Security Manager Unix pacct log source failing to parse correctly on suse 10.x + (NETIQKB72377)

  • 7772377
  • 03-Jun-2010
  • 28-Jun-2010

Environment

This problem affects the 5.6 security agent and the 7.1 unified agent.

Situation

The pacct log source fails to parse process accounting events correctly from the process account log file on SUSE linux versions 10.0 and up.

Resolution

This hotfix enables the agent to dynamicly determine which log format the process accounting log file is in and parse it correctly. This maintains backward compataiblity with older SUSE versions as well as any other linux distribution which has not yet updated to the newer version 3 format.

Cause

Starting with version 10.0, SUSE began using version 3 of the process accounting log format.

Additional Information

Formerly known as NETIQKB72377