Novell Sentinel Log Manager collects data from a wide variety of devices and applications, including intrusion detection systems, firewalls, operating systems, routers, Web servers, databases, switches, mainframes, and antivirus event sources. Novell Sentinel Log Manager provides high event rate processing, long-term data retention, regional data aggregation, and simple searching and reporting functionality for a broad range of applications and devices.
Sentinel Log Manager 1.2.0.1 can be used as a clean installer and also as an upgrade installer. The Sentinel Log Manager 1.2.0.1 upgrade installer can be used to upgrade Sentinel Log Manager 1.1 and later.
Sentinel Log Manager 1.2 and later supports the SUSE Linux Enterprise Server (SLES) 11 SP1 64-bit platform. The Sentinel Log Manager 1.2.0.1 upgrade installer is mainly intended to upgrade Sentinel Log Manager 1.1.0.x systems to work seamlessly with SLES 11 SP1.
Previous versions of Sentinel Log Manager (1.1.x) use the squashfs 3.4-35.1 version. Because SLES 11 SP1 supports squashfs 4.0 and later, Sentinel Log Manager 1.2 and later use the squashfs 4.0-1.2.10 version.
The following updates have been made to fix security vulnerability issues:
The Java Runtime Environment (JRE) has been upgraded to version 1.6.0.24.
Apache Tomcat has been upgraded to version 6.0.32.
Sentinel Log Manager 1.2.0.1 includes the latest software fixes and enhancements for an existing installation of Sentinel Log Manager 1.1.0.x and later. The set of new features and fixed defects depends on the version from which you upgrade. For example, if the system is running Sentinel Log Manager 1.1, the defect fixes from 1.1.0.1 are also applied as part of this upgrade.
For information on what’s new in Sentinel Log Manager 1.2, see the Novell Sentinel Log Manager 1.2 Release Notes.
For information on what’s new in Sentinel Log Manager 1.1.0.2, see the Novell Sentinel Log Manager 1.1.0.2 Release Notes.
For information on what’s new in Sentinel Log Manager 1.1.0.1, see the Novell Sentinel Log Manager 1.1.0.1 Release Notes.
Sentinel Log Manager 1.2 and later require the SLES 11 SP1 platform. Therefore, you must first ensure that the operating system is upgraded to SLES 11 SP1 before you install Sentinel Log Manager 1.2.0.1.
For detailed information on hardware requirements and supported operating systems, browsers, and event sources, see System Requirements
in the Sentinel Log Manager 1.2 Installation Guide.
To install Novell Sentinel Log Manager, see the Sentinel Log Manager 1.2 Installation Guide.
To upgrade Novell Sentinel Log Manager to the latest patch, see “Upgrading Sentinel Log Manager” in the Novell Sentinel Log Manager 1.2 Installation Guide.
The following table lists the defect numbers and the solutions provided for these defects in Sentinel Log Manager 1.2.0.1:
The following table lists the enhancements made in the 1.2.0.1 version to improve the functionality of Sentinel Log Manager:
bug Number |
Description |
---|---|
673993 |
The SMTP Integrator 6.1r2 has been included in this version of Sentinel Log Manager. |
673409 |
For better reports performance, the Jasper print object file (raw result file) is no longer bundled with the generated report results. This improves report generation time when the report contains a large number of events. |
679674 |
Sentinel Log Manager now supports overriding of server IP address. This enables you to configure the Sentinel Log Manager Web server to listen on a specific IP address on systems that have multiple IP addresses. For more information, see |
680881 |
Search response time has been improved by optimizing the search algorithm to do search in parallel across partitions. |
690797 |
To improve the search performance and to avoid searches that might not be relevant, enhancements have been made so that Sentinel Log Manager does not perform searches by default whenever a new search tab is initiated. This includes the following actions:
For these actions, the search results are not displayed by default unless you click the button. |
Bug Number |
Description |
---|---|
697069 |
Issue: In the Sentinel Log Manager 1.2.0.1 version, after you configure a networked storage and click to view the disk statistics, a message appears indicating an error reading disk statistics for networked storage capacity. Also, it takes a long time, up to 30 minutes, to display the disk statistics.Workaround: None. This is a one-time delay. After 30 minutes, the disk statistics are displayed as expected. |
696002 |
Issue: After Sentinel Log Manager is upgraded to the 1.2.0.1 version, the java.lang.NullPointerException is logged several times in the tomcat0.0.log file. Workaround: None. Although an exception is logged, Sentinel Log Manager works as expected. |
694750 |
Issue: After the appliance is upgraded to the 1.2.0.1 version, the and buttons in WebYaST do not work.Workaround: Switch to the Console mode and manually specify the reboot or shutdown command. |
693399 |
Issue: The upgrade does not proceed if symbolic links have been used for the following folders and subfolders:
Workaround: Remove symoblic links; that is, move these directories back to the standard installation directories. |
693408 |
Issue: A large data set in the raw_data_files_info table causes the system to slow down. Workaround: Create an index for the file_name column in the raw_data_files_info table so that the database does not take a long time to look up the raw data files: CREATE INDEX raw_data_files_info_index ON raw_data_files_info (file_name) TABLESPACE SENDATA1; |
693677 |
Issue: When you upgrade a Xen appliance to the 1.2.0.1 version, then attempt to restart the appliance to complete the upgrade procedure, the appliance does not restart. Workaround: After the upgrade is complete and before you restart the system, modify the .xenconfig file that is included in the installer file:
The appliance restarts successfully. While the appliance restarts, the version is displayed as SLM 1.1.0.0. However, after the restart is complete, the correct version is displayed. |
692031 |
Issue: Raw data files are not being deleted according to the specified data retention policies. Workaround: None. |
690561 |
Issue: The value in the TargetUserName event field is truncated if the value includes the “-” character. Workaround: Do not include characters such as “-” in the TargetUserName field. |
688080 |
