Files can be rated as malicious based on our own signatures database which is constantly being replenished and updated from our end.
Updates of the malware signatures database are released every business day. After the release, the update reaches clients' servers within 4 hours – every 4 hours the hosts check for updates, and if any has already been released, it downloads them, so these changes can be installed on the server even earlier than the terms specified.
You can also use this command to urgently update signatures if one has already been released:
$ imunify360-agent update sigs --force
The signatures updates should be logged in the /var/log/imunify360/console.log.
The logs themselves will be looking in the following way:
$ grep 'sigs' /var/log/imunify360/console.log
INFO [2020-03-12 04:24:21,627] defence360agent.files: sigs was updated less than 4 hours ago.
INFO [2020-03-18 14:53:33,925] defence360agent.files: Updating sigs files
INFO [2020-03-18 14:54:41,243] defence360agent.files: Updated sigs using file by file download
INFO [2020-03-18 18:00:16,729] defence360agent.files: sigs was updated less than 4 hours ago.
INFO [2020-03-18 18:01:12,848] defence360agent.files: sigs was updated less than 4 hours ago.
INFO [2020-03-18 18:02:40,476] defence360agent.files: Updating sigs files
INFO [2020-03-18 18:02:49,378] defence360agent.files: Updated sigs using all.zip
Comments
0 comments
Please sign in to leave a comment.