Product Documentation
Abstract
OMNIbus provides periodic fixes for release 7.4.0. The following is a complete listing of GA and scheduled fixes for Version 7.4.0 with the most recent fix at the top.
7.4.0.11
| Status | |
|---|---|
|
Fix release date: 13/05/2016 Last modified: 13/05/2016 Status: Recommended Download information |
| APAR | Description |
| IV70937 | The nco_config command will remove the newline character on triggers that contain comments after the "When" clause. This causes the trigger to fail the syntax check. This problem has been resolved. |
| IV79347 | Probes intermittently failed to connect to the ObjectServer with the following error message in the probe logfile: 'Error: E-UNK-000-000: Server verification failure. Failure Code=1013.' This has now been fixed. |
| IV81216 | The Aggregation layer self-monitoring log file includes entries for all alerts that it generates as well as those it receives from both AGG_B and any Collection layer ObjectServers. Previously it was ambiguous as to which ObjectServer the alerts were coming from, with respect to the log messages. This fix prepends the ServerName the alert was generated on to the log file message to clarify this. Users who have V7.4 fix pack 10 or older should apply the following file to address this APAR: $OMNIHOME/extensions/selfmonitoring/self_monitoring_update74fp10to74fp11.sql The Netcool administrator should review the contents of this file before it is applied. |
| IV82539 | The SQL generated by nco_osreport for use by nco_dbinit specifies 'persistent' as the memstore type for all memstores to be created. This problem has been fixed so that memstore type in the generated SQL will be persistent, virtual, or temporary, to match the memstore type in the ObjectServer. |
7.4.0.10
| Status | |
|---|---|
|
Fix release date: 23/02/2016 Last modified: 23/02/2016 Status: Superceded Download information |
| APAR | Description |
| IV80895 | The JRE for Tivoli Netcool/OMNIbus V7.3.0, V7.3.1, and V7.4.0 was updated to IBM JRE 6.0 SR16 FP20 to address possible security issues. |
7.4.0.9
| Status | |
|---|---|
|
Fix release date: 29/01/2016 Last modified: 29/01/2016 Status: Superceded Download information |
| APAR | Description |
| IV79815 | Unable to view OMNIbus related messages in the Windows event viewer. This problem has been resolved. |
| IV79413 | A password may show up in plain text in a 'create user' error message. This problem has been resolved. |
| IV79952 | The GSKit version has been upgraded to 8.0.50.57 on OMNIbus 7.3.1, 7.4.0, and 8.1.0 to include a fix for a potential security problem. |
| IV78816 | The JRE for Tivoli Netcool/OMNIbus V7.3.0, V7.3.1, and V7.4.0 was updated to IBM JRE 6.0 SR16 FP15 to address possible security issues. |
| IV63264 | Calls to get the Common Name failed with certificates with valid raw OID's in the distinguished name field. The problem was fixed in OMNIbus version 7.4.0 fix pack 7. |
7.4.0.8
| Status | |
|---|---|
|
Fix release date: 30/11/2015 Last modified: 30/11/2015 Status: Superceded ****************************************************************** *A change introduced by this fix pack might negatively * affect existing product function * Please see APAR IV79815 for details. ****************************************************************** Download information |
| APAR | Description |
| IV74891 | If an event is deleted in the Aggregation layer and then deduplicates in the Collection layer, this causes a new event insert in Aggregation with the same ServerName/ServerSerial values. As a result, when the historical gateway sends the new insert to the historical database, the insert fails due to a Unique Constraint or Primary Key error, since the same primary key ServerName/ServerSerial already exists in the database. This problem has been resolved. |
| IV73109 | The ICU component used by Tivoli Netcool/OMNIbus has been upgraded to version 55.1 to address a potential security problem that is fixed in this version of ICU. |
| IV75900 | Upgrade to GSKit version 8.0.50.47 on OMNIbus 7.3.1, 7.4.0, and 8.1.0. This is due to a potential security problem that was fixed in this version of GSKit. |
| IV73279 | The JRE for Tivoli Netcool/OMNIbus V7.3.1 and V7.4.0 was updated to IBM JRE 6.0 SR16 FP7 to address possible security issues. |
7.4.0.7
| Status | |
|---|---|
|
Fix release date: 15/07/2015 Last modified: 15/07/2015 Status: Superceded ****************************************************************** *A change introduced by this fix pack might negatively * affect existing product function * Please see APAR IV79815 for details. ****************************************************************** Download information |
| APAR | Description |
| IV66679 | A failed remote procedure call by the Process Agent causes memory growth. This problem has been resolved. |
| IV73221 | New function to allow redirecting ObjectServer connections to a different ObjectServer (or a different virtual pair). There is a new signal trigger, named pre_connect, which is always called when a client connects, before authentication. There is new sql " alter system redirect connection 'SERVERNAME' " which can only be issued from this new signal trigger. It causes the client to be redirected to that SERVERNAME. Note that the new SERVERNAME must exist in the omni.dat where the ObjectServer resides. |
| IV72682 | When the 'KeepLastBrokenSAF' property is set to '1' and any corrupt records are found during the forwarding of store-and-forward cached alerts, the original SAF file should be retained and renamed to a file with the suffix '.broken'. Due to regression introduced in fixpacks 7.3.0.6 and 7.3.1.2, this was not happening. The regression is also present in fixpacks 7.4.0.5 and 8.1.0.2 and earlier fixpacks of the 7.4 and 8.1 releases. This has now been fixed. |
| IV73123 | The LDAP libraries used by Tivoli Netcool/OMNIbus were updated to TDS version 6.3.0.36 to address potential security issues. Note: Not available for platform HPUXIA. |
| IV73107 | The JRE for Tivoli Netcool/OMNIbus V7.3.1 and V7.4.0 was updated to IBM JRE 6.0 SR16 FP4 to address possible security issues. |
| IV73963 | There is an internal limit of 16K on a 'create procedure' SQL statement. Previously, the system issued an error message for statements that exceeded 32K but would core dump on statements that were between 16K and 32K in size. The code has been fixed to reject a 'create procedure' statement that exceeds 16K and log an error message. |
| IV74026 | The GSKit component used by Tivoli Netcool/OMNIbus is upgraded to version 8.0.50.42. This is done to address a potential security problem that is fixed in this version of GSKit. |
| IV67946 | Log file pooling/rolling does not release file handles. This problem has been resolved. |
7.4.0.6
| Status | |
|---|---|
|
