The denied audit log for the access to files under/proc
Article ID: 188100
CA Privileged Access Manager - Server Control (PAMSC)
The denied audit log for the access to files under/proc with code 995.
DATE TIME D FILE user CrWrite 995 10 /proc/file /program/path host user
This is working as intended.
Write access to the files under /proc is internal protected.
The code 995 means "Unauthorized access to internal resource".
Release : 14.1
Component : PAM SERVER CONTROL ENDPOINT UNIX/LINUX
There is no real solution to prevent the '995' events appearing in seaudit
One option would be to set a specialpgm for the process performing the access, e.g.:
AC> er SPECIALPGM /program/path pgmtype(all)
The audit log can be eliminated by audit.cfg.
This is also same on 12.8 SP1