{"id":3248,"date":"2025-08-01T20:04:02","date_gmt":"2025-08-01T12:04:02","guid":{"rendered":"https:\/\/jir.idv.tw\/wordpress\/?p=3248"},"modified":"2025-08-01T20:04:02","modified_gmt":"2025-08-01T12:04:02","slug":"ubuntu%e7%b3%bb%e7%b5%b1%e7%89%88%e6%9c%ac%e5%8d%87%e7%b4%9a%e5%be%8c%ef%bc%8c%e6%af%8f%e6%97%a5%e5%a0%b1%e5%91%8a%e7%9a%84logwatch%e7%84%a1%e6%b3%95%e6%ad%a3%e5%b8%b8%e8%a7%a3%e6%9e%90clamav%e7%9a%84","status":"publish","type":"post","link":"https:\/\/jir.idv.tw\/wordpress\/?p=3248","title":{"rendered":"UBUNTU\u7cfb\u7d71\u7248\u672c\u5347\u7d1a\u5f8c\uff0c\u6bcf\u65e5\u5831\u544a\u7684logwatch\u7121\u6cd5\u6b63\u5e38\u89e3\u6790clamav\u7684LOG\u3002"},"content":{"rendered":"

\u6211\u76ee\u524d\u81ea\u5df1\u627e\u5230\u7684\u76f8\u95dc\u8edf\u9ad4\u7248\u672c\uff1a
\n# lsb_release -rd
\nUbuntu 24.04.2 LTS<\/p>\n

# apt-cache policy clamav-freshclam
\n *** 1.4.3+dfsg-0ubuntu0.24.04.1 500
\n 1.0.5+dfsg-1.1ubuntu3 500
\n 500 https:\/\/free.nchc.org.tw\/ubuntu noble\/main amd64 Packages<\/p>\n

# apt-cache policy logwatch
\n *** 7.7-1ubuntu1 500<\/p>\n

\u7136\u5f8c\u8a2d\u5b9a\u6a94\u660e\u660e\u6b63\u78ba\u7684\u6307\u5b9a\u5b83\u9019\u500b\u4f4d\u7f6e\u7684LOG\uff0c\u6a94\u6848\u5be6\u969b\u4e5f\u662f\u6709\u6b63\u5e38\u7684\u7522\u51fa\u3002
\n$ tail \/var\/log\/clamav\/freshclam.log
\nFri Aug 1 09:03:31 2025 -> ————————————–
\nFri Aug 1 09:03:31 2025 -> daily.cld database is up-to-date (version: 27718, sigs: 2076325, f-level: 90, builder: raynman)
\nFri Aug 1 09:03:31 2025 -> main.cvd database is up-to-date (version: 62, sigs: 6647427, f-level: 90, builder: sigmgr)
\nFri Aug 1 09:03:31 2025 -> bytecode.cld database is up-to-date (version: 336, sigs: 83, f-level: 90, builder: nrandolp)<\/p>\n

\u4f46\u662f\u9019\u7248\u7684LOGWATCH\u5c31\u662f\u4e00\u76f4\u7121\u6cd5\u6293\u5230\u6b63\u78ba\u7684\u8cc7\u6599\u51fa\u4f86\u3002
\n$ logwatch –detail high –range yesterday –service clam-update
\n$ logwatch –detail high –range today –service clam-update
\n$ logwatch –detail high –service clam-update<\/p>\n

