Sentinel Log Manager collects data from a wide variety of devices and applications, including intrusion detection systems, firewalls, operating systems, routers, Web servers, databases, switches, mainframes, and antivirus event sources. Sentinel Log Manager provides high event rate processing, long-term data retention, regional data aggregation, and simple searching and reporting functionality for a broad range of applications and devices.
Sentinel Log Manager 1.2.2 provides several enhancements and resolves specific previous issues. This document outlines why you should install this service pack.
Many of these improvements were made in direct response to suggestions from our customers. We thank you for your time and valuable inputs. We hope you continue to help us ensure our products meet all your needs. You can post feedback in the Sentinel Community Support Forums, our community Web site that also includes product notifications, blogs, and product user groups.
Sentinel Log Manager 1.2.2 can only be used for upgrade installations. You can upgrade to Sentinel Log Manager 1.2.2 from Sentinel Log Manager 1.2 or later.
The following sections outline the enhancements provided and the issues resolved in this service pack:
The upgrade installation of Sentinel Log Manager 1.2.2 updates the Syslog Integrator to version 2011.1r1, which includes significant performance improvements.
This service pack includes the following enhancements:
This service pack improves the Sentinel Log Manager system performance in the areas of Searching and Reporting.
Sentinel Log Manager no longer includes the Collector Packs for Collector plug-ins. The Collector pack reports included hard-coded device-specific filters, which had limited options to customize these reports. These reports are now labeled as deprecated in Sentinel Log Manager. Instead, you can use similar reports available in the Sentinel Core Solution Pack, which allows you to use a base report with a wide range of user specified filters at run-time, including the device-specific filters. For more information about Sentinel Core Solution Pack, see the Solution Pack documentation on the Sentinel Plug-ins Web site.
Sentinel Log Manager 1.2.2 now includes the Java 7 update 55, which includes fixes for several security vulnerabilities. Also, Sentinel Log Manager 1.2.2 supports client computers installed with Java 7 update 55.
Sentinel Log Manager 1.2.2 provides software fixes for the following issues:
Issue: Event Source Management (ESM) does not launch on client computers that have Java 7 Update 45 installed. (BUG 847156)
Fix: ESM now launches on client computers that have Java 7 Update 45 installed.
Issue: When the disk space is full, Sentinel Log Manager deletes the license key. Users are unable to log in to the Web console. (BUG 821015)
Fix: Sentinel Log Manager no longer deletes the license key when the disk space is full.
Issue: Sentinel Log Manager displays the Java exception java.io.FileNotFoundException while exporting query results. (BUG 834486)
Fix: Sentinel Log Manager now exports the query results successfully and no longer displays an exception.
You can upgrade to Sentinel Log Manager 1.2.2 from Sentinel Log Manager 1.2 or later.
Sentinel Log Manager 1.2.2 requires the SUSE Linux Enterprise Server 11 Service Pack 3 (64-bit). Therefore, you must first ensure that the operating system is upgraded to SLES 11 Service Pack 3 before you upgrade to Sentinel Log Manager 1.2.2.
For more information about system requirements, see System Requirements
in the Sentinel Log Manager 1.2 Installation Guide.
To upgrade to Sentinel Log Manager 1.2.2, see “Upgrading Sentinel Log Manager” in the Sentinel Log Manager 1.2.2 Installation Guide. After performing the upgrade procedure, restart the Sentinel Log Manager server to apply updates for SLES 11 Service Pack 3.
IMPORTANT:
To upgrade to remote Collector Manager 1.2.2, you must first install remote Collector Manager 1.2.1 and then upgrade to remote Collector Manager 1.2.2. For more information, see Section 4.4, Sentinel Log Manager 1.2.2 Does Not Include the Remote Collector Manager 1.2.2 Fresh Installer.
If you are upgrading Sentinel Log Manager appliance on an operating system prior to SLES 11 SP3, you must upgrade the appliance by using the zypper command line utility because user interaction is required to complete the upgrade. WebYaST is not capable of facilitating the required user interaction. For information about using zypper to upgrade the appliance, see “Upgrading the Appliance by Using zypper” in the Sentinel Log Manager 1.2.2 Installation Guide.
