Solved How can I write two separate outputs from one command?
-
@stacksofplates Here is how it looks when I add the date. I cannot same to get a space in between however
clamscan -i -r --exclude=/sys | sed "s/^/$(date)/ " >> /var/log/clamav/scan_logMon Dec 9 20:10:59 UTC 2019/tmp/clamav_test/emerging-deleted.rules: Html.Trojan.Blackhole-65 FOUND Mon Dec 9 20:10:59 UTC 2019/tmp/clamav_test/emerging-web_client.rules: Html.Exploit.CVE_2018_8373-6654754-1 FOUND Mon Dec 9 20:10:59 UTC 2019 Mon Dec 9 20:10:59 UTC 2019----------- SCAN SUMMARY ----------- Mon Dec 9 20:10:59 UTC 2019Known viruses: 6594198 Mon Dec 9 20:10:59 UTC 2019Engine version: 0.101.4 Mon Dec 9 20:10:59 UTC 2019Scanned directories: 1 Mon Dec 9 20:10:59 UTC 2019Scanned files: 45 Mon Dec 9 20:10:59 UTC 2019Infected files: 2 Mon Dec 9 20:10:59 UTC 2019Data scanned: 38.73 MB Mon Dec 9 20:10:59 UTC 2019Data read: 15.07 MB (ratio 2.57:1) Mon Dec 9 20:10:59 UTC 2019Time: 49.446 sec (0 m 49 s) -
Here's the output from systemd if you create a service:
Dec 09 15:16:47 localhost.localdomain systemd[1]: Started ClamAV Scanner. Dec 09 15:16:47 localhost.localdomain scan.sh[23673]: LibClamAV Warning: ************************************************** Dec 09 15:16:47 localhost.localdomain scan.sh[23673]: LibClamAV Warning: *** The virus database is older than 7 days! *** Dec 09 15:16:47 localhost.localdomain scan.sh[23673]: LibClamAV Warning: *** Please update it as soon as possible. *** Dec 09 15:16:47 localhost.localdomain scan.sh[23673]: LibClamAV Warning: ************************************************** Dec 09 15:17:17 localhost.localdomain scan.sh[23673]: ----------- SCAN SUMMARY ----------- Dec 09 15:17:17 localhost.localdomain scan.sh[23673]: Known viruses: 6561649 Dec 09 15:17:17 localhost.localdomain scan.sh[23673]: Engine version: 0.101.5 Dec 09 15:17:17 localhost.localdomain scan.sh[23673]: Scanned directories: 11 Dec 09 15:17:17 localhost.localdomain scan.sh[23673]: Scanned files: 41 Dec 09 15:17:17 localhost.localdomain scan.sh[23673]: Infected files: 0 Dec 09 15:17:17 localhost.localdomain scan.sh[23673]: Data scanned: 32.97 MB Dec 09 15:17:17 localhost.localdomain scan.sh[23673]: Data read: 200.09 MB (ratio 0.16:1) Dec 09 15:17:17 localhost.localdomain scan.sh[23673]: Time: 30.328 sec (0 m 30 s) Dec 09 15:17:17 localhost.localdomain systemd[1]: scan.service: Succeeded. -
@stacksofplates said in How can I write two separate outputs from one command?:
Here's the output from systemd if you create a service:
Dec 09 15:16:47 localhost.localdomain systemd[1]: Started ClamAV Scanner. Dec 09 15:16:47 localhost.localdomain scan.sh[23673]: LibClamAV Warning: ************************************************** Dec 09 15:16:47 localhost.localdomain scan.sh[23673]: LibClamAV Warning: *** The virus database is older than 7 days! *** Dec 09 15:16:47 localhost.localdomain scan.sh[23673]: LibClamAV Warning: *** Please update it as soon as possible. *** Dec 09 15:16:47 localhost.localdomain scan.sh[23673]: LibClamAV Warning: ************************************************** Dec 09 15:17:17 localhost.localdomain scan.sh[23673]: ----------- SCAN SUMMARY ----------- Dec 09 15:17:17 localhost.localdomain scan.sh[23673]: Known viruses: 6561649 Dec 09 15:17:17 localhost.localdomain scan.sh[23673]: Engine version: 0.101.5 Dec 09 15:17:17 localhost.localdomain scan.sh[23673]: Scanned directories: 11 Dec 09 15:17:17 localhost.localdomain scan.sh[23673]: Scanned files: 41 Dec 09 15:17:17 localhost.localdomain scan.sh[23673]: Infected files: 0 Dec 09 15:17:17 localhost.localdomain scan.sh[23673]: Data scanned: 32.97 MB Dec 09 15:17:17 localhost.localdomain scan.sh[23673]: Data read: 200.09 MB (ratio 0.16:1) Dec 09 15:17:17 localhost.localdomain scan.sh[23673]: Time: 30.328 sec (0 m 30 s) Dec 09 15:17:17 localhost.localdomain systemd[1]: scan.service: Succeeded.Can you show me your systemd service file?
