Data Center Security (DCS) Agent Real-Time File Integrity Monitoring (RTFIM) Detection stops working after upgrading Red Hat Linux
Article ID: 164156
Data Center Security Server Advanced
After RHEL (Red Hat Enterprise Linux) is upgraded from release 6.7 to 6.8, the DCS Agent Real-Time File Integrity Monitoring Detection stops and a detection warning message is reported to the DCS:SA console.
FWC_0029: Failed to initialize Real-Time File Integrity Monitoring
RHEL 6.8 Kernel 2.6.32-642.el6.x86_64 #1
DCS:SA Agent build 184.108.40.2065
The kernel upgrade causes a DCS:SA RTFIM detection malfunction.
Upgrade DCS:SA Agent to release 6.7 or later that supports kernel 2.6.32-642.el6.x86_64
Restart the IDS Agent with this command:
Verify the RTFIM driver has been loaded and the FWC_0028: Real-Time File Integrity Monitoring successfully initialized event has been generated
DCS:SA Unix Agents are kernel dependent. Please review the document DCSSA_Platform_Feature_Matrix.pdf included in the DCS:SA ISO image and make sure that the appropriate agent version is installed prior to upgrading the RHEL release.