Malware Detection Tool found a malware in one of the Elasticsearch logging node index filesystem idices
Issue
- Malware detection found a malware in one of the
elasticsearch logging node
index filesystem in project namespaceidices
.
Date & Time of detection Server Detection Detail Action
November 9, 2019 02:57:52 abc.example.com BAT_Generic /elasticsearch/persistent/logging-es/data/nodes/0/indices/xxxxxxxxxxxxxxxx/0/index/_xxx_Lucene50_0.tip
Action Result: Quarantined Quarantined
- The full details from the Malware Detection Tool:
Malware Information
Detection Time: November 9, 2019 02:57:52
Infected File(s): /elasticsearch/persistent/logging-es/data/nodes/0/indices/xxxxxxxxxxxxxxx/0/index/_xxx_Lucene50_0.tip
File SHA-1: 134FC2Bxxxxxxxxxxxxxxx13Dxxxxx800
Malware: BAT_Generic
Scan Type: Real Time
Action Taken: Quarantined
Computer Information
Computer: abc.example.com
Container Name: k8s_elasticsearch_logging-es-data-master-xxxxxx-4-gxpxx_openshift-logging_30xxxxxx-xxxxx-11e9-xxxxx-000xxxxxxxx_0
Container ID: xxxxxxxxxxxxxx
Container Image Name: sha256:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Environment
- Red Hat OpenShift Container Platform
- 3.11
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.