After RHEL (Red Hat Enterprise Linux) is upgraded from release 6.7 to 6.8, the DCS Agent Real-Time File Integrity Monitoring Detection stops and a detection warning message is reported to the DCS:SA console.

FWC_0029: Failed to initialize Real-Time File Integrity Monitoring

• RHEL 6.8 Kernel 2.6.32-642.el6.x86_64 #1
• DCS:SA Agent build 6.6.0.605

The kernel upgrade causes a DCS:SA RTFIM detection malfunction.

• Upgrade DCS:SA Agent to release 6.7 or later that supports kernel 2.6.32-642.el6.x86_64
• Restart the IDS Agent with this command:

       /etc/init.d/sisidsagent restart 

• Verify the RTFIM driver has been loaded and the FWC_0028: Real-Time File Integrity Monitoring successfully initialized event has been generated
• DCS:SA Unix Agents are kernel dependent. Please review the document DCSSA_Platform_Feature_Matrix.pdf included in the DCS:SA ISO image and make sure that the appropriate agent version is installed prior to upgrading the RHEL release.