ESM 5.6 provides updates to Oracle, Red Hat Linux, and CentOS support. It addresses the POODLE vulnerability and fixes issues in ESM 5.5. This release also includes updates to geographical information and vulnerability mappings from July 2015. Usage notes cover Forwarding Connector version, browser requirements, and an Oracle Enterprise Manager issue. The release notes describe fixed issues and list several open issues remaining in areas like Analytics, the ArcSight Console, and the ArcSight Database.
A- LES CONCEPTS
Comprehension du bim.
Travailler dans différentes vues.
Classement et hierarchie des éléments dans Revit.
B-L'ENVIRONNEMENT DE TRAVAIL
Page des fichiers rescents et grand R.
Le ruban.
Fenêtre des propriétés.
Explorateur du projet.
Navigation dans un modèle.(zoom, rotation et panoramique).
Selection des objets, et verouillage.
C-DEMARRAGE D'UN PROJET.
Les gabarits.
Travail collaboratif.
Configuration d'un nouveau projet.
Manipulation des niveaux.
Manipulation des files de projet.
Utilisation des cotes temporaires.
C- MODELISATION PAR OBJETS:
Ajout des murs.
Propriété et type de murs.
Utilisation des accroches.
Ajouts de poteaux et poutres.
Ajout de portes et fenêtres.
Ajout d'élements de plomberie et d'électricité.
Utilisation de la jonction entre murs.
Utilisation des contraintes.
D- LIENS, IMPORTS ET GROUPES:
Lier fichiers DWG/DXF/SKP
Création de topogrpahie d'un site à partir d'un fichier.
Création et gestion des groupes.
Création et gestion des liens Revit.
Utilisation du partage d'emplacement.
E- MODELISATION PAR ESQUISSE:
Sols., toits et plafonds.
Toit par extrusion.
Ouvertures.
F-ESCALIERS.
Edition avancée d'escalier.
Edition avancée de gardes corps.
G- EDITION AVANCEE DES MURS:
Création d'un nouveau type de murs..
Création et gestion des murs empilés.
Création et gestion des murs rideaux.
.
H- GESTION DES GRAPHISMES:
Gestion du style des objets.
Gestion du remplacement de la visibilité et du graphisme des éléments.
Création et application des gabarits de vue.
Cacher et isoler les éléments.
Cadrage de la vue.
Plage de vue et entendues.
Vue isométrique d'une selection.
Option d'affichage des graphismes.
I- PIECES:
Création et gestion des pièces.
J- NOMENCLATURE ET ETIQUETTES:
Gestion des étiquettes.
Création et gestion des nomenclatures.
Modification des nomenclatures.
Enrichissement des VCCTP par les nomenclatures.
K-ANNOTATIONS.
Textes.
Dimensions
Symboles.
Légendes.
Détails.
Définir ses annotations.
L- PARAMETRIQUE ET FAMILLES
Utilisation des paramètres en mode projet.
Concept de famille.
Création d'une famille.
Utilisation des contraintes.
Utilisation des formes solides.
M- FEUILLE, IMPRESSION, PUBLICATION:
Création d'une feuille d'impression.
Export CAO.
Publication.
Impression PDF.
N- TRUCS ET ASTUCES.
A découvrir en formation.
Globus Connect Server Deep Dive - GlobusWorld 2024Globus
We explore the Globus Connect Server (GCS) architecture and experiment with advanced configuration options and use cases. This content is targeted at system administrators who are familiar with GCS and currently operate—or are planning to operate—broader deployments at their institution.
Quarkus Hidden and Forbidden ExtensionsMax Andersen
Quarkus has a vast extension ecosystem and is known for its subsonic and subatomic feature set. Some of these features are not as well known, and some extensions are less talked about, but that does not make them less interesting - quite the opposite.
Come join this talk to see some tips and tricks for using Quarkus and some of the lesser known features, extensions and development techniques.
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...Globus
The Earth System Grid Federation (ESGF) is a global network of data servers that archives and distributes the planet’s largest collection of Earth system model output for thousands of climate and environmental scientists worldwide. Many of these petabyte-scale data archives are located in proximity to large high-performance computing (HPC) or cloud computing resources, but the primary workflow for data users consists of transferring data, and applying computations on a different system. As a part of the ESGF 2.0 US project (funded by the United States Department of Energy Office of Science), we developed pre-defined data workflows, which can be run on-demand, capable of applying many data reduction and data analysis to the large ESGF data archives, transferring only the resultant analysis (ex. visualizations, smaller data files). In this talk, we will showcase a few of these workflows, highlighting how Globus Flows can be used for petabyte-scale climate analysis.
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...Globus
Large Language Models (LLMs) are currently the center of attention in the tech world, particularly for their potential to advance research. In this presentation, we'll explore a straightforward and effective method for quickly initiating inference runs on supercomputers using the vLLM tool with Globus Compute, specifically on the Polaris system at ALCF. We'll begin by briefly discussing the popularity and applications of LLMs in various fields. Following this, we will introduce the vLLM tool, and explain how it integrates with Globus Compute to efficiently manage LLM operations on Polaris. Attendees will learn the practical aspects of setting up and remotely triggering LLMs from local machines, focusing on ease of use and efficiency. This talk is ideal for researchers and practitioners looking to leverage the power of LLMs in their work, offering a clear guide to harnessing supercomputing resources for quick and effective LLM inference.
