Scans

Endpoint Protection lets you configure on-demand, scheduled and periodic scans for each profile on Linux computers just like on Windows computers. On Linux, however, email scanning is not yet available.

On-demand scans

The profile settings let you configure on-demand (immediate) scans of the following items:

• The whole computer

• Hard disks

• Other items

Select “Other items” to specify a path to scan using the Linux path syntax.

On-demand scans will be launched immediately after the relevant configuration has been downloaded, which takes a maximum of 4 hours by default.

Scheduled scans

The profile settings let you create scheduled scans of the following items:

• The whole computer

• Hard disks

• Other items

You can also set the date and time for the scan (local time).

Select “Other items” to specify a path to scan using the Linux path syntax.

Scheduled scans will run automatically on the scheduled date and time, provided the relevant configuration has been downloaded, which takes a maximum of 4 hours by default.

Periodic scans

The profile settings let you create periodic scans of the following items:

• The whole computer

• Hard disks

• Other items

Select “Other items” to specify a path to scan using the Linux path syntax.

You can also set the date and time for the scan (local time). Finally, you can set the frequency of the scan:

• Daily

• Weekly

• Monthly

Periodic scans will be automatically launched on the scheduled date and time, at the scheduled frequency, provided the relevant configuration has been downloaded, which takes a maximum of 4 hours by default.

Launching scans manually

You can launch scans manually from the computer using the PAVSL protection.

Use the following parameters to scan and disinfect files:

Pavsl.sh –cmp –heu –rpt [log] -noglk -prx [http(s)://user:password@computer:port] [samples_path]

Where:

cmp parameter: Indicates whether to parse compressed or package files to scan their contents.

heu parameter: Indicates whether to use heuristic technologies in the scan.

rpt parameter: Indicates the directory (path) where a log file with the scan results will be placed.

noglk parameter: Indicates the scan will be carried out without querying the cloud.

prx parameter: Contains the proxy server settings should a proxy server be used to connect to the Internet.

The format should be as follows:

http://user:password@computer:port

or

https://user:password@computer:port

samples_path parameter: Indicates the path of the file or directory to scan (and any subdirectories it may contain). If you want to scan multiple paths, enter them enclosed in double quotes and separated by commas ("path","path"). In the case of paths with blank spaces, use the escape character (\) and enclose the path in double quotes ("), both whether you want to scan a single path or more than one.

For example:

pavsl.sh –cmp –heu –rpt /tmp/log /home/user/files

pavsl.sh –cmp –heu –rpt /tmp/log “/home/user/files”,” /home/user/files2”

pavsl.sh –cmp –heu –rpt /tmp/log “/home/user/dummy\ files”

pavsl.sh –cmp –heu –rpt /tmp/log “/home/user/dummy\ files”,”/home/user/malware”

If you want the scan results to be sent to the server, the log file must be generated in folder /opt/PCOPAgent/Common/DATA/ScansLogs. Also, the file name must be SCAN_XXXX.log, where XXXX is a 4-digit number.

For example:

pavsl.sh -cmp -heu -rpt /opt/PCOPAgent/Common/DATA/ScansLogs/SCAN_2000.log /home/user/files