Scan for viruses¶
The scan for viruses microservice runs at multiple points in the transfer and ingest workflows inside Archivematica. Archivematica uses the ClamAV antivirus engine and its configuration is discussed here. The configuration of this service can effect whether PREMIS events are recorded for files or not.
The event log for a successful virus check
We look at the impact of various settings below.
Exploring ClamAV settings¶
MaxFileSize If a file is passed to the scanner that is larger than this
then it will not be scanned. No event will be recorded.
MaxScanSize limits the number of bytes that will be scanned. This might be
used in a standard operating environment where one might be confident a virus
or malware will only appear within that range. In Archivematica, because of the
possibility of a virus still existing outside of that range, a PREMIS event
cannot be recorded confidently.
MaxStreamLength is a setting used in Clamdscan only. The maximum number of
bytes that can be sent to the ClamAV daemon. Files that are larger than this
limit cannot be sent in their entirety to the server and so a PREMIS event that
states the existence or non-existence of malware in the file cannot be recorded
confidently.
We can observe the impact of different combinations of configuration options in the following two tables.
Clamscan¶
| FileSize | MaxFileSize | MaxScanSize | Scanned? | Premis Event |
|---|---|---|---|---|
| 42M | 42M | 42M | Yes | Yes |
| 42M | 42M | 42M | No | No |
| 84M | 84M | 42M | No | No |
| 84M | 42M | 84M | No | No |
Clamdscan¶
| FileSize | MaxFileSize | MaxScanSize | StreamMaxLength | Scanned? | Premis Event |
|---|---|---|---|---|---|
| 42M | 42M | 42M | 100M | Yes | Yes |
| 42M | 42M | 42M | 21M | No | No |
| 84M | 84M | 42M | 100M | No | No |
| 84M | 42M | 84M | 100M | No | No |
In both tables you can see that if for any reason a file is not scanned, or ‘not-completely-scanned’, a PREMIS event will not be recorded. A PREMIS event in either instance of PASS or FAIL would be a false-positive.
Archivematica 1.10.2
Search
Open the general index or type your search in the search box.
Available projects
Archivematica
- Version 1.16.0 (stable-current)
- Version 1.15.1 (stable-previous)
- Version 1.14.1 (legacy)
- Version 1.13.2 (legacy)
- Version 1.12.2 (legacy)
- Version 1.11.2 (legacy)
- Version 1.10.2 (legacy)
- Version 1.9.3 (legacy)
- Version 1.8.1 (legacy)
- Version 1.7.2 (legacy)
- Version 1.6.1 (legacy)
- Version 1.5 (legacy)
- Version 1.4 (legacy)
Archivematica Storage Service
- Version 0.22.0 (stable-current)
- Version 0.21.1 (stable-previous)
- Version 0.20.1 (legacy)
- Version 0.19.0 (legacy)
- Version 0.18.1 (legacy)
- Version 0.17.1 (legacy)
- Version 0.16.1 (legacy)
- Version 0.15.1 (legacy)
- Version 0.14.1 (legacy)
- Version 0.13.0 (legacy)
- Version 0.12.0 (legacy)
- Version 0.11.1 (legacy)
- Version 0.10 (legacy)
- Version 0.9 (legacy)
- Version 0.8 (legacy)
License
Archivematica documentation by Artefactual Systems Inc. is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
