Implement first revision of malware scanning microservice.
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
This commit is contained in:
parent
8a61a52fa1
commit
e717674f45
47
README.md
47
README.md
@ -1,3 +1,48 @@
|
||||
# malscan
|
||||
|
||||
REST-based API to consume ClamAV as a microservice
|
||||
REST-based API to consume ClamAV as a microservice.
|
||||
|
||||
## API endpoints
|
||||
|
||||
This microservice exposes the following API endpoints:
|
||||
|
||||
- `/status`
|
||||
- `/scan`
|
||||
|
||||
### `/status` endpoint
|
||||
|
||||
This endpoint provides the status of the malware engine used as well as the amount of signatures in the database. It also carries out a basic sanity check on the antimalware software being used.
|
||||
|
||||
Methods accepted: `GET`
|
||||
|
||||
Parameters: none
|
||||
|
||||
Example output:
|
||||
```
|
||||
{
|
||||
"scanning_engine": "clamav",
|
||||
"signature_count": 8659701,
|
||||
"sanity_check": true
|
||||
}
|
||||
```
|
||||
|
||||
### `/scan` endpoint
|
||||
|
||||
Methods accepted: `POST`
|
||||
|
||||
Parameters: file to be scanned needs to be supplied as the body of the request. Maximum file upload size is 20MB.
|
||||
|
||||
Example output:
|
||||
```
|
||||
{
|
||||
"malware_detected": true,
|
||||
"malware_name": "Win.Test.EICAR_HDB-1",
|
||||
"engine": {
|
||||
"scanning_engine": "clamav",
|
||||
"signature_count": 8659701,
|
||||
"sanity_check": true
|
||||
}
|
||||
}
|
||||
```
|
||||
|
||||
You can use this endpoint using eg `curl -X POST http://localhost:8080/scan --data "@eicar.com"`
|
||||
24
rest.go
24
rest.go
@ -19,7 +19,29 @@ type scan_response struct {
|
||||
}
|
||||
|
||||
func scan_api(c *gin.Context) {
|
||||
data, err := c.GetRawData()
|
||||
if err != nil {
|
||||
c.IndentedJSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
|
||||
return
|
||||
}
|
||||
|
||||
malware_type, err, sigCount := scan_data(data)
|
||||
malware_detected := true
|
||||
if malware_type == "" {
|
||||
malware_detected = false
|
||||
}
|
||||
|
||||
response := scan_response{
|
||||
Malware_detected: malware_detected,
|
||||
Malware_name: malware_type,
|
||||
Engine: status_response{
|
||||
Signature_count: sigCount,
|
||||
Sanity_check: true,
|
||||
Scanning_engine: "clamav",
|
||||
},
|
||||
}
|
||||
|
||||
c.IndentedJSON(http.StatusOK, response)
|
||||
}
|
||||
|
||||
func status_api(c *gin.Context) {
|
||||
@ -36,7 +58,7 @@ func start_api() {
|
||||
gin.SetMode(gin.ReleaseMode)
|
||||
|
||||
router := gin.Default()
|
||||
router.PUT("/scan", scan_api)
|
||||
router.POST("/scan", scan_api)
|
||||
router.GET("/status", status_api)
|
||||
|
||||
router.Run(":8080")
|
||||
|
||||
Loading…
Reference in New Issue
Block a user