\u8ddfAI\u4ea4\u6d41\u7814\u7a76\u548c\u8a66\u8aa4\u7684\u7d50\u679c\uff0c\u61c9\u8a72\u662f\u76ee\u524dUBUNTU\u9078\u64c7\u4f7f\u7528\u7684LOGWATCH\u5957\u4ef6\u7248\u672c\u95dc\u4fc2\uff0c\u89e3\u6790\u76ee\u524dCLAMAV\u7248\u672c\u7684LOG\u7121\u6cd5\u5224\u65b7\u683c\u5f0f\uff0c\u9020\u6210\u7121\u6cd5\u6b63\u5e38\u7522\u751f\u6bcf\u65e5\u5831\u8868\u3002
\n\u7531\u65bcperl\u8a9e\u6cd5\u6211\u5df2\u7d93\u592a\u4e45\u592a\u4e45\u6c92\u53bb\u6478\u4e86\uff0c\u4e5f\u6c92\u6709\u592a\u591a\u6642\u9593\u53bb\u7814\u7a76\u600e\u9ebc\u64b0\u5beb\u7a0b\u5f0f\u7684\u3002
\n\u9084\u597d\u5b83\u9019\u500b\u6709\u63d0\u4f9b\u65b9\u5f0f\u53ef\u4ee5\u8dd1\u81ea\u8a02\u7684\u7a0b\u5f0f\u4f86\u7522\u51fa\u6a94\u6848\u3002
\n\u8d81\u6709\u8a18\u61b6\uff0c\u7d00\u9304\u4e00\u4e0b\u3002<\/p>\n

\u65b0\u589e\u5169\u884c\u5230\u81ea\u5b9a\u7fa9\u7684\u6a94\u6848\uff0c\u8a2d\u5b9a\u9810\u8a08\u8981\u6383\u63cf\u90a3\u4e9b\u7d00\u9304\u6a94\u6848\u653e\u54ea\u908a\u3002
\n$ sudo nano \/etc\/logwatch\/conf\/logfiles\/clam-update.conf
\nLogFile = \/var\/log\/clamav\/freshclam.log
\nArchive = \/var\/log\/clamav\/freshclam.log.*<\/code><\/p>\n

\u7136\u5f8c\uff0c\u65b0\u589e\u4e00\u500b\u5ba2\u88fd\u7684.sh\u57f7\u884c\u6a94\uff0c\u76ee\u7684\u5f88\u7c21\u55ae\uff0c\u5c31\u662f\u628aLOG\u6a94\u6848\u6488\u51fa24\u5c0f\u6642\u5167\u7684\u8cc7\u8a0a\uff0c\u5206\u8b66\u544a\u3001\u932f\u8aa4\u3001\u548c\u66f4\u65b0\u4e09\u500b\u9805\u76ee\u3002
\n$ sudo nano \/etc\/logwatch\/scripts\/services\/clam-update
\n#!\/bin\/sh<\/p>\n

# \u9019\u500b\u8173\u672c\u53ea\u6703\u8655\u7406\u5f9e logwatch \u50b3\u5165\u7684\u65e5\u8a8c\u5167\u5bb9
\n# \u4e26\u7be9\u9078\u51fa\u6700\u8fd1 24 \u5c0f\u6642\u5167\u7684\u8a18\u9304<\/p>\n

# \u8a08\u7b97 24 \u5c0f\u6642\u524d Unix \u6642\u9593\u6233
\nTIME_24_HOURS_AGO=$(date -d \"24 hours ago\" +%s)<\/p>\n

echo \"ClamAV Report (Last 24 Hours):\"
\necho \"======================\"<\/p>\n

# \u8b80\u53d6 logwatch \u50b3\u5165\u7684\u6240\u6709\u65e5\u8a8c\u5167\u5bb9
\nLOG_INPUT=$(cat)<\/p>\n

# \u4f7f\u7528 awk \u7be9\u9078\u51fa 24 \u5c0f\u6642\u5167\u7684\u65e5\u8a8c\u884c
\nFILTERED_LOGS=$(echo \"$LOG_INPUT\" | awk -v time_ago=\"$TIME_24_HOURS_AGO\" '{
\n # \u6aa2\u67e5\u65e5\u8a8c\u884c\u7684\u683c\u5f0f\u662f\u5426\u6b63\u78ba
\n if (match($0, \/^[A-Z][a-z]{2} +[A-Z][a-z]{2} +[ 0-9]+ [0-9]{2}:[0-9]{2}:[0-9]{2}\/)) {
\n # \u5c07\u65e5\u8a8c\u6642\u9593\u8f49\u63db\u70ba Unix \u6642\u9593\u6233
\n log_date = substr($0, RSTART, RLENGTH) \" \" strftime(\"%Y\", systime())
\n cmd = \"date -d \\\"\" log_date \"\\\" +%s 2>\/dev\/null\"
\n cmd | getline log_timestamp
\n close(cmd)<\/p>\n

