Skip to main content
Solved

Security Assessment - File Activity Anomaly alert issue

  • July 29, 2022
  • 1 reply
  • 157 views

Forum|alt.badge.img+9

CVLT 11.26.3

Our Commvault Health Report display one critical security issue. File Activity Anomaly alert. 

But this alert is not deleted. It’s enabled. 

How can I fix this? Is anything wrong with Alert Criteria? Does it should contain only the regular expression “7:211|7:212|7:293|7:269”? 

Best answer by Mike Struening RETIRED

Hi @Eduardo Braga !

I found 2 cases with this issue.

This one was older:

The Alert's alter criteria had been edited to have a severity type as well as in the Commcell row the Commcell's name was entered here. Dev cloud team informed us removed these values and preform another cloud upload. The health report was now reporting correctly that the File Anomaly Activity report was enabled.

I don’t believe this applies to you, though sharing anyway.

the other one mentions that the alert was updated last month, and that you should perform a new manual metrics upload and retry.  This person was on 11.24.52, so an upgrade on your side to a higher MR might be in order.  11.26.27 came out concurrently with 11.24.52, FYI.

If that doesn’t work, open a support case.

View original
Did this answer your question?

1 reply

Mike Struening
Vaulter
Forum|alt.badge.img+23

Hi @Eduardo Braga !

I found 2 cases with this issue.

This one was older:

The Alert's alter criteria had been edited to have a severity type as well as in the Commcell row the Commcell's name was entered here. Dev cloud team informed us removed these values and preform another cloud upload. The health report was now reporting correctly that the File Anomaly Activity report was enabled.

I don’t believe this applies to you, though sharing anyway.

the other one mentions that the alert was updated last month, and that you should perform a new manual metrics upload and retry.  This person was on 11.24.52, so an upgrade on your side to a higher MR might be in order.  11.26.27 came out concurrently with 11.24.52, FYI.

If that doesn’t work, open a support case.


Reply


Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings