# BSM conversion requested for unknown event 43234



## Khaine (Sep 9, 2021)

Hi,

I have a server running 12.2-RELEASE-p10 that I use to build freebsd packages.  I keep getting the following errors in my daily run output email:



> Security check:
> 
> Build.local kernel log messages:
> +BSM conversion requested for unknown event 43234
> +BSM conversion requested for unknown event 43234



When I check /var/log/messages I see the following:


```
Sep  9 01:30:23 Build auditd[67137]: renamed /var/audit/20210908140000.not_terminated to /var/audit/20210908140000.20210908153023
Sep  9 01:30:23 Build auditd[67137]: New audit file is /var/audit/20210908153023.not_terminated
Sep  9 01:30:23 Build root[66179]: audit warning: closefile /var/audit/20210908140000.20210908153023
Sep  9 01:30:23 Build root[67473]: audit warning: expired /var/audit/20210906155748.20210906155749.gz
Sep  9 01:30:23 Build root[67608]: audit warning: expired /var/audit/20210906155749.20210906155750.gz
Sep  9 01:30:27 Build kernel: BSM conversion requested for unknown event 43234
Sep  9 01:30:27 Build syslogd: last message repeated 11 times
```

I am unable to identify what is causing the unknown event and correct it.  It appears to be similar to similar to Bug 248025.  Does anyone have any ideas? Is this something I should be raising as a bug?

Thanks in advance


----------

