Troubleshooting
Problem
Guardium uses a nanny process to monitor various components of Guardium. This includes verifying that a remote syslog receiver is listening on the port configured in Guardium for remote syslog shipping. The nanny process uses nmap to verify that the port is open on the receiver. Some enterprises block port scanning, which prevents nmap from functioning correctly. This results in a message to syslog that the remote receiver is not receiving messages. For example:
Aug 31 05:10:45 g106cm1 nanny:[4335]: One of more remote syslog servers are not accepting logs: 192.168.1.100
This message could be a false negative, if the syslog receiver is functioning correctly, and Guardium is unable to discern this, as nmap fails due to the blocking of port scanners.
Document Location
Worldwide
[{"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSMPHH","label":"IBM Security Guardium"},"Component":"","Platform":[{"code":"PF016","label":"Linux"}],"Version":"10","Edition":"p630","Line of Business":{"code":"LOB76","label":"Data Platform"}}]
Log InLog in to view more of this document
This document has the abstract of a technical article that is available to authorized users once you have logged on. Please use Log in button above to access the full document. After log in, if you do not have the right authorization for this document, there will be instructions on what to do next.
Was this topic helpful?
Document Information
Modified date:
02 October 2019
UID
ibm11072462