antimalware:antimalware

Configure the anti-malware email alert and signature update settings.

sentinel --task=antimalware:antimalware
Option
Value Default Description
--email_alert <1|0> 1 Enable or disable e-mail alerts, this includes application version alerts as well as automated/manual scan reports. On-demand reports can still be sent manually.
--email_addr <string1,string2> The destination e-mail addresses for automated/manual scan reports and application version alerts. (multiple addresses comma (,) spaced)
--email_ignore_clean <1|0> 1 Ignore e-mail alerts for scan reports in which all malware hits and application version alerts.
--slack_alert <1|0> 0 Enable or disable slack alerts, this will upload the scan report as a file into one or more slack channels.
--slack_subj <string> The file name of the file that will be uploaded to slack channel(s).
--slack_token <string> AUTH_TOKEN Slack authentication token. Requires scope: files:write:user. More information https://api.slack.com/methods/files.upload
--slack_channels <string1,string2> maldetreports Comma-separated list of channel names or IDs where the scan report will be shared.
--autoupdate_signatures <1|0> 1 Automatic updates of anti-malware signature files and cleaner rules. The signature update process preserves any custom signature or cleaner files. It is highly recommended that this be enabled as new signatures a released multiple times per-week.
--autoupdate_version <1|0> 0 Automatic version updates of LMD. The installation update process preserves all configuration options along with custom signature and cleaner files. It is recommended that this be enabled to ensure the latest version, features and bug fixes are always available.
--autoupdate_version_hashed <1|0> 0 Validate the LMD executable MD5 hash with known good upstream hash value. This allows LMD to replace the the executable / force a re-installation in the event the LMD executable is tampered with or corrupted. If you intend to make customizations to the LMD executable, you should disable this feature.
--cron_prune_days <digit> 21 The retention period, in days, which quarantine, temporary files and stale session information should be retained. Data older than this value is deleted with the daily cron execution.
--cron_daily_scan <1|0> 1 Enable or disable the automatic scanning of standard web directories performed via cron.
--import_config_url <string> Download the configuration file from a remote URL. The local conf.maldet and internals.conf are parsed followed by the imported configuration file. As such, only variables defined in the imported configuration file are overridden and a full set of configuration options is not explicitly required in the imported file.
--import_config_expire <digit> 43200 The expiry interval for refreshing the local cached version of the imported configuration file. The default is every 12h (43200 seconds) which should be ok for most setups.
--import_custsigs_md5_url <string> Download custom md5 signature files from a remote URL. THIS WILL OVERWRITE ANY LOCAL CUSTOM SIGNATURE FILES! It is recommended for large-scale deployments to define these variables within a import_config_url file.
--import_custsigs_hex_url <string> Download custom hex signature files from a remote URL. THIS WILL OVERWRITE ANY LOCAL CUSTOM SIGNATURE FILES! It is recommended for large-scale deployments to define these variables within a import_config_url file.
--default <yes> Reset all settings to their default values.
--default_option <option> Reset a specific setting to its default value.
--restart <yes> Restart the service after saving settings.

Examples

// disable the cron_daily_scan
sentinel --task=antimalware:antimalware --cron_daily_scan=0 --restart=yes

// reset the cron_daily_scan back to its default value
sentinel --task=antimalware:antimalware --default_option=cron_daily_scan --restart=yes

// reset all settings to their default values
sentinel --task=antimalware:antimalware --default=yes --restart=yes