Fix release date: 09/04/2015 Last modified: 09/04/2015 Status: Superceded ****************************************************************** *A change introduced by this fix pack might negatively * affect existing product function * Please see APAR IV79815 for details. ****************************************************************** Download information |
| APAR | Description |
| IV65806 | Cacherules does not produce a correct lookup table when there is a blank value on the end of the key/value list. This problem has been fixed. |
| IV68107 | The MIB manager garbles the generated rules file when exporting MIBs causing any events processed by these rules to have an unusable OS_EventId. This problem has been resolved. |
| IV68942 | A malloc error was issued when using invalid data in probe rules for the nvp_add function. That message was incorrect and was replaced with the correct error message that hilights the invalid data. |
| IV68940 | When CacheRules was set to 1 the lookup table would not be written properly after a -HUP. This problem has been resolved. |
| IV69160 | When a lookup table is empty, the cache file has an incorrect checksum because of a syntax error. This problem has been resolved. |
| IV68690 | The syntax probe was unable to validate probe-specific rules functions. This problem has been fixed. A corresponding fix to any probe which uses probe-specific functions is required. |
| IV70540 | The GSKit component used by Tivoli Netcool/OMNIbus is upgraded to version 8.0.50.41. This is done to address a potential security problem that is fixed in this version of GSKit. |
| IV69143 | The LDAP libraries used by Tivoli Netcool/OMNIbus were updated to TDS version 6.3.0.35 to address potential security issues. Note: Not available for platforms HPUX and HPUXIA. |
| IV71122 | The JRE for Tivoli Netcool/OMNIbus V7.3.1 and V7.4.0 was updated to IBM JRE 6.0 SR16 FP3+IV70681 to address possible security issues. |
7.4.0.5
| Status | |
|---|---|
|
Fix release date: 09/12/2014 Last modified: 09/12/2014 Status: Superceded ****************************************************************** *A change introduced by this fix pack might negatively * affect existing product function * Please see APAR IV79815 for details. ****************************************************************** Download information |
| APAR | Description |
| IV61840 | The LDAPTimeout parameter might not time out LDAP authentication requests under the following conditions: - An SSL protocol is being used - A TCP/IP socket level call is delayed - An LDAP search is delayed This can delay the ObjectServer failing over to a backup if it is configured to use multiple LDAP servers and the first one is unresponsive or unavailable. This problem has been resolved. |
| IV55784 | If a pre-insert trigger also does an insert into the same table, the two events can end up with the same Serial value if the Serial number wraps during the insert. This problem is resolved. |
| IV62192 | MIBs containing extra spaces failed to import properly resulting in orphans. This problem has been resolved. |
| IV61491 | MIB Manager might fail to import an MIB if the MIB contains non-ASCII characters and MIB Manager is not running in a UTF-8 locale. The import completes without errors or warnings but the MIB is not displayed in the 'MIB Modules' tab on MIB Manager. This problem has been resolved. |
| IV62891 | The nco_config updates a Boolean column when selected. This problem has been resolved. |
| IV63168 | Assigning an integer value to a string column in a JSON row set payload for an ObjectServer table that was sent as part of an HTTP POST to the servers HTTP interface, caused the server to crash. This issue is now fixed. The type mismatch is now correctly handled and a HTTP 400 (Bad Request) is returned with a JSON error payload to indicate a type mismatch. |
| IV56455 | The failover thread of a probe running in slave mode in a peer-to-peer failover setup might hang. This could result in the probe failing to send events on if it loses contact with the master probe of the peer-to-peer pair. It could also result in unbounded memory growth of the slave probe as it buffers all events without flushing the buffers. This issue has been fixed. |
| IV63757 | The following Log File Pool properties were added to the default NCOMS.props file: LogFileUsePool, LogFilePoolSize, LogFileUseStdErr. |
| IV63758 | Some fields of the Restrict Rows section of the desktop View Builder did not work correctly. These fields restrict the number of rows on display in the event list. Minimum Maximum Default After you entered values in these fields, they defaulted back to 1. The same occurred after you used the arrows to change the values. This problem has been fixed. |
| IV63759 | After you changed the value of the event_flash_time property in the ~/.omnibus/prefs file, then event list freezes. This problem has been fixed. |
| IV64030 | If an integer value in a property file starts with a zero, the value was treated as octal-based rather than base 10. This problem has been resolved. |
| IV63169 | The JRE for Tivoli Netcool/OMNIbus V7.3.1 and V7.4.0 was updated to IBM JRE 6.0 SR16 FP1 to address possible security issues. |
| IV64823 | When using registertarget/settarget, the server name value from the registertarget/settarget directives should be on the insert statement in the log file. This problem has been resolved. |
| IV51280 | The indexes implemented in OMNIbus prevent some post-database action based triggers from functioning correctly. The problem is that indexes are updated after the post insert action has been fired. For example, it is not possible to find the new row using the Serial field in an after insert trigger because the index on the Serial field has not been updated. Note, the new row variable holds a reference to the row which can be used instead. This problem has been corrected. |
| IV65579 | The shared library version information will now be output when a probe is run with -version, it will also be added to the log header which is written out with every new logfile. |
| IV63601 | When the nco_osreport -dbinit command is run to extract configuration from an ObjectServer, or the nco_dbinit command is run to create an ObjectServer from extracted configuration files, the command fails and the following error is written to the log. Object not found in file automation.sql at or near channel_stats on line 19 of statement 'create or replace trigger aen_activity' This problem has been resolved. |
| IV62328 | Changes to an SQL parameter from IN to OUT could cause the ObjectServer to crash. This problem has been resolved. |
| IV66640 | ObjectServer crashes after resynchronization by gateway due to a restriction filter. This problem has been resolved. |
| IV63870 | When installing a probe or gateway into Netcool/OMNIbus V7.4.0 with fix pack 4 on Windows Server 2012, the following error message is displayed after the license is accepted: "Deployment Engine failed to initialise". When the error is acknowledged, the installer shuts down. This problem occurs because fix pack 4 downgrades a component of the integrations installer. The problem is now fixed. |
