Permalink
Find file Copy path
4844196 Jan 28, 2018
1 contributor

Users who have contributed to this file

19 lines (18 sloc) 440 Bytes
title: Relevant ClamAV Message
description: Detects relevant ClamAV messages
references:
- https://github.com/ossec/ossec-hids/blob/master/etc/rules/clam_av_rules.xml
logsource:
product: linux
service: clamav
detection:
keywords:
- 'Trojan*FOUND'
- 'VirTool*FOUND'
- 'Webshell*FOUND'
- 'Rootkit*FOUND'
- 'Htran*FOUND'
condition: keywords
falsepositives:
- Unknown
level: high