Dears,
We have created policies in our Guardium setup. In the rules section , some rules are created to send an alert to syslog in case of any violation.
On syslog server we are receiving files from our Guardium collectors . However, these log files are not showing any violations . Instead of a violation the log files are contains following data.
Jul 26 08:58:16 ABCDE65805 init: ttyS0 (/dev/ttyS0) main process ended, respawning
Jul 26 08:58:25 ABCDE65805 init: ttyS1 (/dev/ttyS1) main process (31623) terminated with status 1
Jul 26 08:58:25 ABCDE65805 init: ttyS1 (/dev/ttyS1) main process ended, respawning
Jul 26 08:58:26 ABCDE65805 init: ttyS0 (/dev/ttyS0) main process (31627) terminated with status 1
Jul 26 08:58:26 ABCDE65805 init: ttyS0 (/dev/ttyS0) main process ended, respawning
Jul 26 08:58:35 ABCDE65805 init: ttyS1 (/dev/ttyS1) main process (31631) terminated with status 1
Jul 26 08:58:35 ABCDE65805 init: ttyS1 (/dev/ttyS1) main process ended, respawning
Jul 26 08:58:36 ABCDE65805 init: ttyS0 (/dev/ttyS0) main process (31635) terminated with status 1
Jul 26 08:58:36 ABCDE65805 init: ttyS0 (/dev/ttyS0) main process ended, respawning
Jul 26 08:58:46 ABCDE65805 init: ttyS1 (/dev/ttyS1) main process (31639) terminated with status 1
I would request that if anyone could help me to understand if I am missing something or how can I troubleshoot this issue..Due to this issue we are not getting any reports from Splunk server. Yours help is highly appreciated.With regards
Baljinder
------------------------------
Baljinder Kumar
------------------------------