| IV63973 | The following security-related files have been designated configuration files so that any changes that are made to these files are retained after any future updates to the JRE: - java.security - US_export_policy.jar - local_policy.jar This change means that the next JRE update after Netcool/OMNIbus 7.4.0.5 will resolve the problem of FIPS 140-2 configurations being overwritten when the JRE is updated. |
7.4.0.4
| Status | |
|---|---|
|
Fix release date: 02/07/2014 Last modified: 02/10/2014 Status: Superceded ****************************************************************** *A change introduced by this fix pack might negatively * affect existing product function * Please see APAR IV79815 and IV63870 for details. ****************************************************************** Download information |
| APAR | Description |
| IV43001 | The Windows event list is unable to execute tools with external commands if the user does not have write permissions for %OMNIHOME%\var. Previously, a tool with external commands created a temporary batch file to execute, and that file was hardcoded to be in %OMNIHOME%\var. Now, a new variable is introduced (%OMNIVAR%) so the user can configure where the temporary batch file is created. The user should set this variable prior to running the Windows event list, in order for tools with external commands to be run successfully. If the %OMNIVAR% variable is not set, the temporary batch files will still be created in %OMNIHOME%\var. |
| IV44077 | Some fields are corrupted on the native Event List even though the data is correct in the ObjectServer database. This problem has been resolved. |
| IV44138 | This APAR resolves a timing condition that can result in a Gateway deadlock if the connection to the ObjectServer is lost during a resynchronization. When the APAR is applied, the Gateway will wait for its back-off interval and restart the resynchronization. The following messages are written to the log file following a disconnect: Debug: D-GOB-105-049: [ngobjserv]: Writer: Attempting to disconnect from server 'MANPDIS_OS'. Debug: D-GOB-105-048: [ngobjserv]: Writer: Attempting Connection to server 'MANPDIS_OS'. Debug: D-IPC-053-021: Challenge callback (inmsgid = 32800) executing due to activity on session 'MANPDIS_OS' Debug: D-GOB-105-208: [ngobjserv]: ObjectServer 'MANPDIS_OS' identified to be 73. Iduc V1, V2 and V2.1. Debug: D-GOB-105-089: [ngobjserv]: Writer: Established connection to server 'MANPDIS_OS' primary. In a working scenario with no deadlock, the next message written to the log is: 2013-06-04T16:40:51: Debug: D-GOB-105-153: [ngobjserv]: Resynchronisation request sent to the Resync Manager by object 'Writer'. If this message is not written, a deadlock has occurred. |
| IV36731 | When the backup ObjectServer in a failover pair stops running and then restarts, it does not restart in acting primary state. This problem is fixed. |
| IV44511 | In rules files, environment variables could not be used in paths for lookup tables or include files where the path was a HTTP link. Also, HTTP links could not be specified as a path to a lookup table. These issues are resolved. |
| IV40187 | On Windows operating systems, when a native event list tool contains more than 1 prompt, the Cancel and Help buttons on the prompt dialog overlap. This problem is fixed. |
| IV47285 | Property names that contain non-alphanumeric characters that are written out to the probe rules cache file but are not enclosed in brackets caused a parse error when the cache file was reread. This issue is resolved. |
| IV48435 | When all event inserts in an ObjectServer are fast-tracked via the Accelerated Event Notification (AEN) system, the ObjectServer can generate these notifications faster than they can be read by an AEN client, such as a gateway. This causes the network buffer to the client to become full and AEN messages to the client to be dropped and lost. This problem is fixed. Now, the ObjectServer Accelerated Event Notification (AEN) subsystem retries to send messages that could not previously be sent because of a full network buffer. This prevents the loss of AEN notifications when there is a high load of messages. Also, ObjectServer gateways that receive AEN messages for fast-tracked events now attempt to optimistically group AEN fast-track messages into batches, to improve processing through the gateway. |
| IV50509 | Event Collection Identifier Pattern (ECIP) capabilities have been added to the Netcool/OMNIbus OSLC Provider. These capabilities enable an administrator to assign a query pattern to various resource types known in the JazzSM resource registry. The resource types can be registered for the provision of an events URI in reconciled resource records. To upgrade an ObjectServer that is running the OSLC interface with the components required for ECIP support, apply the following SQL file to the ObjectServer: $OMNIHOME/etc/update74to74fp3.sql Refer to the Tivoli Netcool/OMNIbus documentation for further details. |
| IV47894 | On UNIX and Linux operating systems, nco_osreport fails to
connect to an ObjectServer when the host name entry for the
server in omni.dat contains a hyphen (-). The following error is
reported:
'Error reading report template: Server " |
| IV50097 | When installing a probe or gateway into Netcool/OMNIbus V7.4.0 with fix pack 2, on Windows Server 2012, the following error message is displayed after the license is accepted: "Deployment Engine failed to initialise" When the error is acknowledged, the installer shuts down. This problem occurs because fix pack 2 downgrades a component of the integrations installer. The problem is now fixed. |
| IV29952 | When invalid characters or control characters are present in a rules file, or an included rules file (.include), an error message is printed and the parser exits. This problem is resolved. |
| IV47404 | In Tivoli Netcool/OMNIbus V7.4 installations, the LD_LIBRARY_PATH environment variable was not set correctly for Java-based programs in 64-bit environments. This problem is fixed. |
| IV51638 | A relative include statement in the probe rules file causes the probe parser to look for a file that is relative to the directory that the rules file is in. On Windows operating systems, an incorrect relative path can be generated which causes the include file to fail to load. For example, assume that the following include is added to a simnet.rules file in '/rules/directory/simnet.rules': include "subdir/probewatch.include" The probe could fail to start and the following error would be written to the probe log file: 2013-09-23T16:37:10: Error: E-UNK-000-000: Failed to open Rules file: /rules/directory/simnet.rules\subdir/probewatch.include This occurs on Windows operating systems only. |
| IV51389 | An enhancement has been made to enable Netcool/OMNIbus probes to utilize probe registry schema changes that will be introduced in a future version of Netcool/OMNIbus. |
