KBI 310786 Issue Addressed: Linux/UNIX Log Rule Cannot Generate Combined Events


Argent for Compliance 3.1A-1310-A or below


Friday, 20 Dec 2013


Argent for Compliance uses the Boolean registry ‘COMBINE_ALERTS_ON_LOG_EVENT‘ to control whether to generate combined event or individual events in a single file log scanning

There were some issues with the Linux/UNIX Log Rule

Technical Background

Argent AT 3.1A-1401-A has corrected this issue and now generates combined events as expected

The event now lists the latest occurrence as well as previous ones


Upgrade to Argent AT 3.1A-1401-A or later