If a search is done on Security Analytics for data that is older than the beginning of capture data or before the sensor started capturing any data, the gaugefs process may crash. The monitoring service will automatically restart the gaugefs process, but you may notice a hiccup in the process or possibly will not get any results back. Confirm that the start and end date for the search you are performing is within the capture and/or meta data window.
You can confirm if the segfaults are happening by using this command:
grep -i segfault /var/log/messages
This is fixed in Security Analytics version 7.2.x and later.
Imported Document ID: 000031466
Subscribing will provide email updates when this Article is updated. Login is required.