Bug #12
Errors from Event Log Hooks After Upgrading
0%
Description
Event log hooks cannot survive an upgrade to a new version of NSIA because they are serialized and native Java serialization fails with newer versions of the classes.
Related issues
History
#1
Updated by Luke Murphey about 14 years ago
Updated by Event log hooks should probably be replaced with a system that acts on scan results directly as opposed to older method of hooking into the event log events. A system that acts on scan results would have the following benefits:
- Could aggregate on repeated failures (only report once per day, hour, etc)
- Have site-group, rule and global scopes
- Include more information about the detection in the escalation
#2
Updated by Luke Murphey about 14 years ago
Note, there is no built-in way to delete hooks that can no longer be loaded. You have to delete them from the database directly.
This isn't necessary though since the old hooks don't prevent the application from running correctly (just generate log messages indicating that they could not be loaded).
#3
Updated by Luke Murphey over 13 years ago
- Category set to Core Application
#4
Updated by Luke Murphey over 13 years ago
- Category changed from Core Application to Log Management
#5
Updated by Luke Murphey over 13 years ago
A couple of options for handling this:
- Purge event log hooks that will not load during upgrade operations
- Give users an option to purge event log hooks that fail to load (like a debug console or command-line option)
#6
Updated by Luke Murphey almost 10 years ago
- Assignee deleted (
Luke Murphey)