-
If it were me, I'd just set up a service and timer. Then it's super easy to automate and audit. You just make sure the service and timer are enabled and you can check whenever you need that they are. Logs are really easy to grab then too. For this I just ran
journalctl -u scan -
@IRJ said in How can I write two separate outputs from one command?:
@stacksofplates said in How can I write two separate outputs from one command?:
Here's the output from systemd if you create a service:
Dec 09 15:16:47 localhost.localdomain systemd[1]: Started ClamAV Scanner. Dec 09 15:16:47 localhost.localdomain scan.sh[23673]: LibClamAV Warning: ************************************************** Dec 09 15:16:47 localhost.localdomain scan.sh[23673]: LibClamAV Warning: *** The virus database is older than 7 days! *** Dec 09 15:16:47 localhost.localdomain scan.sh[23673]: LibClamAV Warning: *** Please update it as soon as possible. *** Dec 09 15:16:47 localhost.localdomain scan.sh[23673]: LibClamAV Warning: ************************************************** Dec 09 15:17:17 localhost.localdomain scan.sh[23673]: ----------- SCAN SUMMARY ----------- Dec 09 15:17:17 localhost.localdomain scan.sh[23673]: Known viruses: 6561649 Dec 09 15:17:17 localhost.localdomain scan.sh[23673]: Engine version: 0.101.5 Dec 09 15:17:17 localhost.localdomain scan.sh[23673]: Scanned directories: 11 Dec 09 15:17:17 localhost.localdomain scan.sh[23673]: Scanned files: 41 Dec 09 15:17:17 localhost.localdomain scan.sh[23673]: Infected files: 0 Dec 09 15:17:17 localhost.localdomain scan.sh[23673]: Data scanned: 32.97 MB Dec 09 15:17:17 localhost.localdomain scan.sh[23673]: Data read: 200.09 MB (ratio 0.16:1) Dec 09 15:17:17 localhost.localdomain scan.sh[23673]: Time: 30.328 sec (0 m 30 s) Dec 09 15:17:17 localhost.localdomain systemd[1]: scan.service: Succeeded.Can you show me your systemd service file?
[Unit] Description=ClamAV Scanner [Service] Type=simple ExecStart=/usr/local/bin/scan.sh [Install] WantedBy=default.target#!/bin/bash clamscan -i -r /home/jhooks/Downloads -
A timer would just be this:
[Unit] Description=Run Clam Scan [Timer] OnCalendar=*-*-* 00:00:00 Unit=scan.service [Install] WantedBy=default.target -
@stacksofplates said in How can I write two separate outputs from one command?:
A timer would just be this:
[Unit] Description=Run Clam Scan [Timer] OnCalendar=*-*-* 00:00:00 Unit=scan.service [Install] WantedBy=default.targetDo you run
systemctl enable clamav.timerandsystemclt start clamav.timerinstead of doing it with service? -
Service is failing, but timer is not?
-
@IRJ said in How can I write two separate outputs from one command?:
@stacksofplates said in How can I write two separate outputs from one command?:
A timer would just be this:
[Unit] Description=Run Clam Scan [Timer] OnCalendar=*-*-* 00:00:00 Unit=scan.service [Install] WantedBy=default.targetDo you run
systemctl enable clamav.timerandsystemclt start clamav.timerinstead of doing it with service?Sorry was in the car, yeah you can do
systemctl enable --now clamav.timerand it will do both. -
@IRJ said in How can I write two separate outputs from one command?:
Service is failing, but timer is not?
What's the output of
journalctl -u clamav? -
@stacksofplates said in How can I write two separate outputs from one command?:
@IRJ said in How can I write two separate outputs from one command?:
Service is failing, but timer is not?
What's the output of
journalctl -u clamav?
-
What permission is needed on that script @stacksofplates ?
-
What's your script look like?
-
Oooh are you running from /tmp? Did you mount /tmp with noexec like the stigs want?
-
I ended up moving out of
/tmpand the permission issue was fixed. It still failed because I wasnt specifying/bin/bashbefore script file. Once I changed that it worked. -
@IRJ said in How can I write two separate outputs from one command?:
I ended up moving out of
/tmpand the permission issue was fixed. It still failed because I wasnt specifying/bin/bashbefore script file. Once I changed that it worked.Ah ok. Did you have
#!/bin/bashin the script? I've never had it complain about that before? -
@stacksofplates said in How can I write two separate outputs from one command?:
@IRJ said in How can I write two separate outputs from one command?:
I ended up moving out of
/tmpand the permission issue was fixed. It still failed because I wasnt specifying/bin/bashbefore script file. Once I changed that it worked.Ah ok. Did you have #!/bin/bash in the script? I've never had it complain about that before?
Nope lol.
