Skip to main content

Antivirus ClamAV

Pack assets

Monitored objects

  • Engine version
  • main.cvd version
  • daily.cvd version

Prerequisites

SSH configuration

A user is required to query the ClamAV server by SSH. There is no need for root or sudo privileges. There are two possible ways to perform SSH check, either by exchanging the SSH key from centreon-engine user to the target server, or by setting your unique user and password directly in the Host Macros.

Setup

  1. Install the Centreon package on every Centreon poller expected to monitor ClamAV ressources:
yum install centreon-plugin-Applications-Clamav-Ssh
  1. On the Centreon Web interface, install the Antivirus ClamAV Centreon Monitoring Connector on the Configuration > Monitoring Connector Manager page

Configuration

Host

  • Log into Centreon and add a new Host through Configuration > Hosts.
  • Fill the "Name", "Alias" & "IP Address / DNS" fields according to your Antivirus ClamAV Server settings
  • Select the Applications-Antivirus-Clamav-Ssh-custom template to apply to the Host
  • Once the template applied, some Macros marked as 'Mandatory' hereafter have to be configured.
MandatoryNameDescription
EXTRAOPTIONSAny extra option you may want to add to every command_line (eg. a --verbose flag)

How to check in the CLI that the configuration is OK and what are the main options for ?

Once the plugin installed, log into your Centreon Poller CLI using the centreon-engine user account and test the Plugin by running the following command:

 /usr/lib/centreon/plugins//centreon_clamav_ssh.pl \
--plugin=apps::antivirus::clamav::local::plugin \
--mode=update-status \
--hostname=10.0.0.1 \
--remote \
--critical-maindb-status='%{last_maindb_version} ne %{current_maindb_version}' \
--use-new-perfdata

Expected command output is shown below:

OK : clamav engine version '0.103.2/0.103.2' main.cvd version '60/60', last update 1d 3h 46m 40s daily.cvd version '25839/25839', last update 1d 3h 46m 40s | 

This command would trigger a CRITICAL alarm if the last maindb version is not equal to the current maindb version (-critical-maindb-status='%{last_maindb_version} ne %{current_maindb_version}').

All available options for a given mode can be displayed by adding the --help parameter to thecommand:

/usr/lib/centreon/plugins//centreon_clamav_ssh.pl  \
--plugin=apps::antivirus::clamav::local::plugin \
--mode=update-status \
--help

All available options for a given mode can be displayed by adding the --list-mode parameter to thecommand:

 /usr/lib/centreon/plugins//centreon_clamav_ssh.pl  \
--plugin=apps::antivirus::clamav::local::plugin \
--list-mode

Troubleshooting

UNKNOWN: Command error: Host key verification failed.

is error may come out whenever the ssh or the plink backends are used in the command. In this case, it is necessary to manually initiate a first SSH connection to the target server in order to validate the SSH fingerprint.