LinuxQuestions.org - What does it mean by comm="FNDWRR.exe"

- Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)

- - What does it mean by comm="FNDWRR.exe" (https://www.linuxquestions.org/questions/linux-newbie-8/what-does-it-mean-by-comm%3D-fndwrr-exe-4175582428/)

akmughal

06-16-2016 09:48 AM

What does it mean by comm="FNDWRR.exe"

Hi all,
I got value like comm="FNDWRR.exe" in Linux audit log.
I was wondering if someone explain me what does it mean?

Thanks,
Asif

pan64

06-16-2016 09:55 AM

No, I do not think anyone can give you sufficient explanation, because you gave almost no information about what's happened.
a message like that in 16 letters means probably something happened somewhere
https://access.redhat.com/documentat...Log_Files.html

akmughal

06-16-2016 11:12 AM

Here is complete line from log file for better understanding.

auid=1015 gid=520 euid=520 suid=520 fsuid=520 egid=520 sgid=520 fsgid=520 tty=(none) ses=56094 comm="FNDWRR.exe" subj=kernel key="DELETE" kernel

John VV

06-16-2016 05:07 PM

and in what context is this Microsoft *.exe being called ?

without knowing the
how , what, when, and why's

there is really nothing we can help with

AnanthaP

06-19-2016 05:19 AM

I think it is part of oracle apps to generate a temporary file.

Audit software sometimes runs from a linux box but the target is a NT server and end-point clients. So you should check by the IDs. Are they oracle server IDs?

In a linux box, it might have been used to create a temporary file (within oracle apps) but couldn't stop. So after confirming you could see whether the process is alive and if so kill it.

OK

All times are GMT -5. The time now is 09:21 AM.