Backstory: undergoing a security review and I need "Level 1" security hardening to be fully functional.
It appears on all our grids (7) of 7.2.1 and 7.4.1, the logging to /var/log/secure from the weekly aide cron job stopped a long time ago
The /var/log/secure file is there; 0 bytes, and there are some previous ones bz2ipped.
I see a post regarding v6 improperly rotating the /var/log/secure file, but (2) of our grids are 7.4.1 out of the box and have never been upgraded. It is not clear the aide program is even being run on a weekly basis.
Any help would be appreciated.
That's the same with our avamars. We have one that has a bz2 file from June 24 (the only secure*bz2 file), and the date of the secure file is June 24 as well, with 0 bytes.
Our second avamar has many secure*bz2 files from as recently as December 6, and the secure file is also dated December 6 and is 0 bytes.
Have you opened a ticket with EMC, this seems odd. Ian Anderson is a ticket necessary to fix this?