Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
437
Views
0
Helpful
0
Replies

SyslogSeverityMatchFound events generated: SeverityMatch : Alert MatchedEvent : Jul 28 10:22:38 CUP01 authpriv 1 sudo: xcpuser : command not allowed ; TTY=unknown ; PWD=/ ; USER=root ; COMMAND=/bin/chgrp ccmbase /var/log/active/platform/log/dbl.bin

BiaMeslin
Level 1
Level 1

‎07-29-2020 12:10 PM

Customer found the below alert on RTMT for his IM&P Publisher

 

SyslogSeverityMatchFound events generated: SeverityMatch : Alert MatchedEvent : Jul 28 10:22:38 CUP01 authpriv 1 sudo: xcpuser : command not allowed ; TTY=unknown ; PWD=/ ; USER=root ; COMMAND=/bin/chgrp ccmbase /var/log/active/platform/log/dbl.bin

 

The most similar issue I found is CSCuw99718, but customer is running v 11.5.1.13901-1 wha is supposed to be fix in this version as bug description.

Does anyone has faces this alarm before? Any clue on how to troubleshoot that?

 

Thanks and regard,

 

0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents