RHEL has repeated SELinux messages in log files when searching in Sentinel
This document (7011980) is provided subject to the disclaimer at the end of this document.
Environment
Red Hat Enterprise Linux (RHEL)
Situation
SELinux: initialized (dev loop4, type squashfs), not configured for labeling
SELinux: initialized (dev loop5, type squashfs), not configured for labeling
SELinux: initialized (dev loop3, type squashfs), not configured for labeling
SELinux: initialized (dev loop1, type squashfs), not configured for labeling
SELinux: initialized (dev loop2, type squashfs), not configured for labeling
SELinux: initialized (dev loop4, type squashfs), not configured for labeling
SELinux: initialized (dev loop5, type squashfs), not configured for labeling
This was noticed when these same messages appeared in Sentinel's web interface as severity zero events. Whenever a search or report took place over a time period that had archived files these messages showed up causing more data which really had no meaning.
Resolution
.*SELinux: initialized.+squashfs.+not configured for labeling.*
Save the changes and restart the node if it does not restart automatically. Perform searching to ensure that the events are gone, and also test other types of events which should still be parsed by the collector to ensure they still show up correctly.
Disclaimer
This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.
- Document ID:7011980
- Creation Date:19-MAR-13
- Modified Date:19-MAR-13
- NetIQSentinel
Did this document solve your problem? Provide Feedback