Version 1.1.4 of the Cmd Audit agent introduces support for Oracle Linux 7 and 8, resolves an incompatibility with SELinux, fixes an issue that could result in duplicate entries representing the same server, and makes an assortment of minor improvements.

Support for Oracle Linux

The agent now supports Oracle Linux 7 with RHCK and UEK kernels 3.10+, and Oracle Linux version 8 with RHCK and UEK kernels 4.18+. Deploy to your heart's content!

SELinux compatibility

Implemented a rewritten, BPF-specific SELinux policy that resolves all remaining SELinux issues. The agent and SELinux are now best friends.

Duplicate server entries

Resolved an issue where upgrading an agent could result in duplicate server entries — one for the pre-update, and one for the post-update server.

Other improvements

  • The agent more reliably records the current working directory (cwd) field of Exec events.

  • Fixed an installation issue related to FIPS mode on CentOS/RHEL/Oracle Linux.

SHA-256 checksums:




If you have automatic agent updates enabled, this version will roll out automatically. Otherwise see our documentation for deployment instructions.

Did this answer your question?