Into the Box Keynote Day 2: Unveiling amazing updates and announcements for modern CFML developers! Get ready for exciting releases and updates on Ortus tools and products. Stay tuned for cutting-edge innovations designed to boost your productivity.
AI Pilot Review: The World’s First Virtual Assistant Marketing SuiteGoogle
AI Pilot Review: The World’s First Virtual Assistant Marketing Suite
👉👉 Click Here To Get More Info 👇👇
https://sumonreview.com/ai-pilot-review/
AI Pilot Review: Key Features
✅Deploy AI expert bots in Any Niche With Just A Click
✅With one keyword, generate complete funnels, websites, landing pages, and more.
✅More than 85 AI features are included in the AI pilot.
✅No setup or configuration; use your voice (like Siri) to do whatever you want.
✅You Can Use AI Pilot To Create your version of AI Pilot And Charge People For It…
✅ZERO Manual Work With AI Pilot. Never write, Design, Or Code Again.
✅ZERO Limits On Features Or Usages
✅Use Our AI-powered Traffic To Get Hundreds Of Customers
✅No Complicated Setup: Get Up And Running In 2 Minutes
✅99.99% Up-Time Guaranteed
✅30 Days Money-Back Guarantee
✅ZERO Upfront Cost
See My Other Reviews Article:
(1) TubeTrivia AI Review: https://sumonreview.com/tubetrivia-ai-review
(2) SocioWave Review: https://sumonreview.com/sociowave-review
(3) AI Partner & Profit Review: https://sumonreview.com/ai-partner-profit-review
(4) AI Ebook Suite Review: https://sumonreview.com/ai-ebook-suite-review
Enterprise Resource Planning System includes various modules that reduce any business's workload. Additionally, it organizes the workflows, which drives towards enhancing productivity. Here are a detailed explanation of the ERP modules. Going through the points will help you understand how the software is changing the work dynamics.
To know more details here: https://blogs.nyggs.com/nyggs/enterprise-resource-planning-erp-system-modules/
Globus Compute wth IRI Workflows - GlobusWorld 2024Globus
As part of the DOE Integrated Research Infrastructure (IRI) program, NERSC at Lawrence Berkeley National Lab and ALCF at Argonne National Lab are working closely with General Atomics on accelerating the computing requirements of the DIII-D experiment. As part of the work the team is investigating ways to speedup the time to solution for many different parts of the DIII-D workflow including how they run jobs on HPC systems. One of these routes is looking at Globus Compute as a way to replace the current method for managing tasks and we describe a brief proof of concept showing how Globus Compute could help to schedule jobs and be a tool to connect compute at different facilities.
Prosigns: Transforming Business with Tailored Technology SolutionsProsigns
Unlocking Business Potential: Tailored Technology Solutions by Prosigns
Discover how Prosigns, a leading technology solutions provider, partners with businesses to drive innovation and success. Our presentation showcases our comprehensive range of services, including custom software development, web and mobile app development, AI & ML solutions, blockchain integration, DevOps services, and Microsoft Dynamics 365 support.
Custom Software Development: Prosigns specializes in creating bespoke software solutions that cater to your unique business needs. Our team of experts works closely with you to understand your requirements and deliver tailor-made software that enhances efficiency and drives growth.
Web and Mobile App Development: From responsive websites to intuitive mobile applications, Prosigns develops cutting-edge solutions that engage users and deliver seamless experiences across devices.
AI & ML Solutions: Harnessing the power of Artificial Intelligence and Machine Learning, Prosigns provides smart solutions that automate processes, provide valuable insights, and drive informed decision-making.
Blockchain Integration: Prosigns offers comprehensive blockchain solutions, including development, integration, and consulting services, enabling businesses to leverage blockchain technology for enhanced security, transparency, and efficiency.
DevOps Services: Prosigns' DevOps services streamline development and operations processes, ensuring faster and more reliable software delivery through automation and continuous integration.
Microsoft Dynamics 365 Support: Prosigns provides comprehensive support and maintenance services for Microsoft Dynamics 365, ensuring your system is always up-to-date, secure, and running smoothly.
Learn how our collaborative approach and dedication to excellence help businesses achieve their goals and stay ahead in today's digital landscape. From concept to deployment, Prosigns is your trusted partner for transforming ideas into reality and unlocking the full potential of your business.
Join us on a journey of innovation and growth. Let's partner for success with Prosigns.
top nidhi software solution freedownloadvrstrong314
This presentation emphasizes the importance of data security and legal compliance for Nidhi companies in India. It highlights how online Nidhi software solutions, like Vector Nidhi Software, offer advanced features tailored to these needs. Key aspects include encryption, access controls, and audit trails to ensure data security. The software complies with regulatory guidelines from the MCA and RBI and adheres to Nidhi Rules, 2014. With customizable, user-friendly interfaces and real-time features, these Nidhi software solutions enhance efficiency, support growth, and provide exceptional member services. The presentation concludes with contact information for further inquiries.
