ClamXav v3.0.x Sentry Question

Discussions relating to ClamXav

Moderator: Mark

ClamXav v3.0.x Sentry Question

Postby Radar1968 » Tue 21 Aug 2018 8:27 pm

I have purchased and upgraded to v3 from V2 and have a Sentry question.

In v2 you could specify folders that it watched. I cant find this option in v3.

My questions thus:

i) Is it possible to set Sentry folders and check what is currently being scanned
ii) If not can I know which folders Sentry is watching by default

Kind Regards
Radar
Radar1968
 
Posts: 84
Joined: Thu 20 Dec 2012 8:59 pm

Re: ClamXav v3.0.x Sentry Question

Postby alvarnell » Tue 21 Aug 2018 11:41 pm

In ClamXAV version 3, Sentry is much more powerful and will actually watch your entire computer by default. If you have specific areas you don't want to be scanned, you should drag and drop them into the Exclude Files section in the Settings Area for your hard disk.
-Al-
--
iMac(21.5-inch, Mid 2011) 2.8GHz Intel Core i7/OS X 10.10.5, 10.11.6, 10.12.6 & 10.13.6/ClamXAV v3.0.9 (7713)/0.100.2_01
iMac(Retina 5K, 27-inch, 2017) 4.2GHz Intel Core i7/macOS 10.12.6, 10.13.6 & 10.14.3/ClamXAV v3.0.9 (7713)/0.100.2_01
alvarnell
Site Admin
 
Posts: 5507
Joined: Thu 04 Sep 2008 1:18 am
Location: Mountain View, CA, USA

Re: ClamXav v3.0.x Sentry Question

Postby Radar1968 » Wed 22 Aug 2018 8:56 am

Understood.

Many thanks for taking the time to reply.

Radar.
Radar1968
 
Posts: 84
Joined: Thu 20 Dec 2012 8:59 pm

Re: ClamXav v3.0.x Sentry Question

Postby Radar1968 » Sat 25 Aug 2018 10:15 am

alvarnell wrote:In ClamXAV version 3, Sentry is much more powerful and will actually watch your entire computer by default. If you have specific areas you don't want to be scanned, you should drag and drop them into the Exclude Files section in the Settings Area for your hard disk.


Al,

Just another small query relating to 'Sentry'

I note from another of your posts that Sentry is now effectively in ClamXav itself and scans the entire boot drive.

My question related to reports. In v2 you could view the Sentry scanning log to see manually what it had checked and if it was OK. Is this still possible in v3 only I cant find it?

I note the following logs in the ~/Library/Logs folder:

ClamXAV-Console.log - Being updated by v3
clamXav-scan.log - Stopped being updated after v3 upgrade
ClamXAV-UI-Helper-Console.log - Being updated by v3
ClamXavConsole.log - Stopped being updated after v3 upgrade
ClamXavSentry-scan.log - Stopped being updated after v3 upgrade
ClamXavSetryConsole.log - Stopped being updated after v3 upgrade

I assume I am safe to delete the old v2 (Stopped being updated after v3 upgrade) logs?

I'd just like to satisfy myself that certain files I download are being checked and are clean.

Many thanks for your continued help.
Radar
Radar1968
 
Posts: 84
Joined: Thu 20 Dec 2012 8:59 pm

Re: ClamXav v3.0.x Sentry Question

Postby alvarnell » Sat 25 Aug 2018 10:36 am

Logs in general and the use of Console to view them confused a lot of users, so all user logs are now have their own view in the ClamXAV app. The other logs are primarily used for diagnostics and users are not expected to need to view them under normal circumstances.

Another user request was to reduce the size of the scan log, so it now only lists files that were found to be infected. You'll have to trust that all files you downloaded were scanned and found to be clean. The only exception would be files that are too big to scan and since no such files have ever found to have been infected to date, that should not be a concern.

Yes, feel free to delete logs that are no longer being used in V3.

