Menu

#125 Cannot handle ClamAV 1.0+ logs

v7.13
closed
nobody
None
5
2025-12-01
2025-08-11
Lukas M
No

ClamAV changed its output format slightly with the release of v1.0.x.

Problem is that the fresh clam process is logging now:

ClamAV update process started at Mon Jul 15 06:28:54 2024

instead of

Mon Jul 15 06:28:54 2024 -> ClamAV update process started at Mon Jul 15 06:28:54 2024

This leads to logrotate not being able to parse freshclam.log anymore.

This issue can be observed in Ubuntu 22.04 LTS and 24.04 LTS (besides others), especially with ClamAV version 1.4.3 (but seems to have started with v1.0)

Please see previous discussion in https://bugs.launchpad.net/ubuntu/+source/logwatch/+bug/2067608

Discussion

  • Lukas M

    Lukas M - 2025-08-11
     

  • Mike Tremaine

    Mike Tremaine - 2025-08-11

    We'll have to look at this closer but I see this line in scripts/services/clam-update

    } elsif (($Date) = ($ThisLine =~ /^ClamAV update process started at \w{3} (\w{3} [\d ]\d ..:..:.. \d{4})$/)) {

    Which matches the output you have above.

     

  • Bjorn

    Bjorn - 2025-11-03

    Don't know what the status of this bug is. It is similar to bug #123, which appears to be fixed. Is this the same issue? Or is it specific to some releases of Ubuntu?

     

  • Bjorn

    Bjorn - 2025-12-01
    • status: open --> closed
     

Log in to post a comment.

MongoDB Logo MongoDB