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoamtakuyayamamoto1800
In this slide, we show the simulation example and the way to compile this solver.
In this solver, the Helmholtz equation can be solved by helmholtzFoam. Also, the Helmholtz equation with uniformly dispersed bubbles can be simulated by helmholtzBubbleFoam.
Code reviews are vital for ensuring good code quality. They serve as one of our last lines of defense against bugs and subpar code reaching production.
Yet, they often turn into annoying tasks riddled with frustration, hostility, unclear feedback and lack of standards. How can we improve this crucial process?
In this session we will cover:
- The Art of Effective Code Reviews
- Streamlining the Review Process
- Elevating Reviews with Automated Tools
By the end of this presentation, you'll have the knowledge on how to organize and improve your code review proces
Gamify Your Mind; The Secret Sauce to Delivering Success, Continuously Improv...Shahin Sheidaei
Games are powerful teaching tools, fostering hands-on engagement and fun. But they require careful consideration to succeed. Join me to explore factors in running and selecting games, ensuring they serve as effective teaching tools. Learn to maintain focus on learning objectives while playing, and how to measure the ROI of gaming in education. Discover strategies for pitching gaming to leadership. This session offers insights, tips, and examples for coaches, team leads, and enterprise leaders seeking to teach from simple to complex concepts.
Navigating the Metaverse: A Journey into Virtual Evolution"Donna Lenk
Join us for an exploration of the Metaverse's evolution, where innovation meets imagination. Discover new dimensions of virtual events, engage with thought-provoking discussions, and witness the transformative power of digital realms."
Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...Anthony Dahanne
Les Buildpacks existent depuis plus de 10 ans ! D’abord, ils étaient utilisés pour détecter et construire une application avant de la déployer sur certains PaaS. Ensuite, nous avons pu créer des images Docker (OCI) avec leur dernière génération, les Cloud Native Buildpacks (CNCF en incubation). Sont-ils une bonne alternative au Dockerfile ? Que sont les buildpacks Paketo ? Quelles communautés les soutiennent et comment ?
Venez le découvrir lors de cette session ignite
Software Engineering, Software Consulting, Tech Lead.
Spring Boot, Spring Cloud, Spring Core, Spring JDBC, Spring Security,
Spring Transaction, Spring MVC,
Log4j, REST/SOAP WEB-SERVICES.
Top Features to Include in Your Winzo Clone App for Business Growth (4).pptxrickgrimesss22
Discover the essential features to incorporate in your Winzo clone app to boost business growth, enhance user engagement, and drive revenue. Learn how to create a compelling gaming experience that stands out in the competitive market.
5. Confidential ESM Release Notes 5
ArcSight ESM Version 5.6
Welcome to ArcSight ESM Version 5.6
ArcSight Enterprise Security Management (ESM) 5.6 provides updates to Oracle, Red Hat
Linux, and CentOS support.
If you are planning on migrating to ESM with CORR-Engine, do not install ESM 5.6. Instead,
migrate ESM 5.5 to ESM with CORR-Engine.
What’s New in This Release
This section contains a summary of the improvements and new capabilities introduced as
part of the ArcSight ESM 5.6 release.
New in this release:
ESM 5.6 now supports Oracle 11.2.0.4.
ESM 5.6 now supports new versions of RHEL, CentOS, Windows Server 2012, and Mac
OS 10.9 (for ArcSight Console). See the ESM Support Matrix for platform support
details.
The security vulnerability known as "Padding Oracle On Downgraded Legacy
Encryption" (POODLE) has been fixed.
Addresses critical issues in ESM 5.5.
Provides updates for geographical information and vulnerability mapping.
Provides important security updates.
Oracle Support
ESM 5.6 uses Oracle 11.2.0.4. If you are using Oracle 11.2.0.3, you can upgrade to Oracle
11.2.0.4 after upgrading the ArcSight Database component. In the Upgrade Guide, see the
chapter “Upgrading Oracle Database‚” for details on how to upgrade Oracle.
POODLE Fix
The POODLE attack (which stands for "Padding Oracle On Downgraded Legacy
Encryption") is a man-in-the-middle exploit that takes advantage of Internet and security
software clients' fallback to SSL 3.0. See http://en.wikipedia.org/wiki/POODLE for details.
When establishing SSL connection in Java, applications start from protocol negotiation
(SSL, TLS, TLSv1, etc.). The POODLE SSL fix ensures that no instance of ESM or ArcSight
Web will accept connections of SSLv3 type; only TLS protocols are accepted. The
corresponding changes were made to the ArcSight Console, which is one of the ESM
clients. No additional changes are required for the ArcSight Console. To access ArcSight
Command Center the web-browser should allow the use of TLSvx protocols, which is the
default setting for all web browsers.
6. ArcSight ESM Version 5.6
6 ESM Release Notes Confidential
Oracle PSU
Refer to the latest ArcSight Oracle Patch Set Update (PSU) Release Notes for Oracle Patch
Set Update (PSU) and OPatch information. You must install the latest PSU after upgrading
Oracle.
