Solved

Can I delete those core dumps created by IMSS?

Posted on 2011-02-24
11
574 Views
Last Modified: 2013-12-28
This is using Trendmicro IMSS 7 with patch 2 on Solaris system. Recently, found that a lot of core dumps being created in /var/core. Pls see below:

   server[/var/core]#


w-------   1 root     root     33389279 Feb 23 12:24 core_server_imssmgr_0_0_1298435065_26795
-rw-------   1 root     root     33282751 Feb 23 12:48 core_server_imssmgr_0_0_1298436533_21682
-rw-------   1 root     root     33299167 Feb 23 13:24 core_server_imssmgr_0_0_1298438643_26711
-rw-------   1 root     root     33290975 Feb 23 13:48 core_server_imssmgr_0_0_1298440110_4516
-rw-------   1 root     root     33290975 Feb 23 14:03 core_server_imssmgr_0_0_1298441017_10194
-rw-------   1 root     root     33225439 Feb 23 14:15 core_server_imssmgr_0_0_1298441722_14551
-rw-------   1 root     root     33446591 Feb 23 14:38 core_server_imssmgr_0_0_1298443133_17897
-rw-------   1 root     root     33290975 Feb 23 14:49 core_server_imssmgr_0_0_1298443791_25065
-rw-------   1 root     root     33159903 Feb 23 15:25 core_server_imssmgr_0_0_1298445934_28561
-rw-------   1 root     root     33217215 Feb 23 15:43 core_server_imssmgr_0_0_1298446979_9880
-rw-------   1 root     root     33290975 Feb 23 16:03 core_server_imssmgr_0_0_1298448201_14907
-rw-------   1 root     root     33290975 Feb 23 16:31 core_server_imssmgr_0_0_1298449904_22112
-rw-------   1 root     root     33225439 Feb 23 16:53 core_server_imssmgr_0_0_1298451228_444

Can I delete all of them? What is the root cause?
0
Comment
Question by:Balack
11 Comments
 
LVL 4

Expert Comment

by:h3nnys
ID: 34968729
Firstly check the contents, usually they are just logs about activity on IMSS

if they are Logs you can delete them if not then its best to leave them be, most of the time they are just activity logs but now and then you will find that they contain info about system errors
0
 

Author Comment

by:Balack
ID: 34987768
Uncle,

How I know this is just normal activity log? I'm remotely from the server, and there are quite a number of such files, in which most of them in the size of 33 Mb.
0
 
LVL 40

Expert Comment

by:omarfarid
ID: 35043988
did you find the type of content is in the files? you may try to see if these are text files or binary files.

You may run the command

file core_server_imssmgr*

if you are notr sure what are these files and you don't to keep them you may archive them to tape and the delete from disk
0
 
LVL 21

Expert Comment

by:robocat
ID: 35044031
If these are true core dumps, you can check this using the command

adb filename

If this is a core file, adb (or mdb) will recognise it. If so, you can safely delete those files, these are only useful for the software developers to determine why their software has crashed.

Getting so many core files in such a short time means that the IMSS processes crash a lot. Perhaps you should investigate if any more recent versions of the software exist.


0
 
LVL 12

Expert Comment

by:upanwar
ID: 35044089
I agree with omarfarid, just compress these files and preserve that in your backup and then delete from disk. If you feel any challenge after deleting those files then you can just restore them from your backup.



0
Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

 

Author Comment

by:Balack
ID: 35046351
In the first place, why there is such a number of such files appeared? No one seems able to answer this?
0
 
LVL 16

Expert Comment

by:Joseph Gan
ID: 35047351
Those logs depand on the scan policy of IMSS.
0
 
LVL 21

Expert Comment

by:robocat
ID: 35048319

(provided these are true core files): Getting so many core files in such a short time means that the IMSS processes crash a lot. Each process crash corresponds to a core file that contains a dump of a crashed process.

0
 
LVL 1

Accepted Solution

by:
m_aftab earned 500 total points
ID: 35063405
if you want dignose of these core file or you want it to send support vandor, you should not delete these file.

These file are no where in use, you can treat as a log files.

0
 

Author Closing Comment

by:Balack
ID: 35078290
hmmm
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Attention: This article will no longer be maintained. If you have any questions, please feel free to mail me. jgh@FreeBSD.org Please see http://www.freebsd.org/doc/en_US.ISO8859-1/articles/freebsd-update-server/ for the updated article. It is avail…
Many people tend to confuse the function of a virus with the one of adware, this misunderstanding of the basic of what each software is and how it operates causes users and organizations to take the wrong security measures that would protect them ag…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now