Unix Critical File Accessed Detected alert
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-21-2023 12:51 AM
We have observed more count for Unix Critical File Accessed Detected alert from the user “root” on the Host XYZ-FMC-SECONDARY. And also we observed multiple File names which is containing /etc, due to that alert is triggering.
Can anyone help me how to resolve this.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-21-2023 05:32 AM
What system is showing you this alert? Can you provide a sanitized screen shot?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-22-2023 12:59 AM
Please check attach excel file.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-22-2023 05:02 AM
Attaching a random spreadsheet does not answer the question "What system is showing you this alert?"
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-22-2023 07:15 AM
Its ALsec threat management tool that collects fmc logs
