IBM Support

IBM Security Guardium - Sniffer crashing with segfault errors

Troubleshooting


Problem

You have already applied the latest sniffer patch available on fix central and can see sniffer crashing with segfault errors under log files captured via "support must_gather sniffer_issues"

Symptom

Collector is having issues capturing the traffic and you notice there are sniffer crash errors in the appliance syslog file ( /var/log/messages).

You noticed continuous messages with segfaults in the syslog file:

Oct  4 11:57:04 guardium-col08 kernel: gdmAnalyzerMgrT[4108]: segfault at 98995088 ip 00000000038eee7a sp 00007f2aa6a89760 error 4 in snif[400000+5452000]
Oct  4 11:57:04 guardium-col0 init: guard-snif main process (4023) killed by SEGV signal
Oct  4 11:57:04 guardium-col0 init: guard-snif main process ended, respawning
Oct  4 11:57:05 guardium-col0 snif: Guardium Sniffer Started
Oct  4 11:57:07 guardium-col0 GuardiumSniffer[11842]: Guardium Sniffer license verified.
Oct  4 11:57:07 guardium-col0 GuardiumSniffer[11842]: Starting WTAP_SERVER

[{"Product":{"code":"SSMPHH","label":"IBM Security Guardium"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Component":"Guardium Database Activity Monitor","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"},{"code":"PF035","label":"z\/OS"}],"Version":"10.0;10.0.1;10.1;10.1.2;9.0;9.1;9.5","Edition":"All Editions","Line of Business":{"code":"LOB76","label":"Data Platform"}}]

Log InLog in to view more of this document

This document has the abstract of a technical article that is available to authorized users once you have logged on. Please use Log in button above to access the full document. After log in, if you do not have the right authorization for this document, there will be instructions on what to do next.

Document Information

Modified date:
28 September 2018

UID

swg21993153

Page Feedback