Upgrade Support
The upgrade path that is supported for this release is ESM 5.5 Patch 2 to ESM 5.6
Please refer to the upgrade guide for more information on upgrade instructions.
Geographical Information Update
This version of ESM includes an update to the geographical information used in graphic
displays. The version is GeoIP-532_20150701.
Vulnerability Updates
This release includes recent vulnerability mappings (July 2015 Context Update) for these
devices:
Device Vulnerability Updates
Snort / Sourcefire SEU 1321
updated
Bugtraq, X-Force, MSSB, Faultline, CVE,
Nessus, MSKB, CERT
Enterasys Dragon IDS updated Faultline, CVE, Nessus, MSSB
Cisco Secure IDS S876 updated Bugtraq, X-Force, MSSB, Faultline, CVE,
Nessus, CERT, MSKB
Juniper / Netscreen IDP update
2511 updated
Faultline, Bugtraq, CVE, X-Force, Nessus,
MSKB, MSSB, CERT
McAfee Intrushield updated Faultline, Bugtraq, CVE, Nessus, X-Force,
MSKB, CERT, MSSB
TippingPoint UnityOne DV8730
updated
Bugtraq, X-Force, MSSB, Faultline, CVE,
Nessus, MSKB, CERT
IBM Enterprise Scanner 1.134
updated
CVE, X-Force
IBM Security Host Protection for
Desktops 3150 updated
Faultline, CVE, Nessus, X-Force
IBM Security Host Protection for
Servers (Unix) 35.070 updated
Faultline, CVE, Nessus, X-Force
IBM Security Host Protection for
Servers (Windows) 3150 updated
Faultline, CVE, Nessus, X-Force
IBM Proventia Network IPS XPU
35.070 updated
Faultline, Bugtraq, CVE, Nessus, X-Force,
MSSB
IBM Proventia Network MFS XPU
35.070 updated
Faultline, Bugtraq, CVE, Nessus, X-Force,
MSSB
IBM Proventia Server IPS for Linux
technology 35.070 updated
Faultline, CVE, Nessus, X-Force
7. ArcSight ESM Version 5.6
Confidential ESM Release Notes 7
Usage Notes
Please review the following points to ensure smooth operation.
Forwarding Connector
The Forwarding Connector can receive events from a source Manager and then send them
to a secondary destination Manager, a non-ESM location (such as HP Operations Manager),
or to an ArcSight Logger. The Forwarding Connector to install for ESM 5.6 is version
7.1.3.7495.0. See the ESM Support Matrix document available on the Protect 724 site for
details on ESM 5.6 supported platforms.
Browsers and Custom View Dashboards
With dashboards in custom view mode, the dashboard may not launch or charts are not
displayed. This is because the Adobe Flash Player is required and you are either using the
embedded browser or the 64-bit external browser. If you are using a 64-bit browser,
change that to 32-bit in your Console’s Preferences menu and then download Adobe Flash
Player.
If you are using an embedded browser, download Mozilla Firefox 2 or 3, then restart the
Console. The embedded browser copies the Adobe Flash Player from Firefox. You need not
change any Preference settings in this case. You may continue to use Internet Explorer and
uninstall Firefox if desired.
Refer to the following site for more information about the Adobe Flash Player plug-in and
64-bit and 32-bit browsers:
http://kb2.adobe.com/cps/000/6b3af6c9.html
JRE on Macintosh
On the Macintosh 10.9 platform, install JRE 1.6.0_65 before installing ESM 5.6.
Oracle Enterprise Manager Issue
After an Oracle upgrade or fresh install, it is possible that either:
The wrong Oracle version number appears on the home tab, or
The Oracle Enterprise Manager fails to start at all.
If either issue occurs, contact Customer Support.
If you are running Oracle on Red Hat 7.0 or 7.1, you must download the patch for OEM for
Oracle 11.2.0.4 on Red Hat 7.x from http://softwaresupport.hp.com
IBM RealSecure Server Sensor XPU
35.070 updated
Faultline, CVE, Nessus, X-Force
Symantec Endpoint Protection
updated
Faultline, Bugtraq, CVE, X-Force, Nessus
McAfee HIPS 7.0 updated CVE
Radware DefensePro updated Bugtraq
Device Vulnerability Updates
8. ArcSight ESM Version 5.6
8 ESM Release Notes Confidential
Fixed Issues in 5.6
Analytics
ArcSight Console
Issue Description
ESM-51604 When a user attempted to modify a rule without read permissions to all rules, the
modification appeared to succeed but was not actually applied.
This has been fixed.
ESM-51379 Queries used in the report or query viewer or channel have a performance issue
when there is a large amount of event annotation data. This fix resolves this issue
by optimizing the query time dynamically.
Workaround: Enable the event.annotation.optimization.enabled property in the
server.properties file. When this property is set to true, the new optimization is
enabled. Note that, default optimization occurs unless you set
event.annotation.optimization.enabled to true. You do not have to set
event.annotation.optimization.enabled in the server.properties file unless you
need the dynamic query time optimization.
