Intrusion Detection events from a Solaris agent does not contain the User Name
search cancel

Intrusion Detection events from a Solaris agent does not contain the User Name

book

Article ID: 161798

calendar_today

Updated On:

Products

Data Center Security Server Data Center Security Server Advanced

Issue/Introduction

 With an Intrusion Detection policy deployed to a Solaris agent, when a watched file is accessed or modified, the User Name is not in the Event Details.

Cause

 At this time Real Time File Integrity Monitoring (RT-FIM) is not supported on Solaris.

Resolution

The IDS Filewatch module on Solaris is functioning as designed.


Powered by Wolken Software