I recently upgraded to R9. Since then, the data for installed applications has been somehow written incorrectly to the DB. Specifically, all listed applications have an incorrect Version, Manufacturer, Product Name, File Size, and Last Modified Date.
This is happening on 3 servers after upgrade. One overwrites those fields for all entries with Microsoft Office 2013 information, another server does the same but with Windows Media Player info and the third does the same with an Internet Explorer Add-On.
I initially thought it was a one-off issue and ran the reset audit cache procedure on all machines. This seemed to fix the issue. Then today, I discovered the data had been overwritten again.
I checked the appAuditCache.txt file for an affected machine and it looks to have the correct data. So, it appears the issue is happening when the data is actually being written.
I have rerun all audits with no success and am out of ideas. I've already submitted ticket #91397 for the issue but thought i'd check here as well.
Hi Rusty Franks
We have identified this issue and reported it to engineering for review.
I will update your ticket indicating this information.
thanks, hopefully there's a quick fix as this is really hampering my reporting.
Hey Rusty Franks
I know you mentioned running audits to try and correct the issue.
However, I believe running a baseline audit may restore the information as a temporary workaround if you require this information immediately.
Unfortunately, from what we have seen - the issue will arise again.
Let me know if the baseline audit does not work for you and I can add this information within your ticket as well.
i've manually run all 3 audits to no avail
No problems here, running 188.8.131.52.
I'm guessing it's a specific combination of OS and installed apps that triggers the bug; probably something with a stray SQL reserved character not being escaped out which breaks the SQL query that updates the K database.
Look for any programs installed that have ' " ; or other reserved symbols in their name, filename or path as a possible cause.