The maldet real-time monitoring daemon will not start. How can I fix this?

1. Double check that the default_monitor_mode is set:

Edit /usr/local/maldetect/conf.maldet and find and set:

default_monitor_mode="users"

2. Some users may also need to increase their inotify file watch limit on their systems before the maldet monitoring daemon will start.

To view your current limit:

cat /proc/sys/fs/inotify/max_user_watches

To raise your limit:

echo fs.inotify.max_user_watches=1048576 > /etc/sysctl.d/sentinel.conf
sysctl -p /etc/sysctl.d/sentinel.conf

Start the service:

systemctl restart maldet

Check the logs for any errors:

tail -f /usr/local/maldetect/logs/event_log  

Example error of when max_user_watches is too low:

Please increase the amount of inotify watches allowed per user via `/proc/sys/fs/inotify/max_user_watches'.
  • real-time monitoring, maldet
  • 3 Bu dökümanı faydalı bulan kullanıcılar:
Bu cevap yeterince yardımcı oldu mu?

İlgili diğer dökümanlar

How can I fix incorrect date and times displayed in the extension?

Server Time Our extensions require that the date, time, and timezone be set correctly on the...

How can I fix the error: Kohana_Exception [ 0 ]: Directory APPPATH/cache must be writable?

This error means that the permissions on the Plesk extension are not set properly. Running the...

How can I fix the error: The [imunify360] repository is installed but do not have an [exclude] line that excludes conflicting packages?

Warden requires that you use the ClamAV packages from the EPEL repository. In order to prevent...

How can I fix the error: The domain limit of this license key has been reached?

The admin and pro versions of our products are limited to the number of domains you can have in...

How can I repair my Sentinel Anti-malware installation?

If your Sentinel Anti-malware installation is having problems it is recommended to go though the...