# \u5982\u679c\u65e5\u8a8c\u6642\u9593\u665a\u65bc 24 \u5c0f\u6642\u524d\uff0c\u5247\u5370\u51fa
\n if (log_timestamp > time_ago) {
\n print $0
\n }
\n } else {
\n # \u5982\u679c\u4e0d\u662f\u6a19\u6e96\u65e5\u8a8c\u884c\uff0c\u53ef\u80fd\u662f\u4e00\u884c\u88ab\u622a\u65b7\u7684\u65e5\u8a8c\uff0c\u4e5f\u4e00\u4f75\u5370\u51fa
\n print $0
\n }
\n}')<\/p>\n

echo \"\"
\necho \"--- Warnings ---\"
\necho \"$FILTERED_LOGS\" | grep \"WARNING:\" | sed 's\/^.*freshclam\\[[0-9]*\\]: \/\/g'<\/p>\n

echo \"\"
\necho \"--- Errors ---\"
\necho \"$FILTERED_LOGS\" | grep \"ERROR:\" | sed 's\/^.*freshclam\\[[0-9]*\\]: \/\/g'<\/p>\n

echo \"\"
\necho \"--- Updates ---\"
\necho \"$FILTERED_LOGS\" | grep \"ClamAV update process started\" | sed 's\/^.*freshclam\\[[0-9]*\\]: \/\/g'
\necho \"$FILTERED_LOGS\" | grep \"database is up-to-date\" | sed 's\/^.*freshclam\\[[0-9]*\\]: \/\/g'<\/code><\/p>\n

\u5b58\u6a94\u5f8c\uff0c\u8a18\u5f97\u628a\u5b83\u6539\u6210\u53ef\u4ee5\u57f7\u884c\u7684\u6a94\u6848\u6b0a\u9650\u3002
\n$ sudo chmod +x \/etc\/logwatch\/scripts\/services\/clam-update
\n\u7136\u5f8c\u6307\u4ee4\u5c31\u9019\u6a23\u57f7\u884c\uff0c\u61c9\u8a72\u5c31\u6703\u5f9e\u539f\u4f86\u4e0d\u986f\u793a\u7a7a\u767d\uff0c\u8b8a\u6210\u6709\u6488\u51fa\u9700\u8981\u7684\u8cc7\u6599\u4e86\u3002
\n$ logwatch –detail high –service clam-update
\n################### Logwatch 7.7 (07\/22\/22) ####################
\n Processing Initiated: Fri Aug 1 11:00:24 2025
\n Date Range Processed: yesterday
\n ( 2025-Jul-31 )
\n Period is day.
\n Detail Level of Output: 10
\n Type of Output\/Format: stdout \/ text
\n Logfiles for Host:
\n ##################################################################<\/p>\n

--------------------- clam-update Begin ------------------------<\/p>\n

ClamAV Report (Last 24 Hours):
\n ======================<\/p>\n

--- Warnings ---<\/p>\n

--- Errors ---<\/p>\n

--- Updates ---
\n Thu Jul 31 11:30:13 2025 -> daily.cld database is up-to-date (version: 27717, sigs: 2078182, f-level: 90, builder: nrando>
\n Thu Jul 31 11:30:13 2025 -> main.cvd database is up-to-date (version: 62, sigs: 6647427, f-level: 90, builder: sigmgr)
\n Thu Jul 31 11:30:13 2025 -> bytecode.cld database is up-to-date (version: 336, sigs: 83, f-level: 90, builder: nrandolp)
\n...
\n Fri Aug 1 09:03:31 2025 -> daily.cld database is up-to-date (version: 27718, sigs: 2076325, f-level: 90, builder: raynma>
\n Fri Aug 1 09:03:31 2025 -> main.cvd database is up-to-date (version: 62, sigs: 6647427, f-level: 90, builder: sigmgr)
\n Fri Aug 1 09:03:31 2025 -> bytecode.cld database is up-to-date (version: 336, sigs: 83, f-level: 90, builder: nrandolp)<\/p>\n