| IV51455 | This extension provides additional self monitoring capabilities to an ObjectServer by monitoring internal KPIs and generating synthetic events based on the KPI data. In addition, a threshold table is defined so that alerts will be generated when thresholds are breached. Finally, table counts and alerts are logged to a new file in the $OMNIHOME/log directory. A WebGUI dashboard is also provided to make viewing self monitoring data across your environment easier. |
| IV51454 | This extension will provide X in Y functionality to OMNIbus. Once installed, if XEvents and XSeconds are set in the Probe rules, it will automatically escalate any events that breach the defined X events in Y seconds threshold for that event. The default escalation behaviour is to set SuppressEscl to 1 (ie. "Escalated"). The escalation actions can be extended however by adding your own trigger to perform additional actions when SuppressEscl is set to 1. |
| IV51589 | The log rotation feature that allows old log and trace files to be saved without overwriting has been expanded to all operating systems. The following properties are no longer restricted to Windows operating systems only: LogFilePoolSize LogfileUsePool LogFileUseStdErr |
| IV51631 | Using the HTTP interface to select a table with a name that is too long can cause a memory corruption. This problem is resolved. |
| IV50266 | The ServerName field is incorrect for GatewayWatch events. This problem has been resolved. For new installations, run nco_dbinit as normal. To apply the fix to an existing installation, you must manually update the new_row trigger in automation.sql. To do this, take one of the following actions: 1) Copy the new_row trigger from the default automation.sql file. 2) Alternatively, edit the new_row trigger in automation.sql and change this line: if ( %user.is_gateway = false ) to this: if ( ( %user.is_gateway = false ) OR (( new.Manager = 'GatewayWatch' ) AND ( new.ServerSerial = 0 )) ) |
| IV51847 | The JRE for Tivoli Netcool/OMNIbus is updated to IBM JRE 6.0 SR15 to address possible security issues. |
| IV51848 | The GSKit component used by Tivoli Netcool/OMNIbus is upgraded to version 8.0.14.34. This is done to address a potential security problem that is fixed in this version of GSKit. |
| IV52750 | Three configuration files are added to the $NCHOME/omnibus/extensions directory to enable integration between Tivoli Netcool/OMNIbus and IBM SmartCloud Analytics - Log Analysis. Two files are required to configure the accelerated event notification channel and one file is required to create Active Event List right-click tools and menus. |
| IV51068 | LDAP bind can fail if SSL is configured to use Windows Active Directory. This problem has been resolved. |
7.4.0.3
| Status | |
|---|---|
|
Fix release date: 02/07/2014 Last modified: 02/10/2014 Status: Superceded Download information |
| APAR | Description |
| IV43001 | The Windows event list is unable to execute tools with external commands if the user does not have write permissions for %OMNIHOME%\var. Previously, a tool with external commands created a temporary batch file to execute, and that file was hardcoded to be in %OMNIHOME%\var. Now, a new variable is introduced (%OMNIVAR%) so the user can configure where the temporary batch file is created. The user should set this variable prior to running the Windows event list, in order for tools with external commands to be run successfully. If the %OMNIVAR% variable is not set, the temporary batch files will still be created in %OMNIHOME%\var. |
| IV44077 | Some fields are corrupted on the native Event List even though the data is correct in the ObjectServer database. This problem has been resolved. |
| IV44138 | This APAR resolves a timing condition that can result in a Gateway deadlock if the connection to the ObjectServer is lost during a resynchronization. When the APAR is applied, the Gateway will wait for its back-off interval and restart the resynchronization. The following messages are written to the log file following a disconnect: Debug: D-GOB-105-049: [ngobjserv]: Writer: Attempting to disconnect from server 'MANPDIS_OS'. Debug: D-GOB-105-048: [ngobjserv]: Writer: Attempting Connection to server 'MANPDIS_OS'. Debug: D-IPC-053-021: Challenge callback (inmsgid = 32800) executing due to activity on session 'MANPDIS_OS' Debug: D-GOB-105-208: [ngobjserv]: ObjectServer 'MANPDIS_OS' identified to be 73. Iduc V1, V2 and V2.1. Debug: D-GOB-105-089: [ngobjserv]: Writer: Established connection to server 'MANPDIS_OS' primary. In a working scenario with no deadlock, the next message written to the log is: 2013-06-04T16:40:51: Debug: D-GOB-105-153: [ngobjserv]: Resynchronisation request sent to the Resync Manager by object 'Writer'. If this message is not written, a deadlock has occurred. |
| IV36731 | When the backup ObjectServer in a failover pair stops running and then restarts, it does not restart in acting primary state. This problem is fixed. |
| IV44511 | In rules files, environment variables could not be used in paths for lookup tables or include files where the path was a HTTP link. Also, HTTP links could not be specified as a path to a lookup table. These issues are resolved. |
| IV40187 | On Windows operating systems, when a native event list tool contains more than 1 prompt, the Cancel and Help buttons on the prompt dialog overlap. This problem is fixed. |
| IV47285 | Property names that contain non-alphanumeric characters that are written out to the probe rules cache file but are not enclosed in brackets caused a parse error when the cache file was reread. This issue is resolved. |
| IV48435 | When all event inserts in an ObjectServer are fast-tracked via the Accelerated Event Notification (AEN) system, the ObjectServer can generate these notifications faster than they can be read by an AEN client, such as a gateway. This causes the network buffer to the client to become full and AEN messages to the client to be dropped and lost. This problem is fixed. Now, the ObjectServer Accelerated Event Notification (AEN) subsystem retries to send messages that could not previously be sent because of a full network buffer. This prevents the loss of AEN notifications when there is a high load of messages. Also, ObjectServer gateways that receive AEN messages for fast-tracked events now attempt to optimistically group AEN fast-track messages into batches, to improve processing through the gateway. |
| IV50509 | Event Collection Identifier Pattern (ECIP) capabilities have been added to the Netcool/OMNIbus OSLC Provider. These capabilities enable an administrator to assign a query pattern to various resource types known in the JazzSM resource registry. The resource types can be registered for the provision of an events URI in reconciled resource records. To upgrade an ObjectServer that is running the OSLC interface with the components required for ECIP support, apply the following SQL file to the ObjectServer: $OMNIHOME/etc/update74to74fp3.sql Refer to the Tivoli Netcool/OMNIbus documentation for further details. |