NetIQ Corporation strives to ensure our products provide quality solutions for your enterprise software needs. The following issues are currently being researched. If you need further assistance with any issue, please contact Technical Support.
For the list of known issues in the supported SLES 11 Service Pack, see the SUSE Release Notes.
For the list of known issues in previous releases, see the Sentinel Log Manager 1.2.1 Documentation Web site.
Issue: If there are multiple IP addresses available, Sentinel Log Manager selects one of the IP addresses as default. If you manually change the default IP address in the configuration.xml file, after restart, Sentinel Log Manager reverts it to the default IP address. (BUG 848148)
Workaround: To set the default IP address:
Create the /etc/opt/novell/sentinel_log_mgr/config/start_tomcat.properties file.
Add the following parameter in the start_tomcat.properties file:
SERVER_IP= IP_address
Restart the Sentinel Log Manager.
Issue: Sentinel Log Manager Web console does not launch successfully in Internet Explorer version 9 and 10 and displays as blank. (BUG 785504)
Workaround: To launch the Sentinel Log Manager Web console on Internet Explorer version 9 and 10:
In the Internet Explorer, Press F12 to view the Developer tools.
Click Document Mode.
Select Internet Explorer 8 standards.
Issue: Sentinel Log Manager does not connect to applications that use encryption keys of size less than 1024 bytes. Sentinel Log Manager rejects the connection to such applications and displays an exception. For more information about this issue, see TID 7014219 in the NetIQ Support Knowledge Base. (BUG 853895)
Workaround: Perform either of the following to allow applications that use weak encryption keys to connect with Sentinel Log Manager:
(Recommended) Update the application certificate to use encryption keys of size 1024 bytes or more.
In the java.security file, delete the following restriction:
RSA keySize < 1024
NOTE:Ensure that you perform this workaround after every upgrade of Sentinel Log Manager because the new installation replaces the modified java.security file.
Issue: Sentinel Log Manager 1.2.2 includes only the remote Collector Manager 1.2.2 upgrade installer. (BUG 854442)
Workaround: To install the remote Collector Manager 1.2.2:
(Conditional) If you have remote Collector Manager 1.2.1 installed, download the remote Collector Manager 1.2.2 upgrade installer from the Sentinel Log Manager Web console and upgrade to version 1.2.2.
(Conditional) If you do not have remote Collector Manager 1.2.1 installed, perform the following steps:
Download and install remote Collector Manager 1.2.1 from the Sentinel Log Manager Web console.
Download the remote Collector Manager 1.2.2 upgrade installer from the Sentinel Log Manager Web console and upgrade to version 1.2.2.
Issue: When you install solution packs in Sentinel Log Manager, Sentinel Log Manager logs the nullpointer exception and the PSQL exception in the server logs. (BUG 852813)
Workaround: Ignore the exceptions. The logged exceptions do not impact the installation of the solution packs or any functionality in Sentinel Log Manager.
Issue: If you reject the license agreement while upgrading the remote collector manager from version 1.2.1 to 1.2.2. The subsequent attempts to upgrade remote collector manager do not work and display an error. (BUG 885375)
Workaround: To upgrade remote collector manager to version 1.2.2 successfully, delete the /opt/novell/sentinel6/.version_history_bak_1.2.2.0 file.
Issue: In a Windows computer, when you uninstall remote collector manager version 1.2.2 by using the control panel, the computer displays the error “No Java Runtime Environment (JRE) was found on this system”. (BUG 885373)
Workaround: In the error message dialog box, click OK. Browse to the JRE/bin/ folder in the remote collector manager installation folder, and select java.exe. The uninstall process completes successfully.
Issue: In a Linux machine, after you upgrade Suse Linux Enterprise Server 11 SP2 to SP3, remote collector manager 1.2.2 service cannot be found.(BUG 881461)
Workaround: To ensure the remote collector manager 1.2.2 service works properly:
In the console, log in as a root user.
