Forum Discussion

rob_wood_8894's avatar
rob_wood_8894
Brass Contributor
Aug 01, 2022

Install/Post Install Issues

Hello,

These logs are from an attempted install on RHEL.  Looking for a steer if anyone has seen these before

 

OS: Oracle Linux v7.9

Kernel: 3.10.0-1160.71.1.0.1.el7

mdatp: 101.62.74

python: 2.7.5

sqlite: 3.7.17

 

Issue 1

/var/log/microsoft/mdatp/microsoft_defender_v2.log

Exceeded execution count

Metastore SQL DB version is out of date. Attempting migration from 32.

sqlite3_exec Error:database disk image is malformed

SQL:DROP TABLE IF EXISTS SQLiteGlobals; CREATE TABLE SQLiteGlobals(ID INTEGER PRIMARY KEY NOT NULL, Version INTEGER NOT NULL, Current BOOLEAN NOT NULL, LastUpdated TEXT NULL);, HRes:0x87af000b

MetaStore is unavailable. Persistence of RollingQueues will not work.

 

Issue 2

/var/log/microsoft/mdatp/microsoft_defender_v2.log

[7513][2022-07-26 22:25:56.600710 UTC][info]: number of process starts has been exceeded

[7513][2022-07-26 22:27:56.628675 UTC][info]: number of process starts has been exceeded

[7513][2022-07-26 22:28:56.629098 UTC][info]: number of process starts has been exceeded

[7513][2022-07-26 22:29:56.629821 UTC][info]: number of process starts has been exceeded

[7513][2022-07-26 22:30:56.630817 UTC][info]: number of process starts has been exceeded

[7513][2022-07-26 22:31:41.100805 UTC][info]: number of process starts has been exceeded

[7513][2022-07-26 22:31:56.631628 UTC][info]: number of process starts has been exceeded

 

Thanks in anticipation

  • rob_wood_8894 
    Can you kindly share the o/p of mdatp health.

    The second log message should be fixed in the latest engine. I will check and get back on the first one once i have the o/p of mdatp health.

    • shorif2000's avatar
      shorif2000
      Copper Contributor

      Srinivas_Koripellawhat do you mean by engine? we have latest sqlite installed

      $ sudo yum install sqlite
      Loaded plugins: langpacks, ulninfo
      Package sqlite-3.7.17-8.el7_7.1.x86_64 already installed and latest version
      • Srinivas_Koripella's avatar
        Srinivas_Koripella
        Icon for Microsoft rankMicrosoft

        shorif2000 Engine version is the one you see in  the mdatp health o/p. If you can give me the o/p of the entire mdatp health output, i can do a quick check and see if i can find something.

         

        healthy : true
        health_issues : []
        licensed : true
        engine_version : "1.1.19530.0"
        app_version : "101.73.77"

Resources