Setting General Definitions

To set general definitions, select 1. General Definitions from the Antivirus & AntiRansomware (ATP) Configuration screen (STRAV> 81). The Antivirus General Definitions screen appears.

                        ​ Antivirus General Definitions​       ​ 24/12/24​ 11:22:51​ 
                                                                      ​ RLDEV   ​ 
 Work in *FYI* (Simulation) mode . .​  N          ​ Y=Yes, N=No​                   
 If Y (Simulation), viruses will be only reported. More resources are needed,  ​ 
                  ​ as objects will always be re-scanned. Not recommended.      ​ 
 If N (Real mode): If On Access (real time scan) is active, infected objects are
                  ​ marked as "scan failure", preventing any future use.​         
                  ​ On scheduled scans, infected objects are moved to Quarantine.
 Information to log  . . . . . . . .​  6          ​ 1=Viruses + Signature update​  
                                                 ​ 2=as in 1, plus Excludes​      
                                                 ​ 3=as in 2, plus Other info​    
                                                 ​ 4=as in 3, without Excludes  ​ 
 Log method  . . . . . . . . . . . .​  1          ​ 1=File, 2=QAUDJRN, 3=Both​     
 Log debug information . . . . . . .​  N          ​ Y=Yes, N=No​                   
 Set this value to Y when requested by technical assistance only.            ​   
                                                                                
 Type of virus scanner Local/ICAP  .​  1          ​ 1=ClamAV, 5=ICAP​              
 ICAP is based on external servers. Usage of it frees up IBM i CPU resources. ​  
                                                                                
 Number of local scanners  . . . . .​   1         ​ 1-8​                           
 Ensure all scanners are active  . .​  N          ​ Y=Yes, N=No​                   
                                                                                
 F3=Exit​  ​ F12=Cancel​                                                           
                                                                                

The screen contains these fields:

Work in *FYI* (Simulation) Mode

In *FYI* (Simulation) Mode, Antivirus scans files and logs what it finds, but does not move files into Quarantine or mark them as scanned. This is useful in seeing what Antivirus would do when fully activated without having it tke action against files. Since files are not marked as having been scanned, all files are scanned each time, which consumes more resources, than if files marked as having been scanned are skipped.

Possible values are:

  • Y: Work in Simulation mode
  • N: Work normally, marking files as scanned and acting on them.

Information to log

Antivirus can log several different types of information:

  • 1: Detected viruses and Signature changes
  • 2:Unchanged and excluded objects
  • 3: All detected information
  • 4: All detected information except excluded objects

Log method

Whether to log to a standard file, to QAUDJRN, or both

Log debug information

Whether to include debug information in logs. Do not set this to Y unless requested by technical assistance.

Type of virus scanner Local/ICAP

Whether to scan locally or using a remote system via the ICAP protocol, which uses fewer resources on the local system.

  • 1: Scan on the local system, using the ClamAV scanner
  • 5: Scan using a remote system using ICAP. Set further specifications for the ICAP scan via the Work with ICAP Servers screen, as shown in Connecting to ICAP Servers.

Number of local scanners

Up to eight scanners can run at the same time. Possible values are from 1 through 8. Start with two local scanners. If you see that files are checked too slowly, enhance the number of scanners.

Ensure all scanners are active

Set this parameter to Y if you want to ensure that all defined numbers of local scanners are always up. If some are missing, the watchdog job restarts them.