- What is the purpose of Imunify Hooks?
Imunify360 / AV / AV+ notifies subscribers when a particular event/action occurs in the app, for example, when malware is detected after scanning or when the license expires (starting ver. 4.3). It also passes some parameters and data specific for the event. Events could be handled in the scripts (hook/event handlers) and some further actions could be applied like, for example, a ticket might be submitted or email might be sent out to the user upon malware-detection event.
- How do I enable Imunify Hooks?
You have to connect event handler (i.e. script) to every event you want to handle - you can find more information on how to do it in our [online docs]
- What scripting languages can I use to handle events?
Any scripting languages supported by your system can be used. The script gets a json-encoded string with a list of parameters depending on the type of event. The data shall be read from STDIN.
If you use Python 3.5, it is possible to use so-called native hooks. Refer to the Imunify documentation for more details on native hooks requirements.
- Is it possible to have multiple handlers for a single event type? If so, what would be the priority of connected handlers (subscribers)?
Yes, it is possible. All handlers will be called one by one sequentially as soon as the event fires.
- How do I know if an error occurs during event handler invocation?
Each handler invocation is logged into the /var/log/imunify360/hook.log file
- Is it possible that a hook handler can crash Imunify360 agent?
This is possible only in case of using native hooks which are essentially Python modules. Thus, special care should be taken when using native hooks.