|
NetIQ Change Guardian |
|
Version 4.2 |
|
Release Notes |
|
Date Published: December 2015 |
|
|
|
|
|
NetIQ Change
Guardian 4.2 improves usability and resolves several previous issues. Many of
these improvements were made in direct response to suggestions from our
customers. We thank you for your time and valuable input. We hope you
continue to help us ensure that our products meet all your needs. You can
post feedback in the Change Guardian forum in the NetIQ Communities, our online
community that also includes product information, blogs, and links to helpful
resources. The
documentation for this product is available on the NetIQ website in HTML and
PDF formats on a page that does not require you to log in. If you have
suggestions for documentation improvements, click comment on this topic
at the bottom of any page in the HTML version of the documentation posted at
the Change Guardian Documentation page. To download this
product, see the NetIQ Downloads website. To download patches for this
product, see the Patch Finder website. What's New?
The following
outline the key features and functions provided by this version, as well as
issues resolved in this release: Enhancements
New Agent Deployment Functionality
Change Guardian
4.2 includes a new Agent Manager in the Web console. The Agent Manager
provides one convenient location that allows you to install and update one or
more Windows agents on remote computers. Alert Notifications and Triage
Change Guardian
4.2 allows you to create, assign, receive, and investigate alert
notifications about any potential threats. Alerts notify you of what is most
important. For example, you can configure the system to generate an alert
when the same user violates the same policy a specified number of times on
the same asset within a specified time frame. Change Guardian automatically
associates the relevant events and identities with the alert to help you
determine the root cause of a potential threat. You can also
use the Alert dashboard, which provides an easy-to-configure, customizable
interface that helps you to view and investigate alerts in detail. For
example, you can find out the average time taken by owners to close alerts,
policy violations generating the maximum number of alerts, and average number
of consolidated alerts. If you are
upgrading from a previous version of Change Guardian, you must manually
enable alert notifications by installing the ChangeGuardianServerLicense42.html license key. To install
the license key, go to the NetIQ Customer Center, then click Software > Change
Guardian > Keys. Security Improvements
This release
includes updates to OpenSSL and Java to address security flaws. Also, agents
now use stronger authentication. As a result of these security improvements,
you will only be able to install new 4.2 agents after you upgrade your
server. You will not be able to install pre-4.2 agents. To preserve
backward compatibility with older agents in upgraded systems, the security
enhancements associated with the Bar Mitzvah vulnerability are not enabled by
default in the Change Guardian 4.2 release. If all of the agents in your
environment are version 4.2 (or newer), you can improve security by manually
disabling RC4 ciphers. This will be done by default in future Change Guardian
releases. For more information, see Bar Mitzvah
Vulnerability. Since future
releases of Change Guardian will include additional security improvements that
will break backward compatibility with older Windows agents, we strongly
recommend that you put a plan in place to ensure all Windows agents in your
environment are at least version 4.2. Terminology Changes for Resource Expansion
Change Guardian
4.2 changes the terminology related to resource expansion. These changes
improve the usability of the feature and the interface. The terminology
changes are as follows: ·
Resource
expansion is now LDAP settings ·
The
Resource Expansion window is now the LDAP Settings window New Policy Type for Monitoring Local Groups and Users for
Windows
Manually
monitoring for changes made by users that either escalate privileges or
perform malicious activity on a local computer can be time-consuming, and
much of the information might not be visible to users. Change Guardian 4.2
provides a new policy to monitor these types of changes, providing an easier
and more comprehensive way to monitor changes to local groups and users. New Policy Type for DNS Monitoring
Active Directory
relies heavily on DNS, so a misconfigured or poorly performing DNS
implementation can cause issues. Change Guardian 4.2 provides a new policy to
monitor changes in DNS settings, providing administrators with the
information they need to diagnose DNS issues that occur during an Active
Directory implementation. New License Usage Report
Change Guardian
4.2 provides a new License Usage report that provides details on the number
of active users in your environment. New Monitoring Capability for Active Directory
Change Guardian
4.2 provides new event types for policies related to Active Directory user
accounts. The new event types allow you to monitor logon and logoff events in
Active Directory. Enhanced Integration with Active Directory
Change Guardian
4.2 integrates seamlessly with Active Directory. When you create a new user
account in Active Directory, the Change Guardian server automatically
receives the user information. New Script to Restart All Change Guardian Services
Change Guardian
4.2 provides a new script that allows you to start, stop, and restart all
services. You can also use it to retrieve the status of the services. The
script uses the following syntax: /opt/netiq/cg/scripts/cg_services.sh {start|stop|restart|status} For example, to
restart all services, open a command prompt and type the following command: /opt/netiq/cg/scripts/cg_services.sh
restart
Increased System Requirements Due to New Services
In Change
Guardian 4.2, there are several new services to support the alert and agent
management functionality. Due to the increased workload, the system
requirements have increased. Depending on your current hardware
specifications, a hardware upgrade may be recommended. For more information,
see Planning for Change Guardian Server Installation in the User Guide for Change Guardian.
