Linux

The configuration file for the server is located in /etc/ometascan/ometascan.conf

After modifying the server configuration file you must restart the Metadefender Core service in order for the changes to take effect. You should use the distribution-standard way to restart the service.

[global] section

parameter	default value	required	description
restaddress	0.0.0.0	required	One of the IP addresses of the computer that runs the product to serve REST API and web user interface (0.0.0.0 means all interface)
restport	8008	required	Designated port number for the web and REST interface
address		optional	Address of the computer to accept external scan node connections
port		optional	Designated port number to accept external scan node connections
report_engine issue	true	optional	Enable reporting of engine issue count. (possible values: "true" or "false").
quarantinepath	[Core data directory]/quarantine	optional	Directory for quarantine database and quarantined items
sanitizepath	[Core data directory]/sanitized	optional	Directory for sanitized database and sanitized items

[logger] section

key	default value	required	description
logfile	/var/log/ometascan/ometascan.log	optional	Full path of a logfile to write log messages to
loglevel	info	optional	Level of logging. Supported values are: debug, info, warning, error
syslog		optional	Switch on logging to a local ('local') or remote ('protocol://<hostname>:<port>') syslog server (Multiple server can be specified separated with comma)
syslog_level		optional	Level of logging. Supported values are: debug, info, warning, error
override		optional	override specific log ids to display them on another level e.g.: "1723:error,663:info"
cef	false	optional	If true, the log format is Common Event Format.
nginx_logfile	/var/log/ometascan/nginx-ometascan.log	optional	File name and path to store the NGINX logs. If this value is changed, the /etc/logrotate.d/ometascan should be changed accordingly.

You should set both of syslog and syslog_level or none of them and you should set both of logfile and loglevel or none of them.

For override a list of log message ids needed with optionally a level. If there is no level set for an id, it will be displayed on every occasion. e.g.: "1723,663:info" means id 1723 dump message will be displayed every time and id 663 warning message is reduced to info level.

Windows

The configuration for the server is located in Windows Registry

After modifying the server configuration file you must restart the MetaDefender Core service in order for the changes to take effect.

Default logging target is Windows event log with default level of info (see below).

HKEY_LOCAL_MACHINE\SOFTWARE\OPSWAT\Metascan\global

parameter	default value	type	required	description
restaddress	0.0.0.0	string value	required	One of the IP addresses of the computer that runs the product to serve REST API and web user interface (0.0.0.0 means all interface)
restport	8008	string value	required	Designated port number for the web and REST interface
address		string value	optional	Address of the computer to accept external scan node connections
port		string value	optional	Designated port number to accept external scan node connections
report_engine issue	true	string value	optional	Enable reporting of engine issue count. (possible values: "true" or "false").
quarantinepath	[installdir]\data\quarantine	string value	optional	Directory for quarantine database and quarantined items
sanitizepath	[installdir]\data\sanitized	string value	optional	Directory for sanitized database and sanitized items

Reporting of engine issue count

If reporting of engine issue count is enabled, Metadefender Core v4 server will send only the number of initialization errors and number of unexpected stops for the specific db/engine version. This information is sent over a HTTPS channel when the product downloads the latest package descriptors. This information is used for early detection of any specific 3rd party engine quality issues.

HKEY_LOCAL_MACHINE\SOFTWARE\OPSWAT\Metascan\logger

key	default value	type	required	description
logfile		string value	optional	Location of a logfile to write log messages to
loglevel		string value	optional	Level of logging. Supported values are: debug, info, warning, error
wineventlog_level	info	string value	optional	Level of logging. Supported values are: debug, info, warning, error
syslog		string value	optional	Value can only by in form of 'udp://<hostname>:<port>' (Multiple server can be specified separated with comma)
syslog_level		string value	optional	Level of logging. Supported values are: debug, info, warning, error
override		string value	optional	override specific log ids to display them on another level e.g.: "1723:error,663:info"
cef	false	string value	optional	If true, the log format is Common Event Format.
nginx_logfile	[installdir]\nginx\nginx.log	string value	optional	File name and path to store the NGINX logs. (Rotation of this log has not yet been solved on Windows systems)

You should set both of syslog and syslog_level or none of them and you should set both of logfile and loglevel or none of them.

Please note, if a data entry to be used does not exist, it should be created first.

3.2.1. Startup Core Configuration

Linux

[global] section

[logger] section

Windows

HKEY_LOCAL_MACHINE\SOFTWARE\OPSWAT\Metascan\global

HKEY_LOCAL_MACHINE\SOFTWARE\OPSWAT\Metascan\logger

Search results