This functionality is certified for a stand-alone deployment only. Other limitations
apply. Contact HP Technical Support with any concerns.
ESM-51353 When rule modification was done by user who did not have read access to all the
rules, the modification appeared to succeed, but was not applied. This issue is
now fixed in this release.
ESM-51337 In some situations, the requestUrlHost field was not derived properly from the
fully-qualified request URL.
This issue has been fixed.
ESM-50574 On ESM 5.2 with RHEL 6.1, you would get a "Wrong exit code '1'" error when perl
is configured as an external command of a Rule Action.
This is now fixed.
Issue Description
ESM-51500 If a case's description tab were opened by two Consoles simultaneously, updates
made by one console were not visible in the other console after properly unlocking
the case, unless the case was closed and re-opened.
This has been addressed.
ESM-51107 Modifying the fieldset of an Active Channel (AC) using Customize Columns will
now show data in a field added to channel.
ESM-50790 When querying for cases based on case owner, the system required usage of the
resource id, not the name. This has been fixed.
ESM-50400 For one specific Target Geo location, the IP resolved to 0,0.
This has been fixed.
9. ArcSight ESM Version 5.6
Confidential ESM Release Notes 9
Documentation
ArcSight Database
ArcSight Manager
Issue Description
ESM-51443 ESM v5.2 and ESM v5.5 Installation Guides under section titled "Migrating from
Internal Authentication to ACE/Server" have this note: "If you are switching from
the internal authentication mechanism to ACE/Server after the initial installation
and the external user ID of all administrator accounts is different from the internal
user ID, contact HP for assistance in setting the external ID for administrator user
accounts. " Later in these guides, we explained this step clearly in section titled
"Guidelines for setting up external authentication."
In ESM 5.6 this note has been changed to as follows, "If you are switching from
the internal authentication mechanism to ACE/Server after the initial installation,
and the external user ID of all administrator accounts is different from the internal
user ID, see ‘Guidelines for setting up external authentication’ on page 92.”
Issue Description
ESM-51499 When upgrading Oracle 11.2.0.2 to 11.2.0.3 on SuSE, the version reported was
incorrect. After upgrading Oracle from 11.2.0.3 to 11.2.0.4 and applying the April
2015 PSU, the version reported is correct on SuSE.
This issue has been fixed.
ESM-51274 After applying the October 2013 Oracle Patch Set Update, lsnrctl start failed with
Linux Error 29: Illegal seek. This has been fixed in the latest release of Oracle,
11.2.0.4.
ESM-51220 Partition Compression could fail with an ORA-00600 error code. This has been
resolved in version 11.2.0.4 of the database.
ESM-50922 There was an export issue in a particular customer large db environment.
The export issue was resolved with the workarounds and scripts by exporting the
db dump files into a few smaller files.
A KB article is created for this issue. Please contact Tech Support for detail
instructions.
Issue Description
ESM-51608 Annotating events took a long time to come back and froze the console. This
problem is now fixed in this release.
10. ArcSight ESM Version 5.6
10 ESM Release Notes Confidential
ESM-51579 This Patch release provides the POODLE SSL fix.
The POODLE attack (which stands for "Padding Oracle On Downgraded Legacy
Encryption") is a man-in-the-middle exploit that takes advantage of Internet and
security software clients' fallback to SSL 3.0. See
http://en.wikipedia.org/wiki/POODLE for details.
When establishing SSL connection in Java, applications start from protocol
negotiation (SSL, TLS, TLSv1, etc.). The POODLE SSL fix ensures that no instance
of ESM or ArcSight Web will accept connections of SSLv3 type; the protocol should
be one of TLS protocols. The corresponding changes were made to the ArcSight
Console, which is one of the ESM clients. No additional changes are required for
the ArcSight Console. To access ArcSight Command Center the web-browser
should allow the use of TLSvx protocols, which is the default setting for all web
browsers.
ESM-51526 The CFC could cause the source ESM to drop its EPS by a significant amount,
especially when the initial EPS was high.
CFC no longer affects EPS.
ESM-51433 Attempting to search a large number of Assets or Zones in Console failed due to
exception. This has been corrected, so such searches will successfully yield data.
ESM-47652 The newids parameter in the archive tool does not assign new ids to resources.
The newids parameter does not function and is no longer documented.
Issue Description
11. ArcSight ESM Version 5.6
Confidential ESM Release Notes 11
Open Issues in 5.6
Analytics
ArcSight Console
Issue Description
ESM-49436 Filters having conditions on Variables that return an Actor list field cannot be used
in Queries and Active Channels. You can only use these filters in Rules and Data
Monitors.
This issue affects content developers using Variables in ESM.
ESM-48858 System audit events, such as those resulting from a rule being disabled by the
system, are given a low TTL (time-to-live) value to prevent excessive rule
triggering. A single rule can correlate such audit events, but any subsequent
chaining rules are suppressed.
ESM-47918 The Threat Response Manager (TRM) occasionally does not return an appropriate
response when an update to Quarantine Node by IP command is sent.
ESM-40529 After installing IdentityView 1.1, some previously valid ESM resources show as
invalid resources.
