Scheduled Backup - SSH - Audit log entry
Posted: Tue Feb 05, 2019 4:54 pm
I have been seeing this in my audit log.log and just now realized that my scheduled backup using SSH is scheduled to run at that exact time.
On a clean new server 5.5.9 with no added hosts or services, I am seeing this.
Is this a known or unknown issue. Should I be concerned.
I also see the same audit data on my 5.5.8 system using mod_gearman with core 4.2 - same thing - matches the scheduled backup.
Please advise.
Thanks
Steve B
Code: Select all
2019-02-01 17:35:01 - Nagios XI [32] system:localhost - User submitted a command to the subsystem (ID=1117)
2019-02-01 17:35:01 - Nagios XI [32] system:localhost - The returned value ($rs)is ADORecordSet_empty Object
(
[dataProvider] => empty
[databaseType] =>
[EOF] => 1
[_numOfRows] => 0
[fields] =>
[connection] =>
)
2019-02-01 17:35:01 - Nagios XI [32] system:localhost - The command_id is 10
2019-02-01 17:35:31 - Nagios XI [32] system:localhost - User submitted a command to the subsystem (ID=1119)
Is this a known or unknown issue. Should I be concerned.
I also see the same audit data on my 5.5.8 system using mod_gearman with core 4.2 - same thing - matches the scheduled backup.
Please advise.
Thanks
Steve B