On Windows 7 and Windows 2008 R2 operating systems, the file size of the directories continuously change. Because of the file size changes, you might see many file integrity monitoring events even though the files in the directory have not changed.
1. Agent is upgraded from previous versions, such as PSW 2.1, SPW 2.2, PD 10.1.
2. Run FIM schedule comparison.
3. Some file directories are raised File_Modified events, but nothing change for the files under these directories.
Resolving the problem
To resolve the issue, FIM will ignore the file size change of directories by setting the file size of the directories to empty. For agents that are updated from previous version (PSW 2.1, SPW 2.2, PD 10.1), you must run a complete baseline to reset the existing FIM database.
If the above information does not resolve your issue, please contact IBM Security Systems Customer Support.
Rate this page:
Copyright and trademark information
IBM, the IBM logo and ibm.com are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at www.ibm.com/legal/copytrade.shtml.