ActiveIQ Unified Manager triggers outdated security events for ONTAP 9.10 and above clusters
Applies to
- ActiveIQ Unified Manager (AIQUM) 9.6+
- ONTAP 9.10.1 and above
- CVE Security Vulnerabilities
- AIQ Rules
Issue
- ActiveIQ Unified Manager is detecting old events on ONTAP 9.10 and above clusters
- This version is not affected by any of the upgrade events generated
- The alerts are coming back after each weekly AutoSupport (ASUP) even if manually marked as resolved
- Security Events with an impact area of "Upgrade" are triggered for vulnerabilities resolved in prior ONTAP versions
- Clusters with older ONTAP versions are not affected
- AIQCASecure logs are full of
404
error messages searching for older ASUPs on the day when these events triggered:
AIQCASecure - 2022-03-28 00:16:17,160 - [INFO] > Collection of ASUPs '202202231317.0.files/, 202202231317.1.files/, 202202231317.2.files/, 202202231318.0.files/, 202202231318.1.files/, 202202231319.0.files/, 202202231339.0.files/, 202202231339.1.files/, 202202231340.0.files/, 202202231340.1.files/, 202202231340.2.files/, 202202231341.0.files/, 202203071310.0.files/, 202203071311.0.files/, 202203071311.1.files/, 202203071311.2.files/, 202203071312.0.files/, 202203071312.1.files/, 202203071332.1.files/, 202203071333.0.files/, 202203071333.1.files/, 202203071333.2.files/, 202203071334.0.files/, 202203071334.1.files/' were not completed in earlier runs. Retrying them.
AIQCASecure - 2022-03-28 00:16:17,386 - [INFO] > ASUP_Download_Begin from x.x.x.x/node-01, ASUP ID - 202202231317.0.files/
AIQCASecure - 2022-03-28 00:16:25,589 - [ERROR] > ASUP_Download_Fail Could not fetch asup 202202231317.0.files/ from /etc/log/autosupport/. Reason - 404 - Not Found
AIQCASecure - 2022-03-28 00:16:25,589 - [INFO] > ASUP_Download_Begin from x.x.x.x/node-01, ASUP ID - 202202231317.1.files/
AIQCASecure - 2022-03-28 00:16:33,795 - [ERROR] > ASUP_Download_Fail Could not fetch asup 202202231317.1.files/ from /etc/log/autosupport/. Reason - 404 - Not Found
AIQCASecure - 2022-03-28 00:16:33,795 - [INFO] > ASUP_Download_Begin from x.x.x.x/node-01, ASUP ID - 202202231317.2.files/
AIQCASecure - 2022-03-28 00:16:42,026 - [ERROR] > ASUP_Download_Fail Could not fetch asup 202202231317.2.files/ from /etc/log/autosupport/. Reason - 404 - Not Found
……Truncated