Table of contents
This page describes what to do in case of an Icinga alert. For more information you could search the govuk-puppet repo for the source of the alert

Icinga alerts

ClamAV definitions out of date

This could be because of a number of reasons. Check that the database is up to date by calling the freshclam command directly with verbose:

$ fab $environment -H backend-1 sdo:'freshclam -v'

If it reports the virus databases are up to date then you may need to check the ClamAV virusdb archive to investigate.

If it can’t seem to download the updated definition files, with errors such as Ignoring mirror (due to previous errors), it could be that all the mirrors available have been blacklisted. You can reset the blacklisted mirrors by deleting the file that stores them:

$ sudo rm /var/lib/clamav/mirrors.dat

After doing this, running freshclam -v as above may well work again.

This page was last reviewed on 18 March 2019. It needs to be reviewed again on 18 September 2019 by the page owner #govuk-2ndline .
This page was set to be reviewed before 18 September 2019 by the page owner #govuk-2ndline. This might mean the content is out of date.