CRITICAL: The audit result file age 170.07h is older than threshold 170h for '/usr/share/ubuntu-scap-security-guides/cis-18.04-results.xml', make sure the cis-audit cronjob is working
The issue seems to be that the cronjob only runs the actual audit when it is expired (script default 170h, not configurable by the charm) and has a sleep time, while the check compares the check file age against the same limit (same script default 170h, also not configurable by the charm). This leads to a race (depends on when the monitoring system runs the check)
Need to adjust the default for the cronjob to happen before the expiration check (e.g. 168h instead of 170h), or make it configurable.
sudeephb
commented
10 months ago
channel: edge revision: 80 commit: d5d00baf2996199c9e1c5979bb6fe5389280504b
The check raises the following alert:
CRITICAL: The audit result file age 170.07h is older than threshold 170h for '/usr/share/ubuntu-scap-security-guides/cis-18.04-results.xml', make sure the cis-audit cronjob is working
The issue seems to be that the cronjob only runs the actual audit when it is expired (script default 170h, not configurable by the charm) and has a sleep time, while the check compares the check file age against the same limit (same script default 170h, also not configurable by the charm). This leads to a race (depends on when the monitoring system runs the check)
Need to adjust the default for the cronjob to happen before the expiration check (e.g. 168h instead of 170h), or make it configurable.
Imported from Launchpad using lp2gh.
date created: 2022-03-31T03:43:00Z
owner: jfguedez
assignee: jfguedez
the launchpad url