Solved

Can I delete those core dumps created by IMSS?

Posted on 2011-02-24
11
575 Views
Last Modified: 2013-12-28
This is using Trendmicro IMSS 7 with patch 2 on Solaris system. Recently, found that a lot of core dumps being created in /var/core. Pls see below:

   server[/var/core]#


w-------   1 root     root     33389279 Feb 23 12:24 core_server_imssmgr_0_0_1298435065_26795
-rw-------   1 root     root     33282751 Feb 23 12:48 core_server_imssmgr_0_0_1298436533_21682
-rw-------   1 root     root     33299167 Feb 23 13:24 core_server_imssmgr_0_0_1298438643_26711
-rw-------   1 root     root     33290975 Feb 23 13:48 core_server_imssmgr_0_0_1298440110_4516
-rw-------   1 root     root     33290975 Feb 23 14:03 core_server_imssmgr_0_0_1298441017_10194
-rw-------   1 root     root     33225439 Feb 23 14:15 core_server_imssmgr_0_0_1298441722_14551
-rw-------   1 root     root     33446591 Feb 23 14:38 core_server_imssmgr_0_0_1298443133_17897
-rw-------   1 root     root     33290975 Feb 23 14:49 core_server_imssmgr_0_0_1298443791_25065
-rw-------   1 root     root     33159903 Feb 23 15:25 core_server_imssmgr_0_0_1298445934_28561
-rw-------   1 root     root     33217215 Feb 23 15:43 core_server_imssmgr_0_0_1298446979_9880
-rw-------   1 root     root     33290975 Feb 23 16:03 core_server_imssmgr_0_0_1298448201_14907
-rw-------   1 root     root     33290975 Feb 23 16:31 core_server_imssmgr_0_0_1298449904_22112
-rw-------   1 root     root     33225439 Feb 23 16:53 core_server_imssmgr_0_0_1298451228_444

Can I delete all of them? What is the root cause?
0
Comment
Question by:Balack
11 Comments
 
LVL 4

Expert Comment

by:h3nnys
ID: 34968729
Firstly check the contents, usually they are just logs about activity on IMSS

if they are Logs you can delete them if not then its best to leave them be, most of the time they are just activity logs but now and then you will find that they contain info about system errors
0
 

Author Comment

by:Balack
ID: 34987768
Uncle,

How I know this is just normal activity log? I'm remotely from the server, and there are quite a number of such files, in which most of them in the size of 33 Mb.
0
 
LVL 40

Expert Comment

by:omarfarid
ID: 35043988
did you find the type of content is in the files? you may try to see if these are text files or binary files.

You may run the command

file core_server_imssmgr*

if you are notr sure what are these files and you don't to keep them you may archive them to tape and the delete from disk
0
 
LVL 21

Expert Comment

by:robocat
ID: 35044031
If these are true core dumps, you can check this using the command

adb filename

If this is a core file, adb (or mdb) will recognise it. If so, you can safely delete those files, these are only useful for the software developers to determine why their software has crashed.

Getting so many core files in such a short time means that the IMSS processes crash a lot. Perhaps you should investigate if any more recent versions of the software exist.


0
 
LVL 12

Expert Comment

by:upanwar
ID: 35044089
I agree with omarfarid, just compress these files and preserve that in your backup and then delete from disk. If you feel any challenge after deleting those files then you can just restore them from your backup.



0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 

Author Comment

by:Balack
ID: 35046351
In the first place, why there is such a number of such files appeared? No one seems able to answer this?
0
 
LVL 16

Expert Comment

by:Joseph Gan
ID: 35047351
Those logs depand on the scan policy of IMSS.
0
 
LVL 21

Expert Comment

by:robocat
ID: 35048319

(provided these are true core files): Getting so many core files in such a short time means that the IMSS processes crash a lot. Each process crash corresponds to a core file that contains a dump of a crashed process.

0
 
LVL 1

Accepted Solution

by:
m_aftab earned 500 total points
ID: 35063405
if you want dignose of these core file or you want it to send support vandor, you should not delete these file.

These file are no where in use, you can treat as a log files.

0
 

Author Closing Comment

by:Balack
ID: 35078290
hmmm
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Most PC repair technicians (if not all) always start their cleanup process by emptying the temp folders before running any removal tools. It makes sense because temp folders are common places for malware installers to lurk and removing all the junk …
Malware seems to be getting smarter and smarter. If you are having trouble being able to launch your malware removal tools such as (and recommended): MalwareBytes, HiJackThis, ComboFix, etc. you can try some of the workarounds listed below. 1. Ma…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now