New Install Packages for Windows Agents and Policy Editor
To simplify
downloads from the Change
Guardian download site, the Change Guardian Server installion
package now includes the installation packages for the Windows agent and
Policy Editor. After you install the Change Guardian Server, you can access
the installation packages for the Windows agent and Policy Editor directly
from the Change Guardian Server. For more
information, see the following sections in the User Guide for Change Guardian: ·
Installing the Policy Editor ·
Installing the Windows Agent You can install
and uninstall the Windows agent and Policy Editor independently, with the
exception described in Policy Editor Computer Requirements. Software Fixes
Change Guardian
4.2 includes software fixes that resolve several previous issues. LDAP Settings Fail to Authenticate in Active Directory
with SSL
LDAP settings now
authenticate correctly in an Active Directory environment with SSL. (Bug
942436) Backup and Restore Function Does Not Work
The backup and
restore script has been updated and now works properly with all pre-4.2
features. For more information, see Backup and Restore
Utility Does Not Support New Features in 4.2. (Bug
941990) Some Options in the Change Guardian Web Console Do Not
Work
The Change
Guardian web console no longer displays disabled options related to features
that are only available with the Sentinel product. (Bug
941664) Change Guardian Web Console Does Not Work with Firefox 39
The Change
Guardian web console now works correctly with Firefox versions 39, 40, and
41. (Bug 937455) Windows Agents Running on Domain Controllers Stop
Unexpectedly
Windows agents
running on domain controllers no longer stop unexpectedly. (Bug
936467) Change Guardian Server Fails to Start and Displays Windows
Error Report
Events Do Not Forward to a Sentinel Server Configured as
an Additional Event Destination
Custom Reports in the Change Guardian Web Console Do Not
Display Delta Information
Custom Reports
in the Change Guardian web console now correctly display delta information. (Bug 918445) Agents Unable to Connect and Detect Heartbeat
Asset Monitoring Failures Report Contains Audit Flag
Errors
File Delta Does Not Display Big5-Encoded Characters
Correctly
The delta for
file integrity events now displays Big5-encoded characters correctly. (Bug
906775) Windows Start Menu Incorrectly Displays Change Guardian
Console
The Windows
Start Menu correctly displays Change Guardian Policy Editor instead of Change
Guardian Console. (906260) Logging into Policy Editor Fails when Policy Repository is
in All Caps
The Policy
Repository field on the Policy Editor logon screen is now case-insensitive. (Bug
945069) System Requirements
For detailed
information about hardware requirements and supported operating systems and
browsers, see the User Guide
for NetIQ Change Guardian. Known Issues
NetIQ
Corporation strives to ensure our products provide quality solutions for your
enterprise software needs. The following issues are currently being
researched. If you need further assistance with any issue, please contact Technical Support. ·
Cannot View Alerts
with IPv6 Data in Alert Views ·
Cannot Install Change Guardian Server as Non-root User ·
Issues with Upgrading Agents Out of Order ·
Upgrade Process Does Not Work with Custom Installation
Location ·
Upgrade Fails if You Renamed the .msi
Package for the Original Installation ·
Upgrading the Appliance from 4.0.x Removes Change Guardian
