Mac-MSP Gruntwork Clam-AV Log Plugin

Last updated:

Gruntwork uses the Clamscan to look for infected files. Infected file(s) are logged and available in the Gruntwork web admin. The Watchman Monitoring plugin will alert you to the infected files found or issues with the Clam-AV Log Plugin.

Clam AV Logs Plugin

Clam is not installed. Please run Munki.

Clam is not installed. Please run Munki.

When Mac-MSP Gruntwork Clam AV logs plugin reports that Clam is not installed, this is ususally seen on an initial installation. Run the Maintenance Manual Start.app in the Utilties folder to run the Mac-MSP Gruntwork maintenance routines, including Munki.

Clamscan found infected files.

Gruntwork Mac-MSP Maintenance clam AV logs infected files found

Mac-MSP Gruntwork ran clamscan which found infection. The Gruntwork web admin contains a Quarantine button for each computer. On next checkin with Gruntwork admin, the server instructs Gruntwork to move the files to the quarantine folder at /Library/Mac-MSP/Gruntwork/Quarantine. The Quarantine checkbox is unchecked upon success in the web admin.

Gruntwork also has an “auto quarantine” feature in the global settings. When enabled, Gruntwork will automatically perform the steps above.

Disabling Clamscan

The Clamscan can be disabled in the Gruntwork web admin on either the computer, client group, or global levels. Additionally, Munki can keep from installing clam and definition updates by removing the gruntwork-clam manifest from the included_manifests section of any manifests you maintain (including the default “testing” and “production” manifests).

How Clamscan works

Full disk scan is only done when the machine is idle, then when the faster scan for Office documents completes, and the Mac stays idle long enough for it to complete.


Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.