting the config to NOT remove any files, just warn about them

 

-Location of the scan report (to set up the computer (via scheduled task and another .bat file) to copy the weekly scan reports to a centralized server)

 

Can anyone assist with these questions?

 

I am also interested in using ClamAV for Windows in a large network environment. Specifically, my environment is a school network which has somewhat restrictive firewalls and content filters.

 

Also, I would recommend looking into the FOG site (fogproject.org) to see how they automate installations. They have some installation tools recommended that are much better than .bat setups even if you aren't using FOG itself.

 

The toolbar has supposedly been removed from recent versions.

 

What I want to know is:

a ) how do I purchase a large number of licenses for the plus version

b ) how do I automate activation

c ) how do I mitigate redundant usage of network resources (e.g., download definitions ONCE and distribute from a local cache) - I think SigUI will handle this for ClamAV, not sure about other components.

d ) what ports and/or server addresses does the software need to connect to in order to function properly

 

~Bradley

Link to comment
Share on other sites

Gents,

 

Let me start this by saying, we are building a centralized management console which will handle deployment, reporting, provisioning and many other things. We are expected to hit beta late this summer or in the early fall. If you want to tell me what you would need specifically please let me know at ahuger@sourcefire.com I would very much like to hear from you.

 

To answer your questions in the here and now..

 

 

>-Scripting with a MSWindows .bat batch file

 

That I cannot help you with, I would suggest though looking for a deployment tool(s).

 

>-NOT installing the Toolbar

 

The next build (3.0) is NOT going to have a toolbar so you should be fine there.

 

>-Accepting the license

 

Using the /S install flag from the binary will get you around this. It should also install current versions sans the toolbar (I think..).

 

>-Installing onto the computer

 

Binary name /S will silently run and install it on the system.

 

>-Setting up a scheduled Full Scan

 

You cannot right now. agent.exe -d DIRNANE can be scheduled though ie. agent.exe -d c:\

 

-Setting up daily Flash Scans

 

Not possible from the cmd line right now.

 

>-Setting the config to NOT remove any files, just warn about them

 

Not possible from the cmd line right now.

 

>-Location of the scan report (to set up the computer (via scheduled task and another .bat file) to copy the weekly scan >reports to a centralized server)

 

The report is in a local database, you can query it directly with SQL Lite if you like. It's history.db .

 

al

Link to comment
Share on other sites

  • 3 years later...

Hey, years later I'm responding; I had resolved most of the issues I asked about, when using ClamWin 0.96, but I've not looked into this for Immunet. This or something similar would probably still work for ClamWin. We're looking to move to Immunet or another light-weight solution, but we really want a centrally-managed option which would also be cross-platform (Win/Linux/OSX). I don't think Immunet has that, or not yet.

 

Anyways, here's my Microsoft DOS batch script that resolves Post #1 in this thread:t basically makes the Windows directories, copies the schedule and other configs into place from a network location, installs a script that mounts another network share at bootup (this network share holds company-wide definition files and ClamWin output logs for everyone's scans)

 


rem Batch file for MSWindows to install ClamWin
rem (C) 2010, 2011, 2014 JThomas@Nerdery.com

rem Make Clam config dirs on Windows 
mkdir "%USERPROFILE%\Application Data\.clamwin\"

rem Copy config and schedule files into place
copy \\networkshare\bravoclam_0.96.5-Thursday-noon\ClamWin.conf "%USERPROFILE%\Application Data\.clamwin\"
copy \\networkshare\bravoclam_0.96.5-Thursday-noon\ScheduledScans "%USERPROFILE%\Application Data\.clamwin\"

rem Install script to mount network share at login
copy \\networkshare\bravoclam_0.96.5-Thursday-noon\clam_mount.bat "%USERPROFILE%\start menu\programs\Startup"

rem Install ClamWin 0.96.5 with NO ToolBar,  Silent Install, and no reboot requested
\\networkshare\bravoclam_0.96.5-Thursday-noon\clamwin-0.96.5-setup-nodb.exe sp- /silent /norestart /NOTB

rem Copy the configs into place again to be sure they weren't overwritten
copy \\networkshare\bravoclam_0.96.5-Thursday-noon\ClamWin.conf "%USERPROFILE%\Application Data\.clamwin\"
copy \\networkshare\bravoclam_0.96.5-Thursday-noon\ScheduledScans "%USERPROFILE%\Application Data\.clamwin\"
copy \\networkshare\bravoclam_0.96.5-Thursday-noon\clam_mount.bat "%USERPROFILE%\start menu\programs\Startup"

rem Remove any current "M Drive" that may be set up
net use m: /delete

rem Set up the new M Drive for Clam definition files and location for resulting log files
net use m: \\networkshare\clamav /USER:bravoclam skan123

rem Update a file to say this installation completed
echo %USERNAME% >> m:/installed-0.96.txt

rem pause

Link to comment
Share on other sites

  • 1 month later...

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...