How to scan a file with the Symantec Scan Engine Command Line Scanner (ssecls) utility?
The command line scanner is intended for testing purposes ONLY. It is not intended to be used on a regular basis in a production environment. The command line scanner being used in production is not supported.
To set up a computer to submit files for scanning
To scan a file
If the test is being done at the behest of technical support then please use the verbose switch and also pipe the test results into a text file for sending to technical support, as follows.
ssecls -verbose /path/file > test.txt
(The above command is assuming the test is being done on a local machine and not over a network.)
For more information please refer to the Symantec Implementation Guide, which can be found in the downloads Documentation folder.
Command-line scanner syntax
The command-line scanner uses the following general syntax:
|-server||Specify one or more Symantec Scan Engines for scanning files. You must separate multiple entries with a semicolon. If you do not specify a Symantec Scan Engine, the server option defaults to the local host that is listening on the default port. The format for each Symantec Scan Engine is
|-mode||Optionally override the default antivirus scanning mode. The scanning modes that you can select are as follows: ? scanrepairdelete: If you do not specify a scanning mode, the scan policy defaults to scanrepairdelete. Symantec Scan Engine tries to repair infected files. Files that cannot be repaired are deleted. This is the recommended setting ? scan: Files are scanned, but no repair is attempted. Infected files are not deleted. ? scanrepair: Symantec Scan Engine tries to repair infected files. Files that cannot be repaired are not deleted.|
|-verbose||Report detailed information about the file that is scanned. When you use this option, a line of output is printed to STDOUT for each file that is scanned. The information includes both the name of the file and the result of the scan, including the final disposition of the file.|
|-details||Report detailed information about infections or violations that are found. When you use this option, a block of text is printed to STDOUT for each file that is scanned. The output text indicates the name of the file that was scanned and the result of the scan. If the file is infected or violates an established policy, the output text also provides information about the violation or infection. Note: If you use the -details option, you do not need to use the -verbose option. The output for the -verbose option is duplicated as part of the output for the -details option.|
|-timing||Report the time that was required to scan a file. When you use this option, a line of output is printed to STDOUT for each file that is scanned. The output includes the name of the file that was scanned and the time that it took Symantec Scan Engine to scan the file.|
|-recurse||Recursively descend into the subdirectories that are inside each path that is specified on the command-line.|
|-onerror||Specify the disposition of a file that has been modified (repaired) by Symantec Scan Engine when an error occurs in replacing the file. The default setting is to delete the file. You can specify one of the following: ? leave: The original (infected) file is left in place. ? delete: The original (infected) file is deleted, even though the replacement data is unavailable.|
Subscribing will provide email updates when this Article is updated. Login is required.
Thanks for your feedback. Let us know if you have additional comments below. (requires login)
This will clear the history and restart the chat.