Environment
- Carbon Black Cloud Linux Sensor: 2.10 and newer
- Kernels: Linux 4.4 Kernels and newer
Symptoms
Sensor stays in bypass saying Kernel Headers are needed while checking prerequisite for Linux install command:
cat /boot/config-$(uname -r) | grep CONFIG_IKHEADERS
results show:
Config_IKHeaders=m
Cause
Specific functionality is missing or corrupt.
Resolution
Install Devel Headers or reinstall Kernel Headers using this
Guide.
Additional Notes
Config_IKHeaders=m means the kernel module should be there.
If the sensor says it is in bypass because of the Kernel headers with the value Config_IKHeaders=m then they must be missing or corrupt.
Related Content