| IV47894 | On UNIX and Linux operating systems, nco_osreport fails to
connect to an ObjectServer when the host name entry for the
server in omni.dat contains a hyphen (-). The following error is
reported:
'Error reading report template: Server " |
| IV50097 | When installing a probe or gateway into Netcool/OMNIbus V7.4.0 with fix pack 2, on Windows Server 2012, the following error message is displayed after the license is accepted: "Deployment Engine failed to initialise" When the error is acknowledged, the installer shuts down. This problem occurs because fix pack 2 downgrades a component of the integrations installer. The problem is now fixed. |
| IV29952 | When invalid characters or control characters are present in a rules file, or an included rules file (.include), an error message is printed and the parser exits. This problem is resolved. |
| IV47404 | In Tivoli Netcool/OMNIbus V7.4 installations, the LD_LIBRARY_PATH environment variable was not set correctly for Java-based programs in 64-bit environments. This problem is fixed. |
| IV51638 | A relative include statement in the probe rules file causes the probe parser to look for a file that is relative to the directory that the rules file is in. On Windows operating systems, an incorrect relative path can be generated which causes the include file to fail to load. For example, assume that the following include is added to a simnet.rules file in '/rules/directory/simnet.rules': include "subdir/probewatch.include" The probe could fail to start and the following error would be written to the probe log file: 2013-09-23T16:37:10: Error: E-UNK-000-000: Failed to open Rules file: /rules/directory/simnet.rules\subdir/probewatch.include This occurs on Windows operating systems only. |
| IV51389 | An enhancement has been made to enable Netcool/OMNIbus probes to utilize probe registry schema changes that will be introduced in a future version of Netcool/OMNIbus. |
| IV51455 | This extension provides additional self monitoring capabilities to an ObjectServer by monitoring internal KPIs and generating synthetic events based on the KPI data. In addition, a threshold table is defined so that alerts will be generated when thresholds are breached. Finally, table counts and alerts are logged to a new file in the $OMNIHOME/log directory. A WebGUI dashboard is also provided to make viewing self monitoring data across your environment easier. |
| IV51454 | This extension will provide X in Y functionality to OMNIbus. Once installed, if XEvents and XSeconds are set in the Probe rules, it will automatically escalate any events that breach the defined X events in Y seconds threshold for that event. The default escalation behaviour is to set SuppressEscl to 1 (ie. "Escalated"). The escalation actions can be extended however by adding your own trigger to perform additional actions when SuppressEscl is set to 1. |
| IV51589 | The log rotation feature that allows old log and trace files to be saved without overwriting has been expanded to all operating systems. The following properties are no longer restricted to Windows operating systems only: LogFilePoolSize LogfileUsePool LogFileUseStdErr |
| IV51631 | Using the HTTP interface to select a table with a name that is too long can cause a memory corruption. This problem is resolved. |
| IV50266 | The ServerName field is incorrect for GatewayWatch events. This problem has been resolved. For new installations, run nco_dbinit as normal. To apply the fix to an existing installation, you must manually update the new_row trigger in automation.sql. To do this, take one of the following actions: 1) Copy the new_row trigger from the default automation.sql file. 2) Alternatively, edit the new_row trigger in automation.sql and change this line: if ( %user.is_gateway = false ) to this: if ( ( %user.is_gateway = false ) OR (( new.Manager = 'GatewayWatch' ) AND ( new.ServerSerial = 0 )) ) |
| IV51847 | The JRE for Tivoli Netcool/OMNIbus is updated to IBM JRE 6.0 SR15 to address possible security issues. |
| IV51848 | The GSKit component used by Tivoli Netcool/OMNIbus is upgraded to version 8.0.14.34. This is done to address a potential security problem that is fixed in this version of GSKit. |
| IV52750 | Three configuration files are added to the $NCHOME/omnibus/extensions directory to enable integration between Tivoli Netcool/OMNIbus and IBM SmartCloud Analytics - Log Analysis. Two files are required to configure the accelerated event notification channel and one file is required to create Active Event List right-click tools and menus. |
| IV51068 | LDAP bind can fail if SSL is configured to use Windows Active Directory. This problem has been resolved. |
7.4.0.2
| Status | |
|---|---|
|
Fix release date: 07/30/2013 Last modified: 07/30/2013 Status: Superseded Download information |
| APAR | Description |
| IV26844 | A reference to a row variable in a subselect clause is permitted only if the row variable is on a different nesting level. The following example is NOT allowed: create or replace procedure test1() begin for each row status_row in alerts.status where status_row.Identifier not in (select status_row.Identifier from alerts.test_tab ) begin .... end; end; The following example IS allowed: create or replace procedure test1() begin for each row t_group in catalog.trigger_groups begin for each row trig in catalog.trigger_stats where trig.TriggerName in ( select TriggerName from catalog.triggers where GroupName = t_group.GroupName ) begin ... end; end; end; |
| IV40455 | SP800-131 enhanced encryption settings are now supported. To configure this encryption, add settings to the $NCHOME/etc/security/fips.conf file on UNIX, or the %NCHOME%\ini\security\fips.conf file on Windows. The fips.conf file activates FIPS 140-2 mode, so you must configure FIPS 140-2 mode before you can configure SP800-131 enhanced encryption. If you are using Java components, you must also configure the JRE for FIPS 140-2 mode. Search the Tivoli Netcool/OMNIbus Installation and Deployment Guide or the information center for "Configuring the JRE for FIPS 140-2 mode" for instructions. To configure SP800-131, add the following parameters to the fips.conf file: SP800_131MODE=TRUE TLS12_ONLY=TRUE SHA2_CERTIFICATES_ONLY=TRUE STRICT_CERTIFICATE_CHECK=TRUE These parameters have the following effects: SP800_131MODE: Enables TLS 1.2. For Java components, this setting also enables JSSE2 SP800-131 support, unless it is overridden by the STRICT_CERTIFICATE_CHECK parameter. TLS12_ONLY: Disables all protocols except TLS 1.2. Do not use this setting unless the SP800_131MODE parameter is also enabled. SHA2_CERTIFICATES_ONLY: Enables TLS 1.2 Signature and Hash Algorithm Restrictions. Only server certificates that meet the restrictions are accepted. This parameter has no effect on Java components unless the STRICT_CERTIFICATE_CHECK parameter is also set. STRICT_CERTIFICATE_CHECK: Enforces TLS 1.2 Signature and Hash Algorithm Restrictions on all certificates in the chain. Do not use this parameter unless the SP800_131MODE and SHA2_CERTIFICATES_ONLY parameters are also set. If Java components will be used this setting must not be used unless SP800_131MODE, TLS12_ONLY and SHA2_CERTIFICATES_ONLY are all set. If the SHA2_CERTIFICATES_ONLY or STRICT_CERTIFICATE_CHECK parameters are set, or if both are set, use the -size and -sig_alg options when you run the nc_gskcmd command-line utility to generate and sign certificates. For example, if you run nc_gskcmd with the "-cert -create" or the "-certreq -create" command-line options, also use "-size 2048 -sig_alg SHA512_WITH_RSA". If you run nc_gskcmd with the "-cert -sign" command-line options, also use "-sig_alg SHA512_WITH_RSA". |
