File and folder structure

This topic details the file and folder structure of ESET Endpoint Antivirus for Linux, in case ESET Technical Support asked you to access files for troubleshooting purposes. The list of daemons and command-line utilities is available to further below.

Base directory

The directory where ESET Endpoint Antivirus for Linux loadable modules containing the virus signature database are stored.

/var/opt/eset/eea/lib

Cache directory

The directory where cache of ESET Endpoint Antivirus for Linux and temporary files (such as quarantine files or reports) are stored.

/var/opt/eset/eea/cache

Binary files directory

The directory where the relevant ESET Endpoint Antivirus for Linux binary files are stored.

/opt/eset/eea/bin

There you find the following utilities:

odscan — use it to run on-demand scan via a Terminal window

quar — use it to manage quarantined items

upd — use it to manage module updates or to modify update settings

System binary files directory

The directory where the relevant ESET Endpoint Antivirus for Linux system binary files are stored.

/opt/eset/eea/sbin

There you find the following utilities:

collect_logs.sh — use it to generate all essential logs as an archive file to the home folder of being logged in user

ecp_logging.sh — use it to generate logs related to product activation.

lic — use it to activate ESET Endpoint Antivirus for Linux with the purchased license key or to check the activation status and license validity

lslog — use it to display logs gathered by ESET Endpoint Antivirus for Linux

startd — use it to start ESET Endpoint Antivirus for Linux deamon manually in case it was stopped

To see if ESET Endpoint Antivirus for Linux service is active, run the following command from a Terminal window with root privileges:

systemctl status eea.service

Sample output from systemctl:

sysmtectl_sample_output

Deamons

sbin/startd – Main daemon, starts and manages other deamons

lib/scand – Scanning daemon

lib/oaeventd – On-access event interception service (using eset_rtp kernel module)

lib/confd – Configuration management service

lib/logd – Logs management service

lib/licensed – Activation and licensing service

lib/updated – Module update service

lib/execd + lib/odfeeder – On-demand scanning helpers

lib/utild – Utility service

lib/sysinfod – OS and media detection service

Command-line utilities

sbin/lslog – Logs listing utility

bin/odscan – On-demand scanner

lib/cfg – Configuration utility

sbin/lic – Licensing utility

bin/upd – Module update utility

bin/quar – Quarantine management utility

lib/cloud – Allows to submit a sample to ESET LiveGrid® or ESET Dynamic Threat Defense via the command line (EEAU 8.1 or later required)