Elm Computing - Cloud Computing Solutions

Scan an S3 object

After starting the EC2 instance, you can access the API Server using its IP address and the port 8080. For instance, if the IP address is 172.31.39.37, you can perform file scans on the S3 bucket by making requests to http://172.31.39.37:8080/api/clamav/scan/s3/object.

The virus scan API Server is configured to listen on the local address 127.0.0.1:3000. To initiate a virus scan, you can send an HTTP request to http://127.0.0.1:3000/api/clamav/scan/s3/object if the request originates from within the virus scan API server.

curl -d '{"stream": true, "bucket": "elm-bucket-virus-scan", "key": "test/virus_test.txt"}' -H 'Content-Type: application/json' http://172.31.39.37:8080/api/clamav/scan/s3/object 

The three parameters have the following meanings:

• stream: This parameter determines how the server should handle the file download. When set to false, it means that the server will download the whole file into memory first before saving it to disk. When set to true, the server will stream the file directly to disk in smaller chunks. Using streaming can be advantageous when dealing with large files as it reduces the memory footprint required for the download process. It allows for more efficient resource utilization and enables the server to handle files that might otherwise exceed available memory capacity.

• bucket: This parameter specifies the name of the S3 bucket from which the file should be retrieved.

• key: This parameter represents the key of the file within the S3 bucket. It specifies the specific file that should be downloaded and scanned.

Response

A json format string will be returned. The possible return codes are 0, 1, 2, and 99.

• Clean:

{"code":0,"message":"OK"}

• Infected: For example, when Eicar-Signature is identified, the response would be

{"code":1,"message":"Eicar-Signature FOUND"}

• Scan Errors: For example, when having file access error, the response would be

{"code":2,"message":"Can't access file /tmp/test/file"}

• Other Errors: For example, when the IAM role is not properly set, the response would be

{"code":99,"message":"no credentials in the property bag"}

Scan a local file on the API Server

you can perform file scans on local files by making requests to http://172.31.39.37:8080/api/clamav/scan/file.

curl -d '{"file": "/tmp/test.txt"}' -H 'Content-Type: application/json' http://172.31.39.37:8080/api/clamav/scan/file