When a Cleanup Policy is run every time it deletes an audit trail file a false alarm message is getting sent.
The content of the messages are the following:
xcbError: Could not extend archived event with destination path
Affected product versions: One Identity Safeguard for Privileged Sessions 5.7.0 -> 5.9.0
Fortunately this message is
mostly completely harmless and can be safely ignored.
The issue was fixed in product version 5.10.0. under the issue number PAM-8377
It is possible to work around the issue by patching the faulty software module using the attached script. Use it for your own risk.
- upload it with an SCP client to /root directory
- log in to boot shell and execute the following:
The next run of Cleanup should not generate false error messages and finish successfully.