Excluding Objects from Scans
You can create lists of objects for Antivirus to skip when scanning directories that contain them. These can be either full directories or files within them.
| AVDFN Antivirus Definitions and Refresh RLDEV Definitions for Real-Time Scan Refresh Virus Definitions 1. Excludes by *generic* names 41. Refresh 2. Excludes by Regular Expressions 42. Schedule Refresh 45. Virus signature files 7. Reset Scan Status of a File 46. Refresh Log 8. Change Scan Attribute for R/T 9. Dirs and their Scan Attribute 49. Display Last Refresh Time Definitions for Batch Scan Regular Expressions 11. Excludes by *generic* names 51. Guide and Recommendations 12. Excludes by Regular Expression 13. Group of Dirs/Objects to Scan ICAP Support 21. Server Definitions Selection or command ===> F3=Exit F4=Prompt F9=Retrieve F12=Cancel F13=Information Assistant F16=System main menu |
Excluding items from Real-Time Scans
To exclude objects from real-time scans by editing a file, select 1. Exclude by *generic* names from the Antivirus Definitions and Refresh menu (STRAV> 21). The Files and Directories to Exclude screen appears.
| Files and Directories to Exclude Type options, press Enter. 1=Select 4=Delete Subset . Y=Case Opt Sensitive Object /home/test/example/exclude/* /home/test/example/exclude /home/test/example/exclude > Y /home/test/example/exclude Bottom F3=Exit F6=Add New F8=By RegExp F12=Cancel F22=Display entire field There are 4 entries defined, out of the 500 allowed. |
To edit existing entries, enter 1 in the Opt column.
To delete entries, enter 4 in the Opt column.
To add new entries, press the F6 key. The Add Files and Directories to Exclude screen appears. Type choices and press Enter.
To work with the excludes as regular expressions, press the F6 key.
To exclude objects from real-time scans by regular expressions, select 2. Excludes by Regular Expressions from the Antivirus Definitions and Refresh menu (STRAV> 21). An editor opens to edit the /SMZVDTA/conf/OA_exc.conf file.
| Edit File: /SMZVDTA/CONF/OA_EXC.CONF Record : 1 of 7 by 10 Column : 1 88 by 126 Control : CMD ....+....1....+....2....+....3....+....4....+....5....+....6....+....7....+....8....+....9....+....0....+....1....+....2....+.. ************Beginning of data************** # You are defining Excludes for BATCH (On Demand) Scan by regular expressions. # Preceding a line with caret, means begin of file name. Ending with $ means end of line # Preceding a line with (?i) makes it case insensitive # Lines that start with # are considered comments # See https://www.freeformatter.com/regex-tester.html # Note: A different menu option enables specyfying excludes by extended *generic* /SMZVDTA/ ************End of Data******************** F2=Save F3=Save/Exit F12=Exit F15=Services F16=Repeat find F17=Repeat change F19=Left F20=Right |
To reset the scan status of an IFS object to *REQUIRED, select 7. Reset Scan Status of a File from the Antivirus Definitions and Refresh menu (STRAV> 21). Reset Scan Status (RSTSCNSTS) screen appears. Type choice, press Enter. NOTE: In realtime marked IFS objects are no longer available from the operating system. The flag “scan status” is set to *FAILURE.
To exclude scans of directories, select 8. Change Scan Attribute for R/T from the Antivirus Definitions and Refresh menu (STRAV> 21). Change Scan Attribute for R/T (CHGSCNATR) screen appears. Type *NO in the New value field and press Enter.
To exclude objects from real-time scans by selecting items, select 9. Dirs and their Scan Attribute from the Refresh, Definitions, ICAP menu (STRAV> 21). The Directories and their Scan Attribute screen appears.
| Display IFS Dir Scan Attribute (DSPSCNA) Type choices, press Enter. Path . . . . . . . . . . . . . . Directory requires virus scan . *ALL *YES, *NO, *ALL Output . . . . . . . . . . . . . * *, *PRINT, *CSV Bottom F3=Exit F4=Prompt F5=Refresh F10=Additional parameters F12=Cancel F13=How to use this display F24=More keys |
In the Path field, enter the absolute pathname of a directory, beginning with the slash ("/") character. To reduce scanning time, start relatively low in the directory tree.