User Accounts ·
Upgrade Process Displays Wrong Version Number ·
Backup and Restore Utility Does Not Support New Features in
4.2 ·
Events Missing Delta and Diff Information After Upgrade ·
Manual Configuration Required to Use Registry Browser ·
Local Users in Administrator Group Cannot Deploy Agents to
Windows Computers ·
Issues with UNIX Agent Version 7.4 ·
Agents on Windows Server 2003 Computers Do Not Receive Tasks
When Expanding Users Containing {} ·
Option to Rerun Tasks from 'Failed Tasks' Does Not Work ·
Asset Tasks Remain 'In Progress' Indefinitely ·
Issues Monitoring DNS Configuration Changes ·
Issue Monitoring Local User and Groups Privilege Events ·
Internal Audit Events Go Only to Primary Event Destination in
FIPS Mode ·
Change Guardian Server Does Not Generate Asset Registration
Events in FIPS Mode ·
FIPS Mode Does Not Support Forwarding Events to Syslog Servers ·
Change Guardian Server Cannot Connect to Data Sources in FIPS
Mode ·
Enabling FIPS Mode Requires Restarting Services ·
Approved Assets Incorrectly Require Authentication ·
Deleting an Asset with Agent Manager Does Not Delete All
Components ·
Issue with Privileges for Local Users and Groups Prevents
Change Guardian from Generating an Event ·
Manually Uninstalling an Agent Does Not Remove the Agent's
Version Details from Agent Manager ·
Tips Table Search Does Not Return the Complete List of Alert
Fields in Upgraded Installations ·
New Incoming Alerts Incorrectly Appear to be Selected When You
Modify Existing Alerts ·
Change Guardian Web Console is Blank if the License is Expired ·
Change Guardian Cannot Retrieve Events Related to Users
Logging On or Off a Domain Controller ·
Active Directory Does Not Synchronize New User if the Account
Name is the Same as a Deleted User ·
Unsupported Event Routing Rules are Visible After Upgrading
from 4.0 ·
Default Database Service Port Must Be Used for Change
Guardian Server ·
Event Severity is Always Calculated Automatically for UNIX
Agent Events ·
VMware vSphere 5.5 Web Client Cannot Import OVF Templates ·
Modifications to System-Only Object Might Not Generate
Security Events ·
Missing Sections in 'Process was Terminated' Events ·
LDAP Settings Cannot Expand Group Members from Trusted
Domains ·
LDAP Settings Do Not Support Parentheses ·
'Demoted from DC' Events are Not Generated on Windows
Server 2003 ·
Microsoft Windows Server 2012 R2 + KB2887595 Can Cause
Instability on Domain Controller ·
Change Guardian for Windows Does Not Capture Some File Share
Settings ·
Migrating Locally Saved Policies is Not Supported ·
Active Directory Schema Events Might Display 'N/A' in
Before and After Fields ·
Reports Might Not Display Surrogate Characters Correctly ·
A Nessus Scan Results in Loss of Communication with Change
Guardian Server ·
Forwarded Events Might Contain Extra Characters ·
File Integrity Diff Data Might Be Truncated in Events
Forwarded to Syslog Servers ·
UNIX Agent Might Generate File Integrity Events without
Diff Data Cannot View Alerts with IPv6 Data
in Alert Views
Cannot Install Change Guardian
Server as Non-root User
The
installation process does not support installing the Change Guardian Server
as a non-root user. (Bug 948756) Issues with Upgrading Agents Out
of Order
The following
issues occur if you upgrade agents in the incorrect order: ·
If
an agent computer has both the agent and the Policy Editor installed,
upgrading to Change Guardian 4.2 removes the Policy Editor from the computer.