Issue: Searching for any component such as Collector, Connector, and Event Source in the > > field does not return any result if the component name includes “-” in its name.Workaround: Do not include characters such as “-” in the component name. |
687385 |
Issue: Sentinel Log Manager installation fails if the dbauser password includes special characters such as “$”,” _”, and “!”. Workaround: Do not include special characters in the password. |
687809 |
Issue: The Data Restoration feature does not restore the networked storage data if the novell user ID (UID) and the group ID (GID) are not the same on both the source (server that has the networked storage data) and destination (server where the networked storage data is being restored). Workaround: Unsquash and squash the squash file system (index.sqfs):
|
694221 |
Issue: The backup and restore utility (backup_util.sh) does not restore or extract the networked storage partitions. Workaround: Copy the backed-up tar file to the networked storage location where you want to restore the backed-up data, then extract the tar file manually:
Use the Data Restoration feature to restore the extracted partitions. For more information, see |
659294 |
Issue: When you save a search query as a report, then run the report on both local and distributed servers, the report results page is blank and an unparsable date exception is logged in server0.0.log. If you export the report results to a CSV file, the date and time of the report are not readable because the field is in the UNIX time format. Workaround: While running a report, do not include both local and distributed systems simultaneously. NOTE:This issue is only for reports that are created from a search query. The default Sentinel Log Manager reports do not have this issue. |
693657 |
Issue: The free license key (25 EPS) is not added in the .primary key file when a license with a fixed time boundary is added during the custom installation. Workaround: The free license key is available in the /etc/opt/novell/sentinel_log_mgr/config/trial.license file:
|
687643 |
Issue: Reports that are scheduled to run once, run again a second time on the following day at the same time. Workaround: None. |
657701 |
Issue: After Sentinel Log Manager is upgraded to the 1.2.0.1 version, exceptions are logged in the server_wrapper.log. Workaround: Ignore the exception. Although exceptions are logged, the system works as expected. |
686240 |
Issue: The Search feature does not return appropriate results when a range search that includes double digits is performed on integer type fields such as xdasid. For example, if the search query is xdasid:[0 to 12], the query returns only events with an xdasid of 0 and 1 and does not return events with an xdasid ranging from 0 through 12. Workaround: Specify the integers in the search query. For example, to search for events with an xdasid ranging from 0 through 12, you can specify the query in either of the following ways:
|
681770 |
Issue: Sentinel Log Manager does not display the data retention policies if there is a large amount of data in the local storage. The du command runs for a longer time to find the disk usage and a message is displayed in the Web user interface indicating that refreshing retention policies failed. Workaround: Increase the timeout period so that Sentinel Log Manager does not time out before retrieving the disk usage space:
|
641545 |
Issue: In the Event Source Management user interface, when you import a plug-in, if you type the filename of the plug-in rather than clicking to select the plug-in, an error is displayed indicating that an invalid plug-in is selected for import. The error message pops up as you start typing the filename and continues to appear even after you click .Workaround: Use the button to select the plug-in rather than manually typing the filename of the plug-in. |
612872 |
Issue: The Help not Installed. > > option does not launch the Sentinel Log Manager documentation Web site and instead displays the errorWorkaround: To view the latest Sentinel Log Manager documentation, go to the Sentinel Log Manager 1.2 documentation Web site. |
630174 |
Issue: When you install additional Collector Managers, the installer prompts you to select the amount of RAM to allocate to the Sentinel server processes. However, the Collector Manager always uses 1.2 GB of RAM and does not consider the specified RAM. Workaround: Ignore the memory allocation settings and click to proceed with the installation. |
For a list of known issues in Sentinel Log Manager 1.2, see the Novell Sentinel Log Manager 1.2 Release Notes.
The updated documentation and release notes are available at the Sentinel Log Manager documentation site.
Novell, Inc. makes no representations or warranties with respect to the contents or use of this documentation, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, Novell, Inc. reserves the right to revise this publication and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes.
Further, Novell, Inc. makes no representations or warranties with respect to any software, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, Novell, Inc. reserves the right to make changes to any and all parts of Novell software, at any time, without any obligation to notify any person or entity of such changes.
Any products or technical information provided under this Agreement may be subject to U.S. export controls and the trade laws of other countries. You agree to comply with all export control regulations and to obtain any required licenses or classification to export, re-export, or import deliverable. You agree not to export or re-export to entities on the current U.S. export exclusion lists or to any embargoed or terrorist countries as specified in the U.S. export laws. You agree to not use deliverables for prohibited nuclear, missile, or chemical biological weaponry end uses. Please refer to the Novell International Trade Services Web page for more information on exporting Novell software. Novell assumes no responsibility for your failure to obtain any necessary export approvals.
Copyright © 2011 Novell, Inc. All rights reserved. No part of this publication may be reproduced, photocopied, stored on a retrieval system, or transmitted without the express written consent of the publisher.
For Novell trademarks, see the Novell Trademark and Service Mark list.
All third-party trademarks are the property of their respective owners.