HPE Community
Operating System - HP-UX
1833085 Members
4485 Online
110050 Solutions
New Discussion

IDS/9000 v2.0 ERROR (not ALERT) Message

 
John Horn
Occasional Contributor

‎11-16-2001 12:50 PM

‎11-16-2001 12:50 PM

IDS/9000 v2.0 ERROR (not ALERT) Message

Since upgrading to IDS v2.0, I've been getting errors every so often in the format below:

Date: Fri Nov 16 14:50:02 2001
Code: 10002
Message: Fri Nov 16 14:50:02 2001 CORE_doCleanups: Failed to process cleanups for circuit <>.0_failedLogin

What is causing the ERROR and what needs to be fixed?
0 Kudos
Reply
1 REPLY 1
Ron Freund
Occasional Advisor

‎11-28-2001 07:26 PM

‎11-28-2001 07:26 PM

Re: IDS/9000 v2.0 ERROR (not ALERT) Message

John:
As you know this, I wanted to share it with other new users of
Version 2.0 of the product.

The lab has identified the adjtime() system call triggering these errors.
To cause the error flood to go away, do the following:
1. su - root
2. Halt the IDS agent on the server: /sbin/init.d/idsagent stop
3. vi /etc/opt/ids/ids.cf
4. Search for each occurance of "adjtime", in the file, and
comment out that line, and the line *preceding* it, so it
was:
DSP_TAG KERN
DSP_FILTER SETSCALL on 325 1 # adjtime
should be:
# DSP_TAG KERN
# DSP_FILTER SETSCALL on 325 1 # adjtime
4. Save the file
5. Restart the idsagent: /sbin/init.d/idsagent start
6. Activate your surveillance schedule from the GUI
7. Determine if the errors reappear in your error browser.
There should be no loss of functionality from IDS, and I understand
there is a patch in process to fix this. Stay tuned!
BR,
Ron Freund
WTEC Cupertino
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.