Workaround: Edit the filter called Built In Identities on IDM System and remove
the setAction local variable.
ESM-39632 The copy-and-paste function is not supported for conditions with variables. For
example, if you create a filter for an Active Channel and used the Common
Conditions Editor to add condition statements, copying and pasting into another
editor (for example, a Rule editor) may result in an error.
Workaround: Manually re-enter the conditions.
ESM-38902 Importing or exporting domain fields show these fields to be Unknown Fields in
the rule editor.
Workaround: While importing or exporting, make sure to include the domain field
set to which the domain fields belong.
ESM-37810 For scheduled reports, when the user's "Run as" read and write privileges are
taken away, the scheduled report is generated by the user who created the
schedule (and not by the "Run as" user). If the "Run as" user has read privilege
only, then the report is not generated.
ESM-29633 Occasionally, after changing a trend's description, another trend that depends on
this trend may become invalid.
Workaround: You can usually re-enable a trend that was incorrectly disabled by
making any minor change on the trend (for example, you could toggle the trend's
enabled state off and then back on) and then save it. This will force the re-
validation of the trend and re-enable the trend.
Issue Description
ESM-51881 There are some residual links and files after the uninstall of ESM 5.6 console on
Mac OS X 10.9.
To clean up these files execute the standard Unix delete commands.
12. ArcSight ESM Version 5.6
12 ESM Release Notes Confidential
ESM-51865 Logging in to the ESM 5.6 Console using the ‘PKCS#11 Login’ option can generate
an error message of: ‘Failed to connect to the PKCS#11 Token’ on Windows 64-
bit.
Follow the workaround below to resolve this known JDK6 issue:
1. Copy C:Program Files (x86)ActivIdentityActivClientacpkcs211.dll to a
new folder (e.g. C:arcsight ActivClient)
2. Edit the ESM Console’s client.properties by inserting this line to the file:
cac.pkcs11.lib=C:arcsightActivClientacpkcs211.dll
3. Re-start Console and you should be able to login with the PKCS#11 option.
ESM-51005 When a user logs into the console with an expired password, the following
exception may occur in an pop up box after entering a new password:
“Exception caught while logging in to core service: class java.io.IOException.”
The workaround is to click OK, and it will allow you to continue normally.
ESM-48908 When viewing custom layout dashboards in an external browser, the Show Events
menu option will not launch the Event Inspector.
ESM-47495 Custom Layout Dashboards now support Query Viewers, however, the toolbar in
each dashboard and the left-click context menus still use the "Data Monitor" menu
label, although Query Viewers are also available from this link.
ESM-47489 If you add a Query Viewer with a default row limit of 10,000 to a dashboard, the
dashboard may not load in Custom Layout. The reason is that the Custom Layout
is web based and requires a web browser to work. Most web browsers can't
handle such large amount of data.
Workaround: Reduce the row limit before adding the Query Viewer to the
dashboard.
ESM-47386 A Query Viewer can be added to a dashboard displayed as a stacked bar chart.
However, if this dashboard is displayed in Custom Layout, you will see a regular
bar chart because the stacked bar chart is not supported in this release in Custom
Layout.
ESM-47213 For ESM with the Oracle database, case-related events are copied to a special
table so they can remain available after being archived. The channel is unable to
find and display such events correctly after the partition is archived.
Workaround: Use the case event editor or Reports, which can correctly find and
display these events.
ESM-41344 When viewing image dashboards in an external browser, if you keep the
dashboard running, you will get an error saying that a script on the page is
causing the browser to run slowly and if it continues to run, your computer may
become unresponsive. This error appears after every few hours while the image
dashboard is running.
Workaround: Click No to dismiss the message. You may also refresh the page.
ESM-41247 If you set "NSPAuth" as Password type and run TRM commands in the external
browser, you will be redirected to the Login page.
Workaround: Set NSPAuth to Text type if you want to use the external browser for
TRM commands. One issue with this workaround is that the authentication token
would appear as clear text in your browser URL parameters.
Issue Description
13. ArcSight ESM Version 5.6
Confidential ESM Release Notes 13
ESM-41019 When you have client-side authentication set up, and if the Manager is configured
with the Password Based and SSL Client Based Authentication, an error will be
returned when accessing the product documentation using a Web browser.
Workaround: Generate a key pair for the browsers and import the browser's
certificate into the Manager's trust store. Alternatively, copy the Console's key
into the browser's keystore. See the Administrator's Guide for details on how to
do this.
ESM-40302 On an ESM running in FIPS mode, the server.log file shows an exception when a
Custom View dashboard is launched. This is because Custom View dashboards are
not supported in FIPS mode.
ESM-39980 The Console can become unresponsive if you access other resources while
building category models with a large number of actors.
ESM-39856 If you use the embedded browser in Windows to view a report, the report may not
appear until you resize the panel.
Workaround: Resize the panel before running a report. You may want to try
several resizings to get the desired results.
ESM-39829 Deleting actors will require category models, if any, to be re-built. Each rebuild
should only take a few seconds. However, when thousands of actors are deleted,
the cumulative deletion period may last for hours.