You did, however, overlook these files found in /Library/Applications Support/ClamXAV/Logs/:
clamd_err.log
ClamXAV-helper.log
ClamXAV-logs.cxav
ClamXAV-update.log

Again they are primarily for diagnostic purposes.
-Al-
--
iMac(21.5-inch, Mid 2011) 2.8GHz Intel Core i7/OS X 10.10.5, 10.11.6, 10.12.6 & 10.13.6/ClamXAV v3.0.9 (7713)/0.100.2_01
iMac(Retina 5K, 27-inch, 2017) 4.2GHz Intel Core i7/macOS 10.12.6, 10.13.6 & 10.14.3/ClamXAV v3.0.9 (7713)/0.100.2_01
alvarnell
Site Admin
 
Posts: 5507
Joined: Thu 04 Sep 2008 1:18 am
Location: Mountain View, CA, USA

Re: ClamXav v3.0.x Sentry Question

Postby Radar1968 » Sat 25 Aug 2018 10:43 am

Many thanks.

Radar
Radar1968
 
Posts: 84
Joined: Thu 20 Dec 2012 8:59 pm

Re: ClamXav v3.0.x Sentry Question

Postby casperghst42 » Mon 26 Nov 2018 8:38 pm

I am trying to understand the idea behind the new way one have to configure Sentry with version 3 - I am one of these people who absolutely only want it to scan a very and very limited number of Directories (my poor computer have enough to do as it is) - So I have to exclude everything but these 4 or 5 directories.

That is not very optimum way to have designed this part of the product.

Cheers.
casperghst42
 
Posts: 2
Joined: Sat 12 Sep 2015 8:57 am

Re: ClamXav v3.0.x Sentry Question

Postby alvarnell » Mon 26 Nov 2018 8:54 pm

First you should know that nobody from the developer team will read what is posted here. The forum is deprecated and left to us users to help each other out and may be eliminated completely at some point.

I see you've filed a helpdesk ticket so you'll probably hear a definitive answer shortly.

As I think you already know, ClamXAV version 3, Sentry is much more powerful and will actually watch your entire computer by default. In my case I have found the background Sentry scans to be totally unnoticeable, even more so than when I had it set to only scan selected folders. I do have a malware samples folder that I have excluded, but other than that my entire hard drive is being watched without adversely impacting my CPU, which as you will note is an older iMac.

I can tell you from watching the help desk that there have been practically no complaints about this new feature, so don't expect it to change any time soon.
-Al-
--
iMac(21.5-inch, Mid 2011) 2.8GHz Intel Core i7/OS X 10.10.5, 10.11.6, 10.12.6 & 10.13.6/ClamXAV v3.0.9 (7713)/0.100.2_01
iMac(Retina 5K, 27-inch, 2017) 4.2GHz Intel Core i7/macOS 10.12.6, 10.13.6 & 10.14.3/ClamXAV v3.0.9 (7713)/0.100.2_01
alvarnell
Site Admin
 
Posts: 5507
Joined: Thu 04 Sep 2008 1:18 am
Location: Mountain View, CA, USA

Re: ClamXav v3.0.x Sentry Question

Postby alvarnell » Thu 29 Nov 2018 6:00 am

I have a bit more official information about Sentry v3 from the developer:
there are actually a large number of folders automatically excluded from being monitored (particularly some system and temporary folders) where it's not possible for malware to reside. Also, ClamXAV 3 isn't constantly writing to the disk (whereas Sentry in version 2 was).
I'll also note that they will consider taking a different approach to this in future development efforts (but I also know there are some more pressing matters that need to be adjusted involving more users) and that you can revert to v2.19.2, which can still be accomplished using a v3 subscription.

On a personal note, I really don't recommend doing the latter at this time. There are some significant improvements in the way v3 currently performs and detects known malware that you need to take into account and are far more important than just Sentry activity.

As I mentioned before, Sentry v3 is less noticeable than v2 was with my setup, but I realize that your mileage may differ. I would encourage you to run some tests using both versions before you decide which actually performs better, as opposed to the one that allows you more control.
-Al-
--
iMac(21.5-inch, Mid 2011) 2.8GHz Intel Core i7/OS X 10.10.5, 10.11.6, 10.12.6 & 10.13.6/ClamXAV v3.0.9 (7713)/0.100.2_01
iMac(Retina 5K, 27-inch, 2017) 4.2GHz Intel Core i7/macOS 10.12.6, 10.13.6 & 10.14.3/ClamXAV v3.0.9 (7713)/0.100.2_01
alvarnell
Site Admin
 
Posts: 5507
Joined: Thu 04 Sep 2008 1:18 am
Location: Mountain View, CA, USA


Return to ClamXav

Who is online

Users browsing this forum: No registered users