KBI 310786 Issue Addressed: Linux/UNIX Log Rule Cannot Generate Combined Events
Version
Argent for Compliance 3.1A-1310-A or below
Date
Friday, 20 Dec 2013
Summary
Argent for Compliance uses the Boolean registry ‘COMBINE_ALERTS_ON_LOG_EVENT‘ to control whether to generate combined event or individual events in a single file log scanning
There were some issues with the Linux/UNIX Log Rule
Technical Background
Argent AT 3.1A-1401-A has corrected this issue and now generates combined events as expected
The event now lists the latest occurrence as well as previous ones
Resolution
Upgrade to Argent AT 3.1A-1401-A or later