Issue: After successful installation of UNIX agent, the Agent Health dashboard does not list the installed agent and the folders are not copied to the /usr/netiq directory.
Workaround: Reconfigure the UNIX agent in the same machine.
Issue: When you install UNIX agent on RHEL 8.x or Oracle Linux platforms using a custom path, the agent installs but the agent services do not start.
Workaround: Disable the SELinux setting in the machines. To disable, navigate to /etc/selinux/config file, modify the parameter SELINUX to Disabled and reboot the agent box.
Issue: UNIX agent installed on SLES 15 SP4 is unable to send events to Change Guardian console due to SAML token errors for REST dispatcher user in the administration user interface.
Workaround: To resolve the SAML token errors, reset the REST dispatcher user password and update the event destination configuration.
Issue: Change Guardian Agent for UNIX is not able to connect to port 8094.
Workaround: Check whether the port 8094 is running:
netstat -an | grep 8094
Issue: Change Guardian Agent for UNIX services are not running.
Workaround:
Check if the detectd and auditd services are running:
ps -ef | grep "detect"
ps -ef | grep "auditd"
(Conditional) If the services are not running, restart the following services: In case of Linux platforms:
Restart: systemctl restart <service_name>
where service_name can be vigilentagent.service or detectd.service
Restart auditd service:
service auditd restart
(Conditional) In case of Unix platforms:
Go to the /usr/netiq/pssetup directory and run the following command:
./detectd.rc restart
Restart vigilentagent service:
./vigilentagent.rc restart
Issue: The policies are not applied to the Change Guardian Agent for UNIX after it is assigned using Policy Editor.
Workaround: To verify whether the policies are applied to the agent after they are assigned in Policy Editor, check if the <rule>.xml file is created in the computer in the following directory:
/usr/netiq/vsau/etc/detectd.d/groups/<platformauditobject>/rules/
Issue: Change Guardian Agent for UNIX fails to send events to the Change Guardian Server if the locale setting is incorrect. (Bug 1102111)
Workaround: Ensure that the following is set:
The path is set at the operating system: SET_PERL_LIBPATH=1; ./etc/vsaunix.cfg
The locale variables are added to the /etc/profile file:
export LC_CTYPE=en_US.UTF-8
export LC_ALL=en_US.UTF-8
Issue: User Browse option does not work while creating policies using Policy Editor.
Workaround: To enable browsing for UNIX data sources while creating a policy, the computer where you install the Policy Editor must have a Change Guardian Agent for Windows. If you do not install an agent on the machine running Policy Editor, you must manually enter the data source paths while creating a policy.
To enter the data source paths:
(Conditional) If your operating system is 64-bit, in the registry \HKLM\SOFTWARE\Wow6432Node\NetIQ\ChangeGuardianAgent\repositoryEnabled set the repositoryEnabled flag to 1.
Restart the Change Guardian Agent for Windows.
Issue: The VigilEntAgent service becomes unresponsive and as a result UNIX events are unable to reach the Change Guardian server after the upgrade process.
Workaround: Remove the data folder and restart the VigilEntAgent service using the following steps:
In case of Linux platforms, stop the VigilEntAgent service by using the following command:
systemctl stop vigilentagent.service
Switch to the agent folder by using the following command:
cd /usr/netiq/cmnagent/
Copy the data folder to create a back up by using the following command:
cp -r data data_bkp
Remove the data folder by using the following command:
rm -r data
Start the VigilEntAgent service by using the following command:
systemctl start vigilentagent.service
rcsentinel start vigilentagent.service (6.3.1 or before)