The denied audit log for the access to files under/proc
Article ID: 188100
Updated On:
Products
CA Privileged Access Manager - Server Control (PAMSC)
Issue/Introduction
The denied audit log for the access to files under/proc with code 995.
DATE TIME D FILE user CrWrite 995 10 /proc/file /program/path host user
Environment
Release : 14.1
Component : PAM SERVER CONTROL ENDPOINT UNIX/LINUX
Cause
This is working as intended.
Write access to the files under /proc is internal protected.
The code 995 means "Unauthorized access to internal resource".
Write access to the files under /proc is internal protected.
The code 995 means "Unauthorized access to internal resource".
Resolution
There is no real solution to prevent the '995' events appearing in seaudit
One option would be to set a specialpgm for the process performing the access, e.g.:
AC> er SPECIALPGM /program/path pgmtype(all)
The audit log can be eliminated by audit.cfg.
One option would be to set a specialpgm for the process performing the access, e.g.:
AC> er SPECIALPGM /program/path pgmtype(all)
The audit log can be eliminated by audit.cfg.
Additional Information
This is also same on 12.8 SP1
Feedback
Yes
No
Powered by
