アクセスログファイルに404/500エラーがあるActive IQ Unified Managerルートパーティションのスパム
環境
Active IQ Unified Manager(AIQUM)9.9以降
問題
- AIQUMが実行されていません
access_log.log
次のような404
または500
エラーメッセージがスパム送信される可能性があります。
test@user:/var/log/ocie# tail -50f /var/log/ocie/2022-xx-xx/access_log.log
[127.0.0.1] [127.0.0.1] [-] [-] [xx/Mar/2022:23:57:20 +0100] [GET /acquisition-api/server/server-messages/acquisition-units/1 HTTP/1.1] [404] [-] [Java/11.0.12] [application/json] [text/html] [74] [0] [127.0.0.1] [127.0.0.1] [-] [-] [xx/Mar/2022:23:57:20 +0100] [GET /acquisition-api/server/server-messages/acquisition-units/1 HTTP/1.1] [404] [-] [Java/11.0.12] [application/json] [text/html] [74] [0] [127.0.0.1] [127.0.0.1] [-] [-] [xx/Mar/2022:23:57:20 +0100] [GET /acquisition-api/server/server-messages/acquisition-units/1 HTTP/1.1] [404] [-] [Java/11.0.12] [application/json] [text/html] [74] [0]
- ルートパーティションがすぐにいっぱいになります。
test@user:/# find / -type f -exec du -sh {} \; 2>/dev/null |sort -h|tail -10
661M /data/mysql/netapp_performance/update_history.ibd
666M /data/mysql/unified-manager.050601
922M /data/mysql/ib_logfile0
922M /data/mysql/ib_logfile1
1.6G /var/log/ocie/2022-xx-08/access_log.log
2.5G /var/log/ocie/2022-xx-18/access_log.log
2.6G /var/log/ocie/2022-xx-07/access_log.log
4.7G /var/log/ocie/access_log.log
14G /var/log/ocie/2022-xx-19/access_log.log
14G /var/log/ocie/2022-xx-20/access_log.log
test@user:/# df -h
Filesystem Size Used Avail Use% Mounted on
udev 7.9G 0 7.9G 0% /dev
tmpfs 1.6G 8.7M 1.6G 1% /run
/dev/sda1 59G 53G 3.4G 94% /
tmpfs 7.9G 0 7.9G 0% /dev/shm
tmpfs 5.0M 0 5.0M 0% /run/lock
tmpfs 7.9G 0 7.9G 0% /sys/fs/cgroup
/dev/sdd1 30G 530M 28G 2% /jail
tmpfs 1.6G 0 1.6G 0% /run/user/109
/dev/mapper/data--vg-lv2 197G 53G 134G 29% /data
tmpfs 1.6G 0 1.6G 0% /run/user/1000