simplegifts1
2 Bronze

Avamar 7.2.1 aide needs some aid.

Backstory: undergoing a security review and I need "Level 1" security hardening to be fully functional.

It appears on all our grids (7) of 7.2.1 and 7.4.1, the logging to /var/log/secure from the weekly aide cron job stopped a long time ago

The /var/log/secure file is there; 0 bytes, and there are some previous ones bz2ipped.

I see a post regarding v6 improperly rotating the /var/log/secure file, but (2) of our grids are 7.4.1 out of the box and have never been upgraded.  It is not clear the aide program is even being run on a weekly basis.

Any help would be appreciated.

Tags (2)
0 Kudos
123kateb
1 Nickel

Re: Avamar 7.2.1 aide needs some aid.

7.5.1-101_HF298709_27

That's the same with our avamars.  We have one that has a bz2 file from June 24 (the only secure*bz2 file), and the date of the secure file is June 24 as well, with 0 bytes.

Our second avamar has many secure*bz2 files from as recently as December 6, and the secure file is also dated December 6 and is 0 bytes.

Have you opened a ticket with EMC, this seems odd.  Ian Anderson is a ticket necessary to fix this?

0 Kudos
ionthegeek
4 Ruthenium

Re: Avamar 7.2.1 aide needs some aid.

I recommend working with support on this.

0 Kudos