Issue Symptom: The App Infrastructure Protection (AIP) Agent is not sourcing auditd log information.
Agent Behavior: The behavior of the AIP Agent varies and may include, but is not limited to, crashes and repeated quick cycles of availability/unavailability (flap).
Issue Root Cause: There is a known issue where the default auditd process only allows one connection for audit socket control. As a result, any non-AIP agents that use auditd conflict with the AIP Agent over access to audit socket control.
Issue Assistance: If you experience an issue similar to the one described above, please reach out to your CSM. Include details about your environment, such as your build script order and any non-AIP Agents on your system that could be leveraging a direct link to your host OS.