| IV39389 | When the environment variable TZ is set to "localtime" on Solaris 11 servers, the local time zone cannot be detected correctly by Netcool/OMNIbus applications. This causes problems for some time-sensitive functions, such as the datetotime and timetodate functions used in rules file processing, and the to_char, to_time, and to_date SQL functions. This problem has been fixed. |
| IV33495 | When the ObjectServer MaxLogFileSize property is set to a value greater than 2 GB, the log file is not rotated but instead grows indefinitely. This problem has been fixed. |
| IV34550 | The SQL interactive interface on UNIX (nco_sql) did not prompt for a password when running SQL commands from a file and when the -nosecure option was also used. In the following example, no password prompt appears and the nco_sql connection fails: nco_sql -server NCOMS -user root -nosecure < sample.sql A new -input option has been added to nco_sql to allow the password prompt to appear, and the connection to succeed, when running SQL commands from a file using the -nosecure option. This option can also be used when the -nosecure option is not used, instead of the old file input syntax (< sample.sql). The new way to execute this command is: nco_sql -server NCOMS -user root -nosecure -input sample.sql |
| IV36482 | The UPGRADE.SH script that is used to manually migrate data from a previous Tivoli Netcool/OMNIbus installation is incorrect for zLinux. The architecture variable check is incorrectly set to linuxs390 instead of to linux2s390. This problem has been resolved. |
| IV37018 | A port scan by a Qualsys scanner can cause the ObjectServer to terminate. This problem has been fixed. |
| IV37451 | A deadlock can cause the ObjectServer to hang. This problem can occur if an array bound error occurs during a subselect in a FOR EACH ROW loop. This problem has been resolved. |
| IV35936 | Netcool MIB Manager is slow to populate the Device Association window after the Create Device button is clicked. This problem has been resolved. |
| IV37316 | For locales with multi-byte character sets, such as ja_JP.sjis, probe application names specified by the probe Name property are not populated in the ObjectServer. This problem has been fixed. |
| IV38671 | The GSKit component used by Tivoli Netcool/OMNIbus is upgraded to version 8.0.14.27. This is done to address a potential security problem that is fixed in this version of GSKit. |
| IV40456 | Resolution of RFE 31686: HTTP support library (libnhttpd) has a JSON configuration file (${OMNIHOME}/etc/libnhttpd.son) that allows a user to manage and change the response settings of the HTTP interface. From this configuration file a user can assign a MIME type to a given file extension. If a file of that type is served from the HTTP interface when file serving is enabled, the HTTP header "Content-Type" will be assigned the MIME type assigned to it in the configuration file. A user can also set in the configuration file a set of user defined HTTP headers that should always be returned in all HTTP response from the interface. It is also possible from this file to override some of the Cross-Origin Resource Sharing (CORS) standard HTTP headers such as "Access-Control-Allow-Headers" and "Access-Control-Expose-Headers" to enabled additional HTTP headers in the response, if required. |
| IV38627 | When enabled, the escalate_off, flash_not_ack, and mail_on_critical triggers must be members of the primary_only trigger group so that they execute only on the acting primary server in a failover configuration setup. For newly initiated servers, this problem has been resolved in nco_dbinit. For existing servers, if the three triggers are enabled, move them to the primary_only trigger group by connecting to the server and executing the following SQL commands: alter trigger escalate_off set group primary_only; alter trigger flash_not_ack set group primary_only; alter trigger mail_on_critical set group primary_only; go |
| IV37335 | The Netcool/OMNIbus Tivoli EIF and TSRM gateways can hang on start-up. This problem has been resolved. |
| IV39542 | The ObjectServer can terminate unexpectedly when multiple clients attempt to log on concurrently while it is starting up. The following message is written to log: OpenServer - Fatal Connect Error: 16382/15/0E-IPC005-001 mutex is already created This is caused by a timing window in the initialization code and does not occur after a log-on has completed. This problem has been resolved. |
| IV39993 | After updating the RawCapture property via the nco_http interface, the property gets updated, the .cap file is created, but no data is written to file. This problem has been resolved. |
| IV35914 | The nnm7 probe (nco_p_nnm7) core dumps. The core file analysis shows that the problem is due to NRCToString() in libnetcool. This problem has been resolved. |
| IV37676 | The JRE for Tivoli Netcool/OMNIbus V7.3.1 and V7.4.0 was updated to IBM JRE 6.0 SR13 FP1 to address possible security issues. |
| IV40655 | The RDF/XML response payload to either the Event, Journal or Detail query capability now provides the members resource reference list in a "Collection" resource instance, rather than within the "ResponseInfo" resource instance. This is required for compliance with version 2 of the OSLC core specification. This is now the default response representation as the previous one was in error. If the previous incorrect format is required for the provision of backward compatibility and a migration pathway to the corrected format set the ObjectServer property NRestOS.OSLCRDFMsgFormat to a string value of MIGRATION. This will result in the OSLC interface generating the members resource reference list n both the "ResponseInfo" resource and a "Collection" resource instance. This format provides both the old and new formats at the same time. It is recommended that the older format is migrated from as soon as possible as there is a performance cost in generating the migration message format. In addition to this format change, the URI parameter oslc.properties is now supported on resource and query URIs. |