To avoid this, upgrade the Policy Editor first and then upgrade the agent. (Bug 936766) ·
If
you upgrade the Windows agent before you upgrade the Change Guardian Server,
the agent will not receive policy updates after the server upgrade. To enable
the agent to receive policy updates again, restart the Change Guardian
service on the agent machine. (ENG335193) Upgrade Process Does Not Work with
Custom Installation Location
If you
installed a previous version of Change Guardian in a custom location, a known
issue with the installation process prevents you from upgrading to version
4.2. To upgrade to version 4.2, contact Support for assistance. (Bug
946564) Upgrade Process Fails if You
Renamed the .msi
Package for the Original Installation
If you renamed
the .msi file when packaging the
program to silently install a previous version of Change Guardian, the
upgrade to the current release fails. During an upgrade, Microsoft Windows
looks for an original installation with the same identification as the .msi package for the
upgrade. For more information about this issue, see the Windows
Installer Team Blog. (ENG328889) Upgrading the
Appliance from 4.0.x Removes Change Guardian User Accounts
Upgrading the
Change Guardian appliance from 4.0 to 4.2 removes any previously created
Change Guardian user accounts. The "cgadmin"
account is recreated with its password set to a random value. After the
update, you will need to log on to the Change Guardian Web console using the
"admin" account to reset the password for the "cgadmin" account. You must recreate all other user
accounts. Upgrade Process Displays Wrong
Version Number
The upgrade
process incorrectly displays, "Upgrading to 7.3.1." (Bug
945259) Backup and Restore Utility Does
Not Support New Features in 4.2
The backup and
restore utility does not support the following new features in Change
Guardian 4.2: ·
Alert
Notifications and Triage ·
New
License Usage Report ·
New
Monitoring Capability for Active Directory ·
Enhanced
Integration with Active Directory ·
Agent
Manager The utility
continues to work correctly for all pre-4.2 features. (Bug
941990) Events Missing Delta and Diff
Information After Upgrade
Change Guardian
4.1 SP 1 included an architectural change related to delta and diff storage.
This change significantly improves the time required to retrieve delta and
diff information. If you are upgrading from Change Guardian 4.1 or before,
the delta and diff information for any pre-4.1 SP 1 events does not display
after the upgrade process is complete. You can use reports to retrieve the
delta and diff information for pre-4.1 SP 1 events. Change Guardian correctly
displays delta and diff information for any events generated after the
upgrade. (Bug 936002) Manual Configuration Required to
Use Registry Browser
To enable the
Registry Browser in Change Guardian, you must set the repositoryEnabled flag (under HKLM\Software\NetIQ\ChangeGuardianAgent\repositoryEnabled) to 1, and then restart the
agent. If you do not
manually set the flag to 1, when you use the
Registry Browser, you will receive a Could
not connect to Windows Data Source error. (Bug 945225) Local Users in Administrator Group
Cannot Deploy Agents to Windows Computers
With Microsoft
KB article 951016, Microsoft introduced a feature called UAC remote
restrictions, which removes the SID (security identifier) for the
Administrators group from the logon token for local non-Administrator user
accounts in the Administrators group. The actual Administrator account
remains unchanged. As a result, to deploy agents to Windows computers, you
must use the actual Administrator account or a domain account that has
administrator access to the computer. For more information, see https://support.microsoft.com/en-us/kb/951016.
(Bug 918180) Issues with UNIX Agent Version 7.4
The following
are known issues with version 7.4 of the UNIX agent: ·
If
the Change Guardian Server is running in FIPS mode, version 7.4 of the UNIX
agent cannot register with the Change Guardian Policy Repository. (Bug 948202) ·
When
you are creating a policy, if you browse to a UNIX agent that is version 7.4
or older, you will receive a Could not connect to UNIX Data Source error. You can avoid this error by manually
entering the file paths in the policy. To find the file paths, log on to the
UNIX or Linux computer you want to monitor, and then use the cd and ls commands. (Bug 953718) ·
If
you are using a version of the UNIX agent released prior to December 2015,
the Policy Name and Policy ID fields on UNIX events are blank. Functionality
that uses the information in these fields, such as alerts, does not work. (Bug 906274) Agents on Windows Server 2003
Computers Do Not Receive Tasks When Expanding Users Containing {}
If you
configure a policy to expand an Active Directory user that contains only the {} characters, and then assign the policy to an agent on a computer
running Windows Server 2003, Change Guardian assigns the policy successfully
but the task never arrives at the agent. (Bug 908543) Option to Rerun Tasks from 'Failed