---------------------- clam-update End -------------------------<\/p>\n

###################### Logwatch End #########################<\/code><\/p>\n

\u4e0d\u904e\u9019\u500b\u65b9\u5f0f\uff0c\u6703\u628a\u539f\u4f86\u7684\u6307\u4ee4\uff0c\u53c3\u6578–range\u6574\u500b\u653e\u68c4\u6389\uff0c\u5f37\u5236\u986f\u793a24\u5c0f\u6642\u5167\u7684\u8cc7\u6599\u3002
\n$ logwatch –detail high –range today <\/strong>–service clam-update
\n\u770b\u6709\u7121\u795e\u4eba\u80fd\u4fee\u6539\u597d\u539f\u4f86\u7684perl\u6a94\u6848\uff0c\u6216\u8005\u662f\u9019\u500b\u8ddfAI\u4ea4\u6d41\u5f8c\u7684.sh\u6a94\u6848\u518d\u9032\u5316\u3002
\n\u7e3d\u4e4b\uff0c\u6211\u56de\u5831BUG\u904e\u53bbUBUNTU\u958b\u767c\u5718\u968a\uff0c\u5f8c\u7e8c\u770b\u767c\u5c55\u3002
\n\u4f46\u662f\u81ea\u5df1\u81f3\u5c11\u8981\u80fd\u770b\u5230\u6bcf\u5929\u7684\u66f4\u65b0\u8a0a\u606f\uff0c\u6bd4\u8f03\u91cd\u8981~XD<\/p>\n

**\u9806\u4fbf\u767c\u5230\u9019\u88e1\u5206\u4eab\u53cd\u61c9\uff1a
\nhttps:\/\/bugs.launchpad.net\/ubuntu\/+source\/clamav\/+bug\/2067608\/comments\/36<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

\u6211\u76ee\u524d\u81ea\u5df1\u627e\u5230\u7684\u76f8\u95dc\u8edf\u9ad4\u7248\u672c\uff1a # lsb_release -rd Ubuntu 24.04.2 LTS # apt-cache policy clamav-freshclam *** 1.4.3+dfsg-0ubuntu0.24.04.1 500 1.0.5+dfsg-1.1ubuntu3 500 500 https:\/\/free.nchc.org.tw\/ubuntu noble\/main amd64 Packages # apt-cache policy logwatch *** 7.7-1ubuntu1 500 \u7136\u5f8c\u8a2d\u5b9a\u6a94\u660e\u660e\u6b63\u78ba\u7684\u6307\u5b9a\u5b83\u9019\u500b\u4f4d\u7f6e\u7684LOG\uff0c\u6a94\u6848\u5be6\u969b\u4e5f\u662f\u6709\u6b63\u5e38\u7684\u7522\u51fa\u3002 $ tail \/var\/log\/clamav\/freshclam.log Fri Aug 1 09:03:31 2025 -> ————————————– Fri Aug 1 09:03:31 2025 -> daily.cld database … Read more (\u5b8c\u6574\u6587\u7ae0\u5167\u5bb9)UBUNTU\u7cfb\u7d71\u7248\u672c\u5347\u7d1a\u5f8c\uff0c\u6bcf\u65e5\u5831\u544a\u7684logwatch\u7121\u6cd5\u6b63\u5e38\u89e3\u6790clamav\u7684LOG\u3002<\/span><\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[4],"tags":[],"class_list":["post-3248","post","type-post","status-publish","format-standard","hentry","category-4","content-layout-excerpt-thumb"],"jetpack_featured_media_url":"","jetpack-related-posts":[],"jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/jir.idv.tw\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/3248","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/jir.idv.tw\/wordpress\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jir.idv.tw\/wordpress\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jir.idv.tw\/wordpress\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/jir.idv.tw\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3248"}],"version-history":[{"count":1,"href":"https:\/\/jir.idv.tw\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/3248\/revisions"}],"predecessor-version":[{"id":3249,"href":"https:\/\/jir.idv.tw\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/3248\/revisions\/3249"}],"wp:attachment":[{"href":"https:\/\/jir.idv.tw\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3248"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jir.idv.tw\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3248"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jir.idv.tw\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3248"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}