| IV40873 | The ObjectServer can be configured to authenticate with LDAP servers. When a user logs into the ObjectServer, the current behaviour is to generate a distinguished name (DN) using a provided template and bind directly to the LDAP server. The bind validates the user's password. This APAR provides an LDAP Search option. It issues a query to the LDAP server to obtain the distinguished name. It uses the returned distinguished name to bind and validate the password. This provides more flexibility. For example, it enables the ObjectServer to authenticate users against users in multiple organisational units (OU) and allows the use of sAMAccountName on Microsoft Active Directory. LDAP search is configured and activated using the parameters 'LDAPSearchBase' and 'LDAPSearchFilter' in the ldap.props properties file. LDAPSearchBase specifies the base distinguished name that an LDAP search starts from. For example: LDAPSearchBase: "ou=Tivoli,ou=SWG,o=ibm" To specify that multiple DNs are searched, separate each DN with two semicolons (;;). LDAPSearchFilter specifies a filter for an LDAP search. For example: LDAPSearchFilter: "(cn=%s)" When a user logs in, the ObjectServer replaces the %s in LDAPSearchFilter with the User Name and issues a query to the LDAP server. The LDAP search function can be used to search on the sAMAccountName when connecting to Microsoft Active Directory. An example of a query for this is: LDAPSearchFilter: '(&(objectCategory=person)(objectClass=user)(sAMAccountName=%s))' Sample queries can be found in a new version of the $OMNIHOME/etc/ldap.props file applied by this APAR. If your original ldap.props was modified since installation, it will not be updated by this APAR. In this case, the new sample properties file is available in the $OMNIHOME/etc/default directory. See the following sections in the Information Center for a detailed explanation on configuring for LDAP Search. - Configuring Tivoli Netcool/OMNIbus to use LDAP for external authentication - LDAP properties - LDAP examples |
| IV41237 | Probes can crash when creating internal ProbeWatch events (such as ProbeWatch Heartbeat events if enabled). This problem has been resolved. |
| IV33104 | Netcool/OMNIbus v7.3.1 FP5 : LDAP does not authenticate when using SSL as expected on AIX 6.1. Problem has been fixed. |
| IV36066 | When executing an external procedure its executing correctly but in the PA log the following message appears: "Error: Failed to find the specified group 668 for process launch." This problem has been resolved. |
| IV43447 | In OMNIbus environments using ITNM and the Service Affecting Events (SAE), running the SAE triggers on the Display ObjectServer will result in any SAE events that were generated at the aggregation layer being deleted at the display layer. The sae trigger group should only be enabled at the Aggregation layer. |
| IV40305 | This APAR addresses internally identified defects against Netcool MIB Manager, including: The MIB Manager command-line option values for the -exportscope option have been changed to no longer contain spaces and no longer require quoting. The -filetype and -exportscope options are now compatible. The command line values for the -exportscope option have been changed to the following: ALL|TRAPS|OBJECTS. Launching the MIB Manager command line interface on Windows operating systems no longer opens a second terminal window. Logging has been fixed to ensure that all appropriate messages are logged to the MIB Manager log file when using the command line interface. Launching the MIB Manager command line interface without any options will output help information. Fixed a problem where MIB Manager would sometimes fail to display the OID Tree. Added syntax error checking for command line options mismatch. The logging level NONE was added to the -messagelevel description that is printed by the -help option. |
7.4.0.1
| Status | |
|---|---|
|
Fix release date: 03/22/2013 Last modified: 03/22/2013 Status: Superseded ****************************************************************** *Error(s) have been reported against this maintenance vehicle * that do not cause problems with existing function. * Please see APARs IV33104 and IV37335 for details. ****************************************************************** Download information |
| APAR | Description |
| IV25000 | The error message displayed when an unknown datatype is found gave insufficient information to the user. The message has been improved to provide a better explanantion of the problem. |
| IV27193 | The nco_pad command takes a long time to start OMNIbus on a SuSE 10 SP 4 system. This problem has been resolved. |
| IV32999 | Netcool/OMNIbus probes running on 64-bit operating systems failed to roll over to a new raw capture file when the maximum file size specified by the MaxRawFileSize property was reached. Only a single raw capture file was created, which continued to increase in size. This problem has now been fixed. |
| IV33728 | On Windows operating systems, the nco_probeeventfactory utility does not correctly process empty values, represented by double quotes (""), in name-value pairs. For example: C:\IBM\Tivoli\Netcool\omnibus\bin>nco_probeeventfactory -host localhost -port 6789 snmpreq=SNMPSET hostname="" oid="" type="" value="" community="" This problem has been resolved. |
| IV34522 | To enable dynamic file management, the ALTER FILE command has been added as a trigger action. |
| IV34523 | A SKIP directive has been added to the SELECT statement to specify how many rows to exclude from the result set. If an 'order by' clause is included in the SELECT statement, SKIP can be used to exclude rows with the lowest or highest values, depending on which 'order by' keyword (ASC or DESC) is used. If an 'order by' clause is not specified, rows are excluded in a non-deterministic manner. |
| IV34521 | When a probe sends a command to the ObjectServer, it is parsed by the probe parser. If the command is not supported by the probe parser, it is passed to the main ObjectServer parser. Previously, a Warning message was written to the log when this happened. Now, a Debug message is written to the log instead. |
| IV32015 | The log message that describes when UpTime is used to determine the master for bi-directional ObjectServer gateway resynchronization is misleading because of fixes applied for APARs IZ99164 and IV14474. The message has been corrected. |
| IV34580 | Any attempt to serve an empty file via the embedded light-weight HTTP server will no longer crash the process. A successful HTTP response will be returned with an empty payload. Files can only be fetched from the embedded light-weight HTTP server if it has been enabled in either the probe API (libOpl) or the ObjectServer. |