Navigate to the /etc directory and copy the modified profile file (profile.rpmsave) to the profile file (profile).
cd /etc
cp profile.rpmsave profile
Navigate to the folder where you installed the remote collector manager, back up the configuration.properties file, and copy the modified configuration.properties (configuration.000) file to the configuration.properties file. For example:
cd /opt/novell/sentinel6/config
mv configuration.properties configuration.properties_bkp
mv configuration.000 configuration.properties
Navigate to the bin folder in the remote collector manager installation folder, back up the setenv.sh file, and copy the modified setenv.sh file (setenv.000) to setenv.sh file
cd /opt/novell/sentinel6/bin
mv setenv.sh setenv.sh_bkp mv setenv.000 setenv.sh
(Conditional) If the user ownership while copying the files is not set to esecadm:esec, change the user ownership to esecadm:esec:
chown esecadm:esec /opt/novell/sentinel6/config/configuration.properties
chown esecadm:esec /opt/novell/sentinel6/bin/setenv.sh
Start Sentinel by using the following command:
/etc/init.d/sentinel start
To verify the Sentinel status, execute the following command:
/etc/init.d/sentinel status
Our goal is to provide documentation that meets your needs. If you have suggestions for improvements, please email Documentation-Feedback@netiq.com. We value your input and look forward to hearing from you.
For detailed contact information, see the Support Contact Information Web site.
For general corporate and product information, see the NetIQ Corporate Web site.
For interactive conversations with your peers and NetIQ experts, become an active member of Qmunity, our community Web site that offers product forums, product notifications, blogs, and product user groups.
NetIQ Sentinel is protected by United States Patent No(s): 05829001.
THIS DOCUMENT AND THE SOFTWARE DESCRIBED IN THIS DOCUMENT ARE FURNISHED UNDER AND ARE SUBJECT TO THE TERMS OF A LICENSE AGREEMENT OR A NON-DISCLOSURE AGREEMENT. EXCEPT AS EXPRESSLY SET FORTH IN SUCH LICENSE AGREEMENT OR NON-DISCLOSURE AGREEMENT, NETIQ CORPORATION PROVIDES THIS DOCUMENT AND THE SOFTWARE DESCRIBED IN THIS DOCUMENT "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. SOME STATES DO NOT ALLOW DISCLAIMERS OF EXPRESS OR IMPLIED WARRANTIES IN CERTAIN TRANSACTIONS; THEREFORE, THIS STATEMENT MAY NOT APPLY TO YOU.
For purposes of clarity, any module, adapter or other similar material ("Module") is licensed under the terms and conditions of the End User License Agreement for the applicable version of the NetIQ product or software to which it relates or interoperates with, and by accessing, copying or using a Module you agree to be bound by such terms. If you do not agree to the terms of the End User License Agreement you are not authorized to use, access or copy a Module and you must destroy all copies of the Module and contact NetIQ for further instructions.
This document and the software described in this document may not be lent, sold, or given away without the prior written permission of NetIQ Corporation, except as otherwise permitted by law. Except as expressly set forth in such license agreement or non-disclosure agreement, no part of this document or the software described in this document may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, or otherwise, without the prior written consent of NetIQ Corporation. Some companies, names, and data in this document are used for illustration purposes and may not represent real companies, individuals, or data.
This document could include technical inaccuracies or typographical errors. Changes are periodically made to the information herein. These changes may be incorporated in new editions of this document. NetIQ Corporation may make improvements in or changes to the software described in this document at any time.
U.S. Government Restricted Rights: If the software and documentation are being acquired by or on behalf of the U.S. Government or by a U.S. Government prime contractor or subcontractor (at any tier), in accordance with 48 C.F.R. 227.7202-4 (for Department of Defense (DOD) acquisitions) and 48 C.F.R. 2.101 and 12.212 (for non-DOD acquisitions), the government's rights in the software and documentation, including its rights to use, modify, reproduce, release, perform, display or disclose the software or documentation, will be subject in all respects to the commercial license rights and restrictions provided in the license agreement.
© 2014 NetIQ Corporation. All Rights Reserved.
For information about NetIQ trademarks, see http://www.netiq.com/company/legal/.