ESM-39331 Actor channels can only display fields that are part of a pre-defined field set. If
you want to view any additional fields in an Actor channel, first add the fields to
the field set that the Actor channel uses instead of adding them directly to the
channel.
Workaround: To view additional fields in an Actor channel, add the fields to an
Actor field set and use it in the actor channel.
ESM-38014 When a filter is moved from one group to another and data monitors that depend
on that filter are packaged, exported, and re-imported on a different ESM
installation, the data monitors may lose some filter attribute values.
Workaround: Manually specify the filter again for data monitors that are identified
by the broken resource icon.
ESM-37868 When you modify a case while a case channel is open and an inline filter is
applied, no data appears.
Workaround: To successfully display available data, refresh the case channel.
ESM-37344 On the ArcSight Console, when a large number of cases reside in a single group,
you can't pick a case for the "Add to Existing Case" rule action in the Rule editor.
This is because the resource selector only shows leaf nodes when there are less
than 1000 cases in a group. This happens for all resources.
Workaround: Arrange the resource hierarchy so there are no more than 1000
resources in a single group. Alternatively, use a dynamic case name (a case name
that includes a variable) in your rule action to specify the case. In the ArcSight
Console User's guide, search for "Dynamic case name" in the "Rules Authoring"
chapter.
ESM-36055 In the Query Editor, if you have read permission to a query but not to the global
variables that are being used in the query, the resulting display will be incomplete.
None of the global variable-related fields will be displayed. Also, when such query
is used in query viewer or report it will not show data.
ESM-32489 Using hotkeys with View Pattern and View Pattern with Filter is not supported in
this release.
Issue Description
14. ArcSight ESM Version 5.6
14 ESM Release Notes Confidential
ESM-30008 Installing an exported package from a bundle file occasionally results in the
following error:
Install Failed: Resource in broker is newer than modified resource.
Workaround: Re-import the package.
NGS-11209 On Mac OS X only: If you open a channel, select some rows, right-click on them
and select Print Selected Rows from the resulting menu without a default printer
set up, the Console will abruptly terminate.
Workaround: Before you start the Console, make sure to set up a default printer
to which to print.
Issue Description
15. ArcSight ESM Version 5.6
Confidential ESM Release Notes 15
ArcSight Database
Issue Description
ESM-50787 There is a problem when trying to install Oracle and creating a database instance
with a new SID name, such as, for example, "hpcloud". After the Oracle database
instance is created, when you try to connect to the database instance, it will
connect to the instance name with its previous alias name which is "arcsight". This
causes the Manager upgrade to fail because before upgrading the manager, it has
to export the system tables, and it does so with the "arcsight" alias name. But the
Manager upgrade process is exporting the system tables with "hpcloud" SID.
The workaround is to change the alias name from "arcsight" to "hpcloud" in
tnsnames.ora
ESM-49915 There is an Oracle vulnerability for which there is a documented workaround you
should use.
Refer to the Knowledge base article at
http://support.openview.hp.com/selfsolve/document/KM1388068.
ESM-48248 Some solutions, system or customer reports that executed correctly on Oracle
10g, may fail on Oracle 11g with the error "Unable to execute query: ORA-00979:
not a GROUP BY expression."
Workaround:
1. Log in to Oracle as "sysdba".
2. Run the following SQL command from the sqlplus prompt:
alter system set "_optimizer_distinct_agg_transform"=false scope=both;
3. Restart Oracle to apply the change to all sessions.
ESM-46556 During the Oracle database installation, when you create a database instance,
when specifying the ORACLE_SID, the wizard does not warn you if you use a
name with a space (for example, esm db).
Oracle does not allow spaces and therefore the instance creation will fail if the
ORACLE_SID (instance name) has a space in it. Do not use spaces in this string.
ESM-35620 The ArcSight Database installer does not include error checking or validation
against Oracle-supported schema user naming conventions. If the user names
specified contain anything other than alphanumeric characters, the ArcSight
Database installer will prevent creation or re-creation of the schema and will
display the following error code:
error ORA-00921: unexpected end of sql command
Workaround: For ArcSight Database installation and schema setup, keep in mind
that Oracle supports only alphanumeric characters for database user names, and
will not accept a dash (-) or underscore (_) in these names.
ESM-33431 When upgrading some older versions of ESM with Oracle 10G, you may see some
negative timestamp values in the server logs. You will see an error that begins
with "java.sql.SQLException: BC date found in..." in the logs. The resources for
this error are not loaded.
Workaround:
1. Set the following property in the Manager's
<ARCSIGHT_HOME>/config/server.properties file:
server.date.correction.recoverFromBCDate=true
2. Restart the Manager.
Should this issue occur, notify Customer Support.
16. ArcSight ESM Version 5.6
16 ESM Release Notes Confidential
ArcSight Manager
Issue Description
ESM-51851 When using Internet Explorer 11 with FIPS mode, the browser is unable to access
Manager port 8443 and Web port 9443.
Workaround: Use a different browser.
ESM-40889 The "group:101" audit event might not be sent when there are many role
memberships being added or changed for an actor. An error about this is written
to the server log, indicating the IDs of the affected objects.