| IV34581 | The evolution of the event OSLC interface towards a future standard has resulted in the need for properties in the common resource type vocabulary (crtv) name space to be moved into the Netcool/OMNIbus Event Management OSLC vocabulary (oslcem) name space. For the purpose of migration away from the "crtv" properties to the "oslcem" properties, the OSLC interface hosted in the ObjectServer will provide and accept values for both name space properties. Any properties in the "crtv" name space will disappear in a future release, so it is recommended that the new name space properties are used as soon as migration is possible. The ObjectServer OSLC interface now ships with three different resource configuration files:- 1) resourcecfg_v100.cfg - This is the resource shape configuration file as shipped in the GA version of OMNIbus 7.4. 2) resourcecfg_v101.cfg - This is the new resource shape configuration file. All "crtv" properties have been moved to the "oslcem" name space. 3) resourcecfg_both.cfg - This is a migration resource shape configuration file. It defines an event shape that includes both the old "crtv" properties and the new "oslcem" properties. By default, the ObjectServer will use the migration "resourcecfg_both.json" shape configuration file. If you plan to stay with the older resource shape format then it would be best to use the "resourcecfg_v100.json" configuration file for reducing the cost of having duplicated property values. If all clients in the environment are using the new shape format, then it is recommended that the "resourcecfg_v101.json" configuration file is used to reduce the cost of duplicated property values. |
| IV32955 | When an external procedure is created where the executable will run on a host named 'localhost', the procedure can fail. The following error is logged by nco_pa:
Error: Request to start process |
| IV29746 | When obtaining rules files from an HTTP server, probes were sending an extra forward slash (/) in the HTTP GET command. This problem has been fixed. |
| IV32961 | The probe rules file engine now supports a "discarded" condition, to test whether the current alert being processed by the rules has been set as discarded or not. For example: if( discarded ) { # Alert is marked as discarded } else { # Alert is not discarded } |
| IV32894 | The InstallAnywhere configuration has been updated to include a new console mode panel that is triggered by the entry of an invalid path. When an invalid Fix Pack path is entered, the user is now prompted to enter a correct path. |
| IV34132 | A command-line interface was added to MIB Manager to allow the import of SNMP MIB files, and the generation of rules files and other supported formats, programmatically. More information about the supported command-line options can be found in the Tivoli Netcool/OMNIbus documentation. |
| IV33177 | A new property is provided that allows a user to specify an interval (in seconds) that a probe waits before flushing alerts to the ObjectServer. The property limits the time that alerts wait in the buffer when the buffer has yet to reach the size specified by the BufferSize property. The new property is BufferFlushInterval and the command line equivalent is '-bufferflushinterval'. A value of 0 disables the flush interval. The default value (if not set) is 0. To enable the new behavior, specify the following properties: Buffering: 1 Buffersize: a value greater than 0, that represents the maximum buffer size. BufferFlushInterval: a value greater than 0, that represents the maximum interval (in seconds) that an event can stay in the buffer before being flushed. The buffer interval function is available for all supported probes that reference to an ObjectServer libOpl library on a version that contains this APAR. It provides an equivalent function to the FlushBufferInterval property that is available on a number of individual probes. If both FlushBufferInterval and BufferFlushInterval are specified, a warning is output to the log and BufferFlushInterval is not enabled. Note to users of the socket probe (nco_p_socket): Do not use the new BufferFlushInterval property to control buffer timeouts. The socket probe contains a property called BufferTimer that provides the same functionality as the new BufferFlushInterval property. The BufferTimer property is enabled when buffering is turned on using the FlushBufferTimeout property and it cannot be disabled. If FlushBufferTimeout is specified on a socket probe, a warning message will be written to the log and the property setting will be ignored. |
| IV34141 | The French language TCR event report "Event Selection" contained a colon without a preceding space. This has been fixed. |
| IV35723 | Netcool MIB Manager can now handle Object Identifiers (OID) that have a mixed format of words and numbers, for example, "iso 3 6 1 4 1". |
| IV34244 | When using the nco_osreport utility to export data from an ObjectServer that contains INTEGER64 fields with values greater than 2,147,483,647, the export would fail with the message "Error on ObjectServer connection: JZ00B Numeric overflow". This problem has been fixed. |
| IV32957 | When a Netcool/OMNIbus client and server are both running in the same locale, such as UTF-8, a character set conversion multiplier is incorrectly applied to string data transmitted between components. This multiplier causes display problems in clients such as nco_sql, where column headers of result-set data are displayed as bigger than their actual size. This problem has been fixed. The fix ensures that no character set conversion multiplier is applied when both client and server are running in the same locale. |
| IV36058 | Probes connecting to an ObjectServer running in UTF-8 locale occasionally failed to connect. Probes would exit immediately and log the following error in the probe log file: "Error: E-UNK-000-000: Server verification failure. Failure Code=1013" This problem has been fixed. |
| IV35478 | Probes that run in circular store-and-forward mode should replay all events for the last 'RollSAFInterval' during failover to a backup ObjectServer. When the primary and backup ObjectServers are configured as a virtual pair, probes do not replay the events that were cached during the last 'RollSAFInterval' when the primary ObjectServer is failing over to the backup ObjectServer. This problem has been fixed. |
| IV36065 | When monitoring VMware ESXi 5 hosts via SNMP using the example configuration provided in the extensions directory, cold or warm starts might be displayed as generic traps rather than as ESXi host-specific traps. This fix pack includes a workaround for this problem. |
[{"Product":{"code":"SSSHTQ","label":"Tivoli Netcool\/OMNIbus"},"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Component":"Netcool\/OMNIbus","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"}],"Version":"7.4.0","Edition":"","Line of Business":{"code":"LOB45","label":"Automation"}}]
Was this topic helpful?
Document Information
Modified date:
17 June 2018
UID
swg27039851