Email alerts - email_alert
Enable or disable e-mail alerts, this includes application version alerts as well as automated/manual scan reports.
On-demand reports can still be sent manually.
Default: 1
Alert email addresses - email_addr
The destination e-mail addresses for automated/manual scan reports and application version alerts. (multiple addresses
comma (,) spaced)
Default: your email
Ignore email alert when scan is successfully cleaned - email_ignore_clean
Ignore e-mail alerts for scan reports in which all malware hits and application version alerts.
Default: 1
Slack alert - slack_alert
Enable or disable slack alerts, this will upload the scan report as a file into one or more slack channels.
Default: 0
Slack subject - slack_subj
The file name of the file that will be uploaded to slack channel(s).
Default: 'maldet alert from $(hostname)'
Slack token - slack_token
Slack authentication token. Requires scope: files:write:user. More information https://api.slack.com/methods/files.upload
Default: 'AUTH_TOKEN'
Slack channels - slack_channels
Comma-separated list of channel names or IDs where the scan report will be shared.
Default: 'maldetreports'
Autoupdate signatures - autoupdate_signatures
Automatic updates of anti-malware signature files and cleaner rules. The signature update process preserves any custom
signature or cleaner files. It is highly recommended that this be enabled as new signatures a released multiple times
per-week.
Default: 1
Autoupdate version - autoupdate_version
Automatic version updates of LMD. The installation update process preserves all configuration options along with custom
signature and cleaner files. It is recommended that this be enabled to ensure the latest version, features and bug fixes
are always available.
Default: 1
Autoupdate version hashed - autoupdate_version_hashed
Validate the LMD executable MD5 hash with known good upstream hash value. This allows LMD to replace the the executable
/ force a re-installation in the event the LMD executable is tampered with or corrupted. If you intend to make
customizations to the LMD executable, you should disable this feature.
Default: 1
Cron prune days - cron_prune_days
The retention period, in days, which quarantine, temporary files and stale session information should be retained.
Data older than this value is deleted with the daily cron execution.
Default: 21
Cron daily scan - cron_daily_scan
Enable or disable the automatic scanning of standard web directories performed via cron.
Default: 1
Import config URL - import_config_url
Download the configuration file from a remote URL. The local conf.maldet and internals.conf are parsed followed by the
imported configuration file. As such, only variables defined in the imported configuration file are overridden and a
full set of configuration options is not explicitly required in the imported file.
Default: empty
Import config expire - import_config_expire
The expiry interval for refreshing the local cached version of the imported configuration file. The default is every 12h
(43200 seconds) which should be ok for most setups.
Default: 43200
Import signatures md5 URL - import_custsigs_md5_url
Download custom md5 signature files from a remote URL. THIS WILL OVERWRITE ANY LOCAL CUSTOM SIGNATURE FILES! It is
recommended for large-scale deployments to define these variables within a import_config_url file.
Default: empty
Import signatures hex URL - import_custsigs_hex_url
Download custom hex signature files from a remote URL. THIS WILL OVERWRITE ANY LOCAL CUSTOM SIGNATURE FILES! It is
recommended for large-scale deployments to define these variables within a import_config_url file.
Default: empty