ClamAV detected infected files

therliss · April 17, 2017, 11:30am

Hi,

I have the latest version installed, and my ClamAV has detected infected files.

The instalation is from : deb https://packages.graylog2.org/repo/debian/ stable 2.2

/usr/share/graylog-server/plugin/graylog-plugin-collector-2.2.3.jar: Js.File.MaliciousHeuristic-6260279-2 FOUND
/usr/share/graylog-server/plugin/graylog-plugin-enterprise-integration-2.2.3.jar: Js.File.MaliciousHeuristic-6260279-2 FOUND

jochen · April 18, 2017, 7:15am

Thanks for bringing this up!

Fortunately, it’s a false positive and ClamAV is only complaining that the Javascript files, which are distributed with these plugins, are “obfuscated”. They are minified, but not intentionally obfuscated.

Topic		Replies	Views
Threatintel Plugin in Graylog 2.2 Graylog Central (peer support)	2	442	February 17, 2017
Setup Anomaly detection in Graylog Graylog Central (peer support)	0	1054	April 16, 2017
File Integrity Monitoring? Graylog Central (peer support)	5	1837	March 20, 2018
Graylog 4.3 - reinstall plugin Graylog Central (peer support)	8	744	September 16, 2022
Graylog 5.0 Installation Script Graylog Central (peer support)	3	1319	February 2, 2023

ClamAV detected infected files

Related Topics