The Directory requires virus scan field indicates whether to display files and directories within that directory that will or will not be scanned. Possible values include:
- YES: Show items that will be scanned
- NO: Show items that will not be scanned
- ALL: Show all items
Press Enter to see the selected items. If you have selected the * in the Output field, a second Directories and their Scan Attribute screen appears. Otherwise, a spooled file or CSV file is created and sent by email.
| Directories and their Scan Attribute Type choices, press Enter. Subset by Scan attribute . N Y, N, A=All Scan No /DEMOC No /DEMOC/exclude No /DEMOC/RYUK No /DEMOC/cert No /DEMOC/testdir No /DEMOC/tmp No /DEMOC/database No /DEMOC/log No /DEMOC/conf No /DEMOC/smzvdta.conf.21.6.21 No /DEMOC/download No /DEMOC/fromsmzvdta No /DEMOC/back No /DEMOC/VIRUS-FOR-TEST_save No /DEMOC/ccsid More... F3=Exit F5=Refresh F8=Change Scan attribute F12=Cancel F22=Display entire name |
The body of the screen lists the objects in the directory. For each, the Scan field shows whether Antivirus will scan it. As with the previous screen, you can set whether to list only objects that will be scanned, those that will not, or all objects by setting the Subset by scan attribute field to N, Y, or A, respectively.
To display the full pathname of an object if the name is truncated on the screen, press the F22 (Shift+F10) key. The Display Entire Name window appears, showing the entire name of the object. To dismiss the window, press the F12 key.
To change the scan attribute of an item, place the cursor on the line for that item and press the F8 key. The Change Scan Attribute for R/T (CHGSCNATR) screen appears.
| Change Scan Attribute for R/T (CHGSCNATR) Type choices, press Enter. Object . . . . . . . . . . . . . > '/test' Path name New value . . . . . . . . . . . *YES, *NO Attribute . . . . . . . . . . . > *ALL *ALL, *SCAN, *CRTOBJSCAN Directory subtree . . . . . . . > *ALL *NONE, *ALL Bottom F3=Exit F4=Prompt F5=Refresh F12=Cancel F13=How to use this display F24=More keys Keyword KNWNVAL not valid for this command. |
The body of the screen contains these fields:
Object
(Read-only) The pathname of the object.
New value
The new value for the attribute. Valid values include *YES and *NO.
Attribute
The attribute to be changed. Possible values include:
-
*ALL: For either scan files or directories: specifies whether the object or, for a directory, the objects created in the directory will be scanned when exit programs are registered with any of the integrated file system scan-related exit points
-
*SCAN: For stream files: specifies whether the object will be scanned when exit programs are registered with any of the integrated file system scan-related exit points.
-
*CRTOBJSCAN: For directories: specifies whether the objects created in the directory will be scanned when exit programs are registered with any of the integrated file system scan-related exit points
Directory subtree
The subtrees to be scanned.
NOTE: The most effective way to prevent Antivirus from scanning a file or directory is to set the *SCAN or *CRTOBJSCAN attribute, respectively, to *NO.
Excluding items from Batch Scans
To exclude objects from batch scans, select 11. Excludes by *generic* names from the Antivirus Definitions and Refresh menu (STRAV> 21). The Files and Directories to Exclude screen appears.
| Files and Directories to Exclude Type options, press Enter. 1=Select 4=Delete Subset . Y=Case Opt Sensitive Object /home/test/example/exclude/* /home/test/example/exclude /home/test/example/exclude > Y /home/test/example/exclude Bottom F3=Exit F6=Add New F8=By RegExp F12=Cancel F22=Display entire field There are 4 entries defined, out of the 500 allowed. |
To edit existing entries, enter 1 in the Opt column.
To delete entries, enter 4 in the Opt column.
To add new entries, press the F6 key. The Add Files and Directories to Exclude screen appears. Type choices and press Enter.
To work with the excludes as regular expressions, press the F6 key.
To exclude objects from real-time scans by regular expressions, select 12. Excludes by Regular Expressions from the Antivirus Definitions and Refresh menu (STRAV> 21). An editor opens to edit the /SMZVDTA/conf/ALL_exc.conf file.
| Edit File: /SMZVDTA/conf/ALL_exc.conf Record : 1 of 15 by 10 Column : 1 109 by 126 Control : CMD ....+....1....+....2....+....3....+....4....+....5....+....6....+....7....+....8....+....9....+....0....+....1....+....2....+.. ************Beginning of data************** ************************************************************************************************************* * Directories/File Extensions to Exclude in SCANAV Command * * File name: /SMZVDTA/conf/ALL_exc.conf * * There are 2 types of exclude options: * * 1. directories * * 2. File Extensions * * Use this file to specify up to 50 directories / File Extensions * * to be excluded when the command SCANAV is used. * * Start each directory/Extension in a new line, from its first column. * * Preceding a line with a "*" or a "#" makes it a comment. * * Examples: * * .log * * /SMZVDTA * ************************************************************************************************************* /test/data/d[0-9]*/out ************End of Data******************** F2=Save F3=Save/Exit F12=Exit F15=Services F16=Repeat find F17=Repeat change F19=Left F20=Right |
You can specify wildcards for the names of the objects as either:
-
IBM i extended notation, using *generic* names with multiple (up to 10) asterisks (*). You can specify whether the definition is case sensitive.
-
Regular Expressions, as in Linux.
For example, the entry shown above, "[0-9]*/out" skips any file or directory named "out" within a directory whose name consists only of one or more digits.