-
Notifications
You must be signed in to change notification settings - Fork 1
/
acScanFileAndFlagObject.re
41 lines (40 loc) · 1.42 KB
/
acScanFileAndFlagObject.re
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
acScanFileAndFlagObject(*ObjPath,*FilePath,*Resource)
{
# Run clamscan script on resource
msiExecCmd("scanfile.py", *FilePath, *Resource, null, null, *CmdOut);
# Save operation status
assign(*Status, $status);
# Get stdout from last call
msiGetStdoutInExecCmdOut(*CmdOut, *StdoutStr);
# Passed, failed, or error?
if (*Status == 0)
then
# # Scan successful, object passed
{
# # Get timestamp
msiGetSystemTime(*Time, human);
# # Create new KeyValPair_MS_T
msiAddKeyVal(*KVP, "VIRUS_SCAN_PASSED.*Time", *StdoutStr);
# # Add new metadata triplet to object
msiAssociateKeyValuePairsToObj(*KVP, *ObjPath, "-d");
}
else
{
if (*Status == 344000)
then
# # Scan successful, object failed
{
# # Get timestamp
msiGetSystemTime(*Time, human);
# # Create new KeyValPair_MS_T
msiAddKeyVal(*KVP, "VIRUS_SCAN_FAILED.*Time", *StdoutStr);
# # Add new metadata triplet to object
msiAssociateKeyValuePairsToObj(*KVP, *ObjPath, "-d");
}
else
# # Scan failed (command execution error)
{
nop;
}
}
}