Tasks' Does Not Work
Asset Tasks Remain 'In Progress'
Indefinitely
Issues Monitoring DNS
Configuration Changes
If you create a
policy to monitor for DNS Configuration Modified events, a limitation in
Microsoft Windows prevents the policy from retrieving information about the
users who performed the actions for which the policy is monitoring. As a
result, Change Guardian does not support the following options when
monitoring for DNS configuration changes: ·
Include
Only or Exclude Events (Bug 906981) ·
Managed
Events (Bug 906984) Issue Monitoring Local User and
Groups Privilege Events
If you create a
policy to monitor for Local User and Groups Privilege events, a limitation in
Microsoft Windows prevents the policy from retrieving information about the
users who performed the actions for which the policy is monitoring. (Bug
957980) Bar Mitzvah Vulnerability
To preserve
connectivity after you upgrade, and to support backward compatibility with
any pre-4.2 agents you have deployed, Change Guardian 4.2 uses the RC4
algorithm. As a result, Change Guardian might be vulnerable to the Bar
Mitzvah attack. To protect Change Guardian from the Bar Mitzvah attack, after
you upgrade all Change Guardian components to version 4.2, complete the
following steps: 1. Log in as the "novell"
user and open the /etc/opt/novell/sentinel/3rdparty/jetty/jetty-ssl.xml file. 2. Insert the following lines to the ExcludeCipherSuites list: <Item>SSL_RSA_WITH_RC4_128_SHA</Item> <Item>SSL_RSA_WITH_RC4_128_MD5</Item> 3. Open a command prompt and run the following
command: /opt/netiq/cg/scripts/cg_services.sh
restart
4. Restart the Change Guardian service on the Change
Guardian agent computer. (Bug
956196) Internal Audit Events Go Only to
Primary Event Destination in FIPS Mode
If you run
Change Guardian in FIPS mode, internal audit events go only to the primary
event destination. They do not go to any additional event destinations in
your environment. (Bug 956881) Change Guardian Server Does Not
Generate Asset Registration Events in FIPS Mode
If you are
running the Change Guardian Server in FIPS mode, Change Guardian does not
generate the following events: ·
Asset
Registered ·
Asset
Unregistered (Bug
945664) FIPS Mode Does Not Support
Forwarding Events to Syslog Servers
If you are
running the Change Guardian Server in FIPS mode, it does not forward any
events to Syslog servers in your environment. (Bug 956883) Change Guardian Server Cannot
Connect to Data Sources in FIPS Mode
Enabling FIPS Mode Requires
Restarting Services
Approved Assets Incorrectly
Require Authentication
Deleting an Asset with Agent
Manager Does Not Delete All Components
If you use
Agent Manager to delete an asset, Agent Manager does not delete the NetIQ
Change Guardian Agent component from the Installed Programs list in Windows.
To remove all asset components completely, uninstall the NetIQ Change
Guardian Agent component from the computer, and then use Agent Manager to
delete the asset from Change Guardian. (Bug 940340) Issue with Privileges for Local
Users and Groups Prevents Change Guardian from Generating an Event
If you delete a
privilege from a user, and it was the only privilege assigned to that user,
Change Guardian will not generate any events for that privilege. This is caused
by a known issue with the way Microsoft implements the removal of some
privileges for local users and groups. (Bug 957505) Manually Uninstalling an Agent
Does Not Remove the Agent's Version Details from Agent Manager
Tips Table Search Does Not Return
the Complete List of Alert Fields in Upgraded Installations
New Incoming Alerts Incorrectly
Appear to be Selected When You Modify Existing Alerts
Change Guardian Web Console is Blank if the License is Expired
Change Guardian Cannot Retrieve
Events Related to Users Logging On or Off a Domain Controller
Active Directory Does Not
Synchronize New User if the Account Name is the Same
as a Deleted User
Unsupported Event Routing Rules
are Visible After Upgrading from 4.0
The following
Event Routing rules are visible after you upgrade from Change Guardian 4.0: ·
Log
to File ·
Log
to Syslog ·
Send
Events via Sentinel Link ·
Send
SNMP Trap For assistance
removing these Event Routing Rules, contact Support. (DOC333152) Default Database Service Port Must
Be Used for Change Guardian Server
To successfully
install Change Guardian 4.2, you cannot modify the default Database Service
port. (ENG333165) Event Severity is Always
Calculated Automatically for UNIX Agent Events
Event Severity is always calculated
automatically for UNIX Agent events, including events generated by policies
configured with a custom severity. (DOC333969) VMware vSphere 5.5 Web Client
Cannot Import OVF Templates
Modifications to System-Only
Object Might Not Generate Security Events
Change Guardian
for Active Directory requires a security event to generate a Change Guardian
event. System-only object attributes in Active Directory cannot be modified
manually. They can only be modified internally by Active Directory.
