Jamf Nation Community

tkimpton · ‎02-26-2013

Hi guys

I am trying out a theory to auto scan USB and Firewre drives with Sophos Anti-Virus

when i carry out a ```
sweep /Volumes/RALLY2 64GB/

i can see the test vicar virus being picked up here like this

>>> Virus 'EICAR-AV-Test' found in file /Volumes/RALLY2 64GB/eicar.com.txt


What i am thinking is to just get the /Volumes/RALLY2 64GB/eicar.com.txt to pass it on to a variable for another command

This is what i have so far but it doesn't look very elegant

sweep /Volumes/RALLY2 64GB/ | grep ">>> Virus" | cut -d"'" -f3 | cut -c 16-
```

This gives me the result i need

/Volumes/RALLY2 64GB/eicar.com.txt

Does anyone have any suggestions i can use to clean it up a bit?

Thanks

PeterClarke · ‎02-26-2013

Yes, you are actually interested in the text that comes AFTER the Fixed String: "found in file"

Or to be even more precise: String that starts with word: "Virus" followed by something followed by "found in file"
Then you are interested in what comes next, until the end of the line.

The grep on "Virus" successfully picks out that line,

example:

MyString="Virus 'EICAR-AV-Test' found in file /Volumes/RALLY2 64GB/eicar.com.txt"

MyMatch=$(echo $MyString | sed -e 's/.*found in file//')
echo $MyMatch

I think there's a way to get sed to do the original grep too..
But the above should work - for that part.

PeterClarke · ‎02-26-2013

Forgot to say the output would be:
/Volumes/RALLY2 64GB/eicar.com.txt

Jamf Nation Community

Need help with a script to Auto Sophos Anti-Virus Scan USB & FireWire drives