I keep seeing this in my logs, can anyone tell me what I can do to stop them?
At Tue Oct 12 10:01:14 CDT 2010 on node 10.220.1.12, the following SyslogSeverityMatchFound events generated:
SeverityMatch : Critical
MatchedEvent : Oct 12 10:01:02 CCMPUB local4 2 : 30426: CCMPUB: Oct 12 2010 10:01:02.954 -0500: %CSA-2-EVENT_ASVC_CONF_DENY: %[PID=4581][component=CiscoSecurityAgent] : The process '/bin/chown' (as user root(0) group root(0)) attempted to modify a Cisco Security Agent resource file /common/log/taos-log-b/syslog/csalog which is located in a Cisco directory. The operation was denied. [rule 287] AppID : Cisco Syslog Agent ClusterID :
These are the paths to get to each CCX logs through CLI. They may be helpful if you are having issues accessing RTMT or downloading logs through it.
If you want to download them you have to prefix "file get " and you can add one of the options (re...