Modifications to system-only attributes do not generate security events, so
Change Guardian is unaware of these changes and cannot track them or create
Change Guardian events. (ENG332134) Missing Sections
in 'Process was Terminated' Events
If you create a
process policy in Change Guardian for Windows that monitors an application
for Process was Terminated events, and the
monitored application is open before you assign the policy to the agent, when
the monitored application shuts down, the generated event does not contain
the Event Message and Who sections. To ensure that the generated event contains all
sections, turn off the application you want to monitor before assigning the
policy to the agent. After you assign the policy to the agent, start the
application again. (ENG332876) LDAP Settings
Cannot Expand Group Members from Trusted Domains
If you
configure LDAP settings for a group that contains members from a trusted
domain other than the domain to which the group belongs, Change Guardian
cannot expand the group members. (ENG331982) LDAP Settings Do
Not Support Parentheses
LDAP settings
do not work on Active Directory users or users of groups if the name
attribute contains open or close parentheses: ( ) (ENG331896) 'Demoted from
DC' Events are Not Generated on Windows Server 2003
If you
configure Change Guardian for Active Directory to monitor for Computer Demoted from DC events, and the demoted
computer is running Microsoft Windows Server 2003, a Computer Demoted from DC event is not generated.
(ENG332176) Change Guardian
for Active Directory Does Not Generate Some Events on Microsoft Windows
Server 2012 R2
If you run
Change Guardian for Active Directory on a computer with the Microsoft Windows
Server 2012 R2 operating system, Change Guardian for Active Directory does
not generate some events. If you install Windows Update KB2911106, Change
Guardian for Active Directory is able to generate all events except Active Directory Object was Renamed events. (ENG332396) Microsoft
Windows Server 2012 R2 + KB2887595 Can Cause Instability on Domain Controller
If your domain
controller runs Windows Server 2012 R2, ensure that you have installed the
most recent Windows updates. If the most recent Windows update you have
installed is KB2887595, the computer can become unstable when the following
are true: ·
Audit
Directory Service Changes is enabled in Active Directory ·
An
Active Directory object is renamed (ENG332396) Change Guardian
for Windows Does Not Capture Some File Share Settings
Change Guardian
for Windows does not capture modifications to the following types of share
settings: ·
Management
Properties ·
Quota (ENG326828) Migrating
Locally Saved Policies is Not Supported
Before you
upgrade the Policy Editor to the current version, ensure that you back up or
submit locally saved policies to the Change Guardian Policy Repository. If
you upgrade without backing up locally saved policies from version 4.0 or
version 4.0.1, you will lose those policies. (DOC331358) Active Directory Schema Events
Might Display 'N/A' in Before and After Fields
The Schema Attribute Modified and Schema Class Modified events from Active Directory do not
support Before and After fields, and display N/A. (ENG330960) Reports Might
Not Display Surrogate Characters Correctly
An issue with DevExpress prevents reports from displaying some
surrogate characters correctly. (ENG332580) A Nessus Scan
Results in Loss of Communication with Change Guardian Server
An issue with
proxy client connections causes Change Guardian to lose the connection with
the Change Guardian server when you run a Nessus scan. To work around
this issue, comment out the following section in the server.xml file: <obj-component id="ProxyService"> <class>esecurity.ccs.comp.clientproxy.ClientProxyService</class> <property name="clientports">ssl:${clientproxyservice.port.client}</property> <property name="certclientports">ssl:${clientproxyservice.port.certclient}</property> <property name="keystore">${esecurity.config.home}/config/.proxyServerKeystore</property> <property name="certificateAlias">SentinelProxyServer</property> </obj-component>
(ENG334480,
ENG334500) Forwarded Events Might Contain Extra Characters
When you use the Syslog
Dispatcher to forward events in Change Guardian, event attributes might
contain additional backslash (\) characters to escape the following
characters: \, =, and |. These extra characters
are necessary to allow the event to conform to the Common Event Format (CEF)
specification. To remove them, parse the events with a CEF parser. (ENG334907) File Integrity Diff Data Might Be
Truncated in Events Forwarded to Syslog Servers
If you configure the
Change Guardian Server to forward File Integrity events to a Syslog Server,
and then you modify a monitored file, the diff data in the forwarded event
might be truncated if the diff data size is greater than 1 KB. The forwarded
event provides a URL that allows you to view the full event and the complete
file diff data in the Change Guardian Web console. (ENG335411) UNIX Agent Might Generate File Integrity
Events without Diff Data
If a UNIX agent monitors
for File Integrity changes, and a user modifies a monitored file, if the
amount of modified data is larger than 1 KB, the generated event does not
contain diff data. (ENG335309) Contact Information
Our goal is to provide
documentation that meets your needs. If you have suggestions for
improvements, please email Documentation-Feedback@netiq.com.
