doc: update clamav docs

Muni10 · Muni10 · commit 1a331c062aea · 2025-12-18T08:44:16.000+01:00
diff --git a/docs/services/antivirus.md b/docs/services/antivirus.md
@@ -5,19 +5,22 @@ tags: [explanation, services]
 
 # Anti-Virus Scanning
 
-## Getting started
+## What is ClamAV
 
 [ClamAV][clamav] is an open source antivirus engine for detecting trojans, viruses, malware and other malicious threats.
 It is used in a variety of situations including file scanning, email scanning, web scanning and end point security.
 
-This feature is installed on all Nais clusters.
-ClamAV runs with one daemon pod and one pod running the REST api the applications use.
-There is a service set up so all applications will be able to talk to the REST api using [http://clamav.nais-system/scan](http://clamav.nais-system/scan).
-The REST api supports PUT or POST and can be tested using curl as well:
+## Where is it available
+This feature is installed on all nais clusters if the feature is enabled in the tenant.
+ClamAV has a REST API applications in the cluster can use for scanning files and urls.
 
-ClamAV has a REST API applications can use for scanning files and urls.
+There is a service set up so all applications will be able to talk to the REST api using either 
+- V1 API: http://clamav.nais-system/scan
+- V2 API: http://clamav.nais-system/api/v2/scan
 
-The REST API has one endpoint `/scan` that supports PUT or POST with form-data. It can be tested using curl as well:
+The service can only be used from inside the cluster and the APIs support PUT with a request body or POST with form-data.
+
+It can be tested using curl:
 
 ```bash
 # Example
@@ -26,13 +29,7 @@ curl -v -X PUT --data-binary @/tmp/file_to_test  http://clamav.nais-system.svc.n
 curl -v http://clamav.nais-system.svc.cluster.local/scan?url=url_to_file
 ```
 
-See [ClamAV documentation][clamav-docs] and [ClamAV REST API][clamav-api] for more information.
-
-[clamav]: https://www.clamav.net/
-[clamav-docs]: https://docs.clamav.net/
-[clamav-api]: https://github.com/navikt/muescheli
-
-## Access Policy
+### Access Policy
 
 When using ClamAV on GCP, remember to add an [outbound access policy](../workloads/how-to/access-policies.md):
 
@@ -43,21 +40,54 @@ metadata:
   name: myapp
 ...
 spec:
-  ...
   accessPolicy:
     outbound:
       rules:
         - application: clamav
           namespace: nais-system
 ```
 
-## Support
+## What is returned from the API
+
+The response returns a JSON result that differs slightly based on which version of the API you're using:
+
+V1 (will return HTTP/500 if any error occurs):
+```
+[
+  {
+    "Filename": "yourfile.txt",
+    "Result": "OK"
+  }
+]
+```
 
-If you have any questions about ClamAV please contact the Nais team on Slack, [#nais](https://nav-it.slack.com/messages/C5KUST8N6) or contact [@Sten.Ivar.Røkke](https://nav-it.slack.com/archives/D5KP2068Z) directly.
+V2 (will return HTTP/200 with error message):
+```
+[
+  {
+    "filename": "yourfile.txt",
+    "result": "OK",
+    "virus": "",
+    "error": ""
+  }
+]
+```
+
+
+See [ClamAV documentation][clamav-docs] and [ClamAV REST API][clamav-rest] for more information.
+
+[clamav]: https://www.clamav.net/
+[clamav-docs]: https://docs.clamav.net/
+[clamav-rest]: https://github.com/nais/clamav-rest
 
 ## Examples
 
-Code example can be found here:
+Code examples can be found here:
 
 - [foreldrepenger-api](https://github.com/navikt/foreldrepengesoknad-api/blob/master/domene/src/main/java/no/nav/foreldrepenger/selvbetjening/vedlegg/virusscan/VirusScanConfig.java)
 - [pale-2](https://github.com/navikt/pale-2/blob/main/src/main/kotlin/no/nav/syfo/client/clamav/ClamAvClient.kt)
+- 
+## Support
+
+If you have any questions about ClamAV please contact the Nais team on Slack, [#nais](https://nav-it.slack.com/messages/C5KUST8N6).
+
