Enabling ARM on WebSEAL
To enable ARM on WebSEAL follow the procedure described here.
To enable ARM on WebSEAL:
- Ensure that you have the following libraries:
- libarm4.so
- libttapi.a
- libkbb.a for RAS1 logging
- Set the following values in the WebSEAL configuration file, WEBSEAL_HOME/etc/webseald-instance.conf:
- library = /opt/IBM/ITM/aix533/tu/tusupport/libarm4.so
- If you are using RPT with WebSEAL, accept-correlators = yes
- enable-arm = yes
- insert-client-real-ip-for-option-r = yes
- report-transactions = yes
- app-group = webseal
- app-instance = WebSEAL_iago
- Set the library paths in the pdweb_start file, /opt/pdweb/bin/pdweb_start.
Add the following environment variables to the beginning of the pdweb_start file:
CANDLE_HOME=/opt/IBM/ITM export CANDLE_HOME LIBPATH=$CANDLE_HOME/aix533/tu/tusupport/32:$LIBPATH export LIBPATH KBB_RAS1=ALL KBB_RAS1_LOG=/tmp/pdweb.ras1 export KBB_RAS1 export KBB_RAS1_LOG
Note: On AIX systems, the webseald program may have the setuid security feature which stops LIBPATH being propagated. Run pdweb_start as root to circumvent this problem. - Restart WebSEAL. The RAS1 log file, /tmp/pdweb.ras1 defined in the previous step is generated immediately if ARM has been successfully enabled.
- If required, modify the location of the remote Transaction Collector in the armconfig.xml file to which the ARM data will be sent.
- If required, customize filters for WebSEAL data in the Application Management Configuration Editor.