We value your input and look forward to hearing from you. For detailed contact
information, see the Support Contact Information website. For general corporate
and product information, see the NetIQ
Corporate website. For interactive
conversations with your peers and NetIQ experts, become an active member of
our community.
The NetIQ online community provides product information, useful links to
helpful resources, blogs, and social media channels. Legal Notice
THIS DOCUMENT AND THE
SOFTWARE DESCRIBED IN THIS DOCUMENT ARE FURNISHED UNDER AND ARE SUBJECT TO
THE TERMS OF A LICENSE AGREEMENT OR A NON-DISCLOSURE AGREEMENT. EXCEPT AS
EXPRESSLY SET FORTH IN SUCH LICENSE AGREEMENT OR NON-DISCLOSURE AGREEMENT,
NETIQ CORPORATION PROVIDES THIS DOCUMENT AND THE SOFTWARE DESCRIBED IN THIS
DOCUMENT "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR
IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. SOME STATES DO NOT ALLOW
DISCLAIMERS OF EXPRESS OR IMPLIED WARRANTIES IN CERTAIN TRANSACTIONS;
THEREFORE, THIS STATEMENT MAY NOT APPLY TO YOU. For purposes of clarity,
any module, adapter or other similar material ("Module") is
licensed under the terms and conditions of the End User License Agreement for
the applicable version of the NetIQ product or software to which it relates
or interoperates with, and by accessing, copying or using a Module you agree
to be bound by such terms. If you do not agree to the terms of the End User
License Agreement you are not authorized to use, access or copy a Module and
you must destroy all copies of the Module and contact NetIQ for further
instructions. This document and the
software described in this document may not be lent, sold, or given away
without the prior written permission of NetIQ Corporation, except as
otherwise permitted by law. Except as expressly set forth in such license
agreement or non-disclosure agreement, no part of this document or the
software described in this document may be reproduced, stored in a retrieval
system, or transmitted in any form or by any means, electronic, mechanical,
or otherwise, without the prior written consent of NetIQ Corporation. Some
companies, names, and data in this document are used for illustration
purposes and may not represent real companies, individuals, or data. This document could
include technical inaccuracies or typographical errors. Changes are
periodically made to the information herein. These changes may be
incorporated in new editions of this document. NetIQ Corporation may make
improvements in or changes to the software described in this document at any
time. U.S. Government
Restricted Rights: If the software and documentation are being acquired by or
on behalf of the U.S. Government or by a U.S. Government prime contractor or
subcontractor (at any tier), in accordance with 48 C.F.R. 227.7202-4 (for
Department of Defense (DOD) acquisitions) and 48 C.F.R. 2.101 and 12.212 (for
non-DOD acquisitions), the government's rights in the software and
documentation, including its rights to use, modify, reproduce, release,
perform, display or disclose the software or documentation, will be subject
in all respects to the commercial license rights and restrictions provided in
the license agreement. © 2015 NetIQ
Corporation. All Rights Reserved. For information about
NetIQ trademarks, see http://www.netiq.com/company/legal/. |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||