Solved

Can I delete those core dumps created by IMSS?

Posted on 2011-02-24
11
577 Views
Last Modified: 2013-12-28
This is using Trendmicro IMSS 7 with patch 2 on Solaris system. Recently, found that a lot of core dumps being created in /var/core. Pls see below:

   server[/var/core]#


w-------   1 root     root     33389279 Feb 23 12:24 core_server_imssmgr_0_0_1298435065_26795
-rw-------   1 root     root     33282751 Feb 23 12:48 core_server_imssmgr_0_0_1298436533_21682
-rw-------   1 root     root     33299167 Feb 23 13:24 core_server_imssmgr_0_0_1298438643_26711
-rw-------   1 root     root     33290975 Feb 23 13:48 core_server_imssmgr_0_0_1298440110_4516
-rw-------   1 root     root     33290975 Feb 23 14:03 core_server_imssmgr_0_0_1298441017_10194
-rw-------   1 root     root     33225439 Feb 23 14:15 core_server_imssmgr_0_0_1298441722_14551
-rw-------   1 root     root     33446591 Feb 23 14:38 core_server_imssmgr_0_0_1298443133_17897
-rw-------   1 root     root     33290975 Feb 23 14:49 core_server_imssmgr_0_0_1298443791_25065
-rw-------   1 root     root     33159903 Feb 23 15:25 core_server_imssmgr_0_0_1298445934_28561
-rw-------   1 root     root     33217215 Feb 23 15:43 core_server_imssmgr_0_0_1298446979_9880
-rw-------   1 root     root     33290975 Feb 23 16:03 core_server_imssmgr_0_0_1298448201_14907
-rw-------   1 root     root     33290975 Feb 23 16:31 core_server_imssmgr_0_0_1298449904_22112
-rw-------   1 root     root     33225439 Feb 23 16:53 core_server_imssmgr_0_0_1298451228_444

Can I delete all of them? What is the root cause?
0
Comment
Question by:Balack
11 Comments
 
LVL 4

Expert Comment

by:h3nnys
ID: 34968729
Firstly check the contents, usually they are just logs about activity on IMSS

if they are Logs you can delete them if not then its best to leave them be, most of the time they are just activity logs but now and then you will find that they contain info about system errors
0
 

Author Comment

by:Balack
ID: 34987768
Uncle,

How I know this is just normal activity log? I'm remotely from the server, and there are quite a number of such files, in which most of them in the size of 33 Mb.
0
 
LVL 40

Expert Comment

by:omarfarid
ID: 35043988
did you find the type of content is in the files? you may try to see if these are text files or binary files.

You may run the command

file core_server_imssmgr*

if you are notr sure what are these files and you don't to keep them you may archive them to tape and the delete from disk
0
How Do You Stack Up Against Your Peers?

With today’s modern enterprise so dependent on digital infrastructures, the impact of major incidents has increased dramatically. Grab the report now to gain insight into how your organization ranks against your peers and learn best-in-class strategies to resolve incidents.

 
LVL 21

Expert Comment

by:robocat
ID: 35044031
If these are true core dumps, you can check this using the command

adb filename

If this is a core file, adb (or mdb) will recognise it. If so, you can safely delete those files, these are only useful for the software developers to determine why their software has crashed.

Getting so many core files in such a short time means that the IMSS processes crash a lot. Perhaps you should investigate if any more recent versions of the software exist.


0
 
LVL 12

Expert Comment

by:upanwar
ID: 35044089
I agree with omarfarid, just compress these files and preserve that in your backup and then delete from disk. If you feel any challenge after deleting those files then you can just restore them from your backup.



0
 

Author Comment

by:Balack
ID: 35046351
In the first place, why there is such a number of such files appeared? No one seems able to answer this?
0
 
LVL 16

Expert Comment

by:Joseph Gan
ID: 35047351
Those logs depand on the scan policy of IMSS.
0
 
LVL 21

Expert Comment

by:robocat
ID: 35048319

(provided these are true core files): Getting so many core files in such a short time means that the IMSS processes crash a lot. Each process crash corresponds to a core file that contains a dump of a crashed process.

0
 
LVL 1

Accepted Solution

by:
m_aftab earned 500 total points
ID: 35063405
if you want dignose of these core file or you want it to send support vandor, you should not delete these file.

These file are no where in use, you can treat as a log files.

0
 

Author Closing Comment

by:Balack
ID: 35078290
hmmm
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Kaspersky installation 8 89
Roguekiller has no option of deleting 19 165
awk sed variable in file 3 98
Shell Script- gzip 5 51
Java performance on Solaris - Managing CPUs There are various resource controls in operating system which directly/indirectly influence the performance of application. one of the most important resource controls is "CPU".   In a multithreaded…
There are many reasons malware will stay around and continue to grow as a business.  The biggest reason is the expanding customer base.  More than 40% of people who are infected with ransomware, pay the ransom.  That makes ransomware a multi-million…
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question