How to make `clamdscan` exclude folders and only log `--infected`?

clamav

clamdscan does not have as many options available via the command line as clamscan
clamdscan reads most of its options from it's config file /etc/clamav/clamd.conf You can add multiple ExcludePath options in /etc/clamav/clamd.conf file. These are in RegEx:

ExcludePath ^/dev/
ExcludePath ^/proc/
ExcludePath ^/sys/

Then you can run it with:

clamdscan --multiscan --fdpass --quiet /

--multiscan will speed up the processing because it uses multiple threads.
--fdpass will allow you to scan files as the clamd user that the clamav-daemon.service runs as.
--quiet should suppress all output except infected files. At least that's what it seems to do on my system but that isn't how it is described in the documentation.

If you want to save to file you can just redirect the output clamdscan <options> > /save/file.txt
Or save it to file with the --log=FILE option.

Put you command in a cron job an you are done.
If you are scripting something I would suggest checking the exit codes for clamdscan and then having your script email you when it detects a virus:

0 : No virus found.
1 : Virus(es) found.
2 : An error occurred.

clamdscan documentation: https://linux.die.net/man/1/clamdscan
clamd.conf documentation: https://linux.die.net/man/5/clamd.conf

Related

Ubuntu Server with systemd - how to get a backtrace or coredump?
Hide subdomains from scan tools
Why doesn't libvirt cooperate with iptables on fedora 32
nginx: combine Expires and Cache-Control: immutable headers
Server Uptime Reporting and Tracking
Free hex file viewer [closed]
Account lockout
What inconsistencies should I expect between WAMP and LAMP stacks? [closed]
Should I install antivirus in Windows 7 RC XP Mode?
Google Contacts on IP phones via asterisk PBX
Good Linux podcasts/links for beginners [closed]
Using SQL Server 2008 Management studio to connect to SQL Server 2005 databases