Security Agent for UNIX 7.6.1 Release Notes

February 2019

Security Agent for UNIX includes new platforms, library updates and resolves certain previous issues. Many of these improvements were made in direct response to suggestions from our customers. We thank you for your time and valuable input. We hope you continue to help us ensure that our products meet all your needs. You can post feedback on NetIQ Communities, our online community that also includes product information, blogs, and links to helpful resources.

The documentation for this product is available on the NetIQ website in HTML and PDF formats on a page that does not require you to log in. If you have suggestions for documentation improvements, click comment on this topic at the bottom of any page in the HTML version of the documentation posted at the Security Agent for UNIX documentation page. To download this product, see the Micro Focus Downloads page.

1.0 What’s New?

The following sections outline the key features and functions provided by this version, as well as issues resolved in this release:

1.1 Open JDK

Security Agent for UNIX now replaces Oracle JDK with Azul Zulu OpenJDK, an open source alternative. This change does not have any functional impact. However, Micro Focus will no longer provide additional Oracle JDK updates for Security Agent for UNIX. Therefore, if there are security vulnerabilities or other bugs related to Oracle JDK, the primary solution is to upgrade to Security Agent for UNIX 7.6.1 or later.

1.2 New Certified Platforms

Security Agent for UNIX is now certified on the following 64-bit platforms:

  • IBM AIX 7.2

  • Red Hat Enterprise Linux 6.10

  • Oracle Linux 6.10

  • Cent OS 6.10

UNIX Agent Manager is now certified on the following 64-bit platforms:

  • Red Hat Enterprise Linux 7.5

  • Red Hat Enterprise Linux 6.10

  • SUSE Linux Enterprise Server 12 SP3

  • Windows 10

  • Windows Server 2016

1.3 Software Fixes

Security Agent for UNIX includes software fixes that resolve certain previous issues.

An Error Log File Grows Extremely Large Resulting in Filling Up The File System in Security Agent for UNIX

Issue: On AIX, the Security Agent for UNIX file system gets filled up because the AIXAuditObject__singleton.err file grows extremely large. (Bug 1074187)

Fix: The /usr/netiq/vsau/local/tmp/AIXAuditObject__singleton.err file no longer grows large and does not fill up the file system.

Agent FIPS Conversion Fails on AIX

AIX now supports FIPS mode; agent FIPS conversion succeeds. (Bug 1093901)

2.0 System Requirements

For detailed information about hardware requirements, supported operating systems and browsers, see the Technical Information page.

3.0 Known Issues

Micro Focus strives to ensure our products provide quality solutions for your enterprise software needs. The following issues are currently being researched. If you need further assistance with any issue, please contact Technical Support.

3.1 Cannot Install Security Agent for UNIX as Non-root User

You can install Security Agent for UNIX as a root user; installation as a non-root user is not supported. (Bug 1052123)

3.2 Directory Delete and Rename Events Might Not Appear For Linux

When you delete or rename directories on Linux platforms, audit logs show null value for a directory name. Therefore, Change Guardian might not capture the correct directory name in audit logs. (Bug 974273)

3.3 UNIX Agent Manager Cannot Deploy Agent on FIPS Enabled Linux or UNIX Computers

When the operating system is running in FIPS mode, UNIX Agent Manager (Linux and Windows) cannot deploy Security Agent for UNIX. It displays the following error:

SSH Install Failed - Session.connect: End of IO Stream ReadInstallation Failed - Session.connect: End of IO Stream Read. (Bug 999496)

3.4 UNIX Agent Manager 7.5.1 and Later Cannot Monitor Security Agent for UNIX 7.4

Issue: The communication between Security Agent for UNIX 7.4 and UNIX Agent Manager 7.5.1 and later, fails due to protocol mismatch. (Bug 989481)

Workaround: Upgrade Security Agent for UNIX 7.4 to 7.5 and then to 7.5.1 or later. For more information about upgrading to Security Agent for UNIX 7.5 and later, see Upgrading Agent Using UNIX Agent Manager.

3.5 Event Diagnostics Not Supported for Security Agent for UNIX

The Assets Monitoring Failures report contains Windows assets only. It does not contain data related to UNIX assets. (Bug 906282).

3.6 Events Not Generated When Soft Link for File is Deleted

Issue: File was deleted events are not generated when soft link for file is deleted. (Bug 975575)

3.7 Sentinel Agent Manager Connector Not Working in FIPS Mode

Issue: Sentinel Agent Manager Connector does not work in FIPS mode.(Bug 997589)

Workaround: Perform the steps mentioned in the Knowledge Base Article 7018187 for Sentinel Agent Manager Connector to work in FIPS mode.

3.8 Security Agent for UNIX 7.5.1 and Later With Change Guardian 5.0 and Secure Configuration Manager Cannot Coexist

When you install Security Agent for UNIX 7.5.1 and later using CG AM for new installation of Change Guardian 5.0 and SCM 6.x on the same computer, SCM registration fails due to dynamic certificate changes. To configure Security Configuration Manager server, see the Knowledge Base Article 7023134(Bug 1045613)

3.9 SCM Registration Fails While Upgrading Security Agent for UNIX from 7.5 to 7.5.1 and Later Using CG AM 5.0 and Later

Issue: SCM Registration Fails While Upgrading Security Agent for UNIX from 7.5 to 7.5.1 and later using CG AM 5.0 and later where SCM and Change Guardian are enabled. (Bug 1056447)

Workaround: Perform the following steps from UAM to re-register Security Agent for UNIX with SCM server:

  1. Go to Configure > SCM Options.

  2. Click Configure button.

  3. In the SCM Configuration window, ensure that the Core Services Address is same as SCM Core IP Address and click Save.

  4. Restart the agent service by selecting Stop and Start buttons in the Agent Controls panel.


You can perform the following manual registration steps on Security Agent for UNIX:

  1. Navigate to the following location: /usr/netiq/bin

  2. Run the following command:./wcRegister

  3. Run the following command to restart SCM services: /etc/init.d/uvserv restart

4.0 Contacting Micro Focus

For specific product issues, contact Micro Focus Support at

Additional technical information or advice is available from several sources:

5.0 Legal Notice

© Copyright 2019 Micro Focus or one of its affiliates.

The only warranties for products and services of Micro Focus and its affiliates and licensors (“Micro Focus”) are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. Micro Focus shall not be liable for technical or editorial errors or omissions contained herein. The information contained herein is subject to change without notice.

For additional information, such as certification-related notices and trademarks, see