Skip to main content
Start a Conversation

This post is more than 5 years old

Solved!

Go to Solution

SunshineM

119 Posts

1144

June 10th, 2015 02:00

Script to scan CIFS weekly

Hello,

We have CIFS in place with Symantec AV server. Everything is working fine. I know real time scanning is been done on the files access, renamed etc.

But I want to have WEEKLY FULL SCAN on all file systems on CIFS.

Let me know how to achieve this.

Thanks.

umichklewis

1.2K Posts

June 17th, 2015 11:00

That's straightforward, if you're familiar with using the nas -query CLI command from the Control Station.  More information about using queries are in the EMC document, Command Line Reference for File. Specifically, look in the appendix Using Command Scripts for VNX - this will be very useful to testing and building scripts on the Control Station.

You can use a query to return every filesystem and add a viruschk for it.  Now, here's the catch:  you have to be careful not to add checkpoint filesystems or root filesystems, since they don't need to be checked.  Adding filesystems that you don't want to scan will only increase the overhead on the viruscheckers and potentially impact performance.

Here's an example:

[nasadmin@vnxtest-cs0 ~]$ nas_fs -query:inuse==y -format:'%s,%s\n' -Fields:AvailablePrimaryServer,Name

server_2,root_fs_2

server_2,root_fs_3

server_2,root_fs_common

server_2,root_avm_fs_group_11

server_2,home_dirs

server_2,root_rep_ckpt_322_498186_1

server_2,root_rep_ckpt_322_498186_2

server_2,pack_stuff

server_2,luminal

server_2,ckpt_home_dirs_daily_checkpoints_001

server_2,ckpt_home_dirs_daily_checkpoints_002

server_2,ckpt_home_dirs_daily_checkpoints_003

server_2,ckpt_home_dirs_daily_checkpoints_004

server_2,ckpt_home_dirs_daily_checkpoints_005


A script just adds the above filesystems will now scan the replication checkpoints and daily checkpoints, as well as the root filesystems and such.  You'll need to test query options to reduce the output to just the filesystems you need.  Here's another example you can inspect - note that this may not work for your environment.


[nasadmin@vnxtest-cs0 ~]$ nas_fs -query:inuse==y:IsRoot==False:type=^ckpt -format:'%s,%s\n' -Fields:AvailablePrimaryServer,Name

server_2,home_dirs

server_2,pack_stuff

server_2,luminal


Once you have a working query, you should test your script and see if it gives you the output you need.


Let us know if that helps!


Karl

umichklewis

1.2K Posts

June 10th, 2015 07:00

Have a look at the EMC document "Using VNX Event Enabler" or its current version, "Using Common Event Enabler for Windows".  This guide details the use of CAVA and its command line options.  In your case, you want to look at the options for adding a full filesystem scan.

Since you won't know in advance how long the scan takes, you'll want to run your first scan "by hand", not from cron.  This way, if your scan takes more than a week, the VNX won't try and run two scans of the same filesystem.

There are some examples of scrips here on the forums - have a look at those examples and create a sample script for review.  I'm sure other users will be happy to point you in the right direction.

Let us know if that helps!

Karl

SunshineM

119 Posts

June 10th, 2015 10:00

Thanks. I have refered to the that doc, I know how to manually. And our data is not that too big. So it would be great help if I can get a script to schedule a weekly scan.

umichklewis

1.2K Posts

June 10th, 2015 14:00

Here's something simple to get you started.  I would create a file called "scan.sh", then run "chmod +x" on the Control Station to make it executable.  I would put the following lines in the file:

#! /bin/sh

# Quick shell script to launch VirusScan on filesystems

NAS_DB=/nas

export NAS_DB

PATH=$PATH:$NAS_DB/bin:$NAS_DB/sbin:/usr/sbin:.

export PATH

server_viruschk server_2 -fsscan my_fs01 -create

server_viruschk server_2 -fsscan my_fs02 -create

server_viruschk server_2 -fsscan my_fs03 -create

So now, you have a simple shell script that will now add three simple filesystems to a scan, each time you execute the script from the command line or on a schedule.  But how to schedule it?  That's were "crontab" comes in.  With crontab, you can have the script execute on a set schedule.  If you're only looking to run the script once a week, a crontab entry like this might work:

# m h dom m dow cmd

5 23 * * 6 /home/nasadmin/scripts/scan.sh 2>/dev/null

This crontab entry runs each Saturday at 23:05 in the evening.  Use this to get started, then ask questions as you need.  You'll probably find working with cron and understanding it's idiosyncrasies will be the most complex part of your task.  You should Google "crontab on Linux" and research a bit about this useful tool.

Hope this helps!

SunshineM

119 Posts

June 17th, 2015 08:00

Thanks very much.

Is it compulsory to add File system entries into the script. Reason I am asking is because whenever a new file system will be created, it will have to added in this script.

To avoid this, script cannot have a command which sees and scans all file systems available?

Thanks.

Rainer_EMC

8.6K Posts

June 17th, 2015 15:00

Probably a good idea to also skip file systems where av scan is disabled

View More

View All

No Events found!

Top