XAV Command Line Tool
Many of ClamXAV’s functions can be performed via the XAV command line. Some examples of which are below. We will be adding features to the command line interface as time goes on. You are able to see the available feature-set by running the XAV tool with no command line flags.
Get current version information
/Applications/ClamXAV.app/Contents/MacOS/XAV --version
Update the malware database
/Applications/ClamXAV.app/Contents/MacOS/XAV --update
If you have a database file from the Offline Updates page, you can install this by passing the file to XAV as follows:
/Applications/ClamXAV.app/Contents/MacOS/XAV --update --file database_file.XAVZ
Perform a Quick Scan
/Applications/ClamXAV.app/Contents/MacOS/XAV --quick-scan
Scan arbitrary files/folders
/Applications/ClamXAV.app/Contents/MacOS/XAV --scan /paths/to/scan
If the item you pass to be scanned has specific scan settings configured within ClamXAV, these will be used.
Please note, this feature is still in beta, so please do report your findings if you experience any unexpected results.
Update your licence details
Sometimes you may wish to force ClamXAV to update the licence details without redeploying the installer, for example if your organisation’s name has changed, or if the renewal date has been change.
/Applications/ClamXAV.app/Contents/MacOS/XAV --update-licence
Prune log files
/Applications/ClamXAV.app/Contents/MacOS/XAV --prune-logs NNN
Where NNN is the number of days to be kept. If you supply no number, XAV will prune all log entries older than 120 days.
Submit diagnostics report to our support team
If you contact our support team for assistance, we may request diagnostics from the problematic computer. As well as holding the option key whilst clicking the ClamXAV Menubar Item, you can also do this via XAV command line:
/Applications/ClamXAV.app/Contents/MacOS/XAV --submit-diagnostics NNNN
where NNNN is your ticket number from our helpdesk. Please note, reports submitted which don’t have a valid ticket number will be deleted automatically, so please contact support to get this ticket number first.
Parsing ClamXAV’s logging database
All events performed by ClamXAV are logged in our proprietary database format. To aid data collection and reporting, it’s possible to export the logs into a plain text file. This can also be done using the XAV command line tool.
Viewing Malware DB Update logs
You can obtain a report of all malware database update events since you installed ClamXAV with the following command:
/Applications/ClamXAV.app/Contents/MacOS/XAV --parse-logs updates
Alternatively, you can supply a start date (in ISO 8601 format) for the log parser if you only want to see recent events:
/Applications/ClamXAV.app/Contents/MacOS/XAV --parse-logs updates start-date 2022-01-10
Likewise, you can supply an end-date if you don’t want the most recent records. Alternatively, you can combine start-date and end-date if you’re only interested in a range in the middle of the report.
Viewing Scan reports
The same command line options work for viewing the output of scan reports. Just issue the same parse-logs flag and swap updates for scans:
/Applications/ClamXAV.app/Contents/MacOS/XAV --parse-logs scans
/Applications/ClamXAV.app/Contents/MacOS/XAV --parse-logs scans start-date 2022-01-01
/Applications/ClamXAV.app/Contents/MacOS/XAV --parse-logs scans start-date 2022-01-01 end-date 2022-01-20
Any scans which have detected malware will display those detections immediately after the scan, indented with a single tab character.