Antivirus engine and definitions update

Question

Antivirus engine and definitions update

analyserdmz opened this issue 2 years ago · 3 comments

analyserdmz commented 2 years ago

GREAT project!

How do we update the engine and the definitions all together for each antivirus?

Answer 1 · 2022-04-09T14:20:32.000Z

Hey @analyserdmz

Are you building your own docker images or are you using the public ones ?

Answer 2 · 2022-04-09T16:30:35.000Z

@LordNoteworthy atm I am experimenting with the public ones. The final purpose is to have an isolated multiple antivirus solution that would communicate only with certain intranet endpoints but this is too far for now.

For now the only thing that matters is the on-demand antivirus update :)

Answer 3 · 2022-04-13T13:57:36.000Z

Hello @analyserdmz

I added a github action that will run every day to update the signatures:

You can simply run this command which will reload the docker images and eventually pull the new containers that have the new AV signatures updates:

kubectl get deployment | grep saferwall-multiav | awk '{print $1}' | kubectl rollout restart deployment

For your convenience, I will drop this command in the makefile to just do a make av-update.