ESET File Security Quarantined .dim Files

mhasanbulli · August 1, 2017, 12:59am

Hello,

I have set up a local Elasticsearch instance with two nodes. I have Logstash sending documents every 15 minutes. Today one of our IT members warned me that there are some "viruses" on the Windows server I was given. When I checked 8 .dim files in the indices of one of the nodes have been identified as "a variant of leronim.512 virus". I have searched for a similar post on the discussion forums but it seems like there aren't any topics related with ESET. Below is a screenshot from the virus protection.

Has anyone seen a similar behaviour?

Cheers.

Edit: I know they are not viruses. Hence, I used quotation marks.

warkolm · August 1, 2017, 1:26am

This is a file that lucene creates, it's not a virus.

See https://lucene.apache.org/core/6_0_1/core/org/apache/lucene/codecs/lucene60/package-summary.html

mhasanbulli · August 1, 2017, 1:42am

Thanks for the reference @warkolm. I understand and knew they are not viruses. I think I did not phrase my question clearly. I was just wondering why ESET is marking them as viruses and if anyone came across a similar situation.

warkolm · August 1, 2017, 3:44am

You'd have to ask the vendor of the product.

Topic		Replies	Views
Malware detected in elasticsearch index file Elasticsearch	4	4252	November 1, 2018
Why is the file scanned as a non secure file? Elasticsearch	2	122	May 13, 2025
Open Elasticsearch lucene files with Luke Elasticsearch	8	820	July 6, 2017
Zero-day-exploit in log4j2 which is part of elasticsearch Elasticsearch	94	65414	January 20, 2022
Elasticsearch, APM Server, Metricbeat 6.5.1 and Symantec WS.Reputation.1 Elasticsearch	2	660	December 21, 2018

ESET File Security Quarantined .dim Files

Related topics