Integrate 3rd party Virus scanner with files_antivirus

I don’t trust ClamAV. And recently the management decided Kaspersky isn’t an option anymore neither. So I would like to integrate another virus scanner (Avast) with files_antivirus. I have a script that takes file/files/path as parameter and returns 0 or 1 (in case of virus) and a clear text message. I used the option “executable clamav” or similar (using german UI). I replaced the call to clamscan with a call to my script.

It seems to work: Uploading the Eicar virus I get the message "Der Virus wurde in der Datei gefunden. Das Hochladen kann nicht abgeschlossen werden. " (Virus was found, upload cannot continue). But there’s no information on the specific virus found.

My question: In which way must the information about the virus found be handed back to Nextcloud so that it can be displayed?

1 Like

Well, no comment…

No matter, found out by myself:

  • The command must accept binary streams from stdin
  • The command must produce an output “stream: (virus signature short text) FOUND”

With this technique you can integrate any virus scanner that can be called via a command or script. Maybe this info should go to the documentation on files_antivirus that is quite thin in this aspect. It focuses (without need) exclusively on ClamAV and Kaspersky, both virus scanners have their issues (for very different reasons).

2 Likes