ESM-48270 There is a performance issue when running channels or queries with conditions on
actor global variables.
Workaround:The following tips might be helpful in improving performance.
1. Generate session list statistics as follows:
Run the following three commands in <ARCSIGHT_HOME>bin on your
database machine:
./arcdbutil sql username/password
@../utilities/database/oracle/common/sql/runSessionListStats.sql
exec runSessionStats
The runSessionStats command gathers statistics on all session list tables and
gathers both global- and partition-level statistics. You should see an improvement
in performance.
Note that the scripts may run for a long time if the session lists have a lot of data.
2. You could also reduce the rownum limit from the default of 10,000 to 1000 or
lower to improve the data retrieval time.
3. If the actor query has joins to event-related tables, then running
RegenerateEventStats (described in the "Query and Trend Performance Tuning"
section) helps to improve the overall read performance of the system.This may
take from a few minutes to a few hours, depending on the volume of events.
4. Eliminating the LIKE condition from the query will extensively improve the
query performance.
ESM-41148 During ESM upgrade, autozoning will fail if the number of assets in a zone/group
exceeds 1000.
Workaround: Manually run autozoning in batches of 1000 assets or fewer after
completing your upgrade. You can do this from the Asset Channel or Asset
Resource Tree in the Console.
ESM-40984 Before uninstalling any ArcSight package, certain tasks must be performed in
sequence. Remove relationships first before deleting. For example, if the data
monitor group is deleted before the data monitor resource, you will encounter a
permission error, because permissions are tied to groups.
ESM-37633 After installing the Manager, you will see an error in the server.log file:
[ERROR][default.com.arcsight.config.util.WebProperties][getPassword]
com.arcsight.common.ArcSightException: Cannot handle the data which was
obfuscated by old scheme
This message is harmless and can be safely ignored.
ESM-37488 Exporting a large active list with 10 million entries, or exporting rules that use
such active lists, results in an exception in the server.std.log file. Additionally, the
Manager runs out of memory and automatically restarts itself.
Workaround: Use the export format instead of the default format while exporting
the rule or active list definition using an archive or a package.
17. ArcSight ESM Version 5.6
Confidential ESM Release Notes 17
ESM-35653 ESM Console upgrades do not properly read the security and login property
settings (SSL files). If you run the upgrade and Console setup through to
completion via the install wizard, you will still have to re-run Console setup.
Workaround: Cancel the installation after the Console is installed, and run the
ArcSight Console Configuration Wizard to configure property settings. From the
Console's <ARCSIGHT_HOME>/current/bin, run the command:
arcsight consolesetup
The SSL files will be read and the Console will configure correctly.
ESM-34568 Certain reports run for several hours and then time out or fail with the error
message:
com.arcsight.common.persist.PersistenceException: Unable to execute query:
ORA-01555: snapshot too old
This occurs because Oracle is using a sub-optimal query execution plan. In some
cases, this can happen because of insufficient space in the ARC_TEMP table.
Workaround: Set the report to query with a full scan database hint. For more
information, refer to the section, "Reports that query over a large time range with
complex joins take a long time to run" in Appendix B of the ArcSight ESM
Administrator's Guide.
ESM-31433 The following exception might appear in the Manager's log file:
ERROR: java.lang.NullPointerException at
org.apache.lucene.index.IndexReader.open
Workaround: This error is not serious. It is automatically resolved within one
week of the Manager startup during which time the Manager rebuilds the resource
search index (done weekly). You may choose to ignore the error, or manually do a
rebuild at any time by running the following command from the Manager's bin
directory:
arcsight searchindex -a create -m <manager-hostname> -u <admin-user-name>
-p <password>
ESM-30670 If the search index file becomes corrupted, the search index will be out-of-date
and the following message appears in the Manager's log file:
[ERROR][default.com.arcsight.server.search.index.IndexResources][_init]
java.io.IOException: read past EOF
Workaround: Re-generate the index by issuing the following command from the
Manager's bin directory:
arcsight searchindex -a create -m <manager-hostname> -u <admin-user-
name> -p <password>
Issue Description
18. ArcSight ESM Version 5.6
18 ESM Release Notes Confidential
ArcSight Web
Installation and Upgrade
Issue Description
ESM-35693 If your session has expired and you click a node in the Navigator tree to expand
it, you will see a Java exception and ArcSight Web does not redirect you to the
login page.
Workaround: Start a new session and log in again.
Issue Description
ESM-51846 During installation of ESM 5.6 on non English Windows 2012 R2 server, the
installer pops up a warning message:
"You are installing this product on a unsupported platform."
You can ignore this message.
ESM-51700 On uninstallation of ESM 5.6, the uninstaller displays a warning message "All
items could not be removed", however all files are actually removed. This
message can be safely ignored.
ESM-50891 When upgrading from ESM 5.2 P2 to ESM 5.5, the Manager configuration runs the
commands dbcheck and system_export_tables. However, after running the
system_export_tables command, it does not create arcsight.dmp file on Windows.
Workaround: Use following commands to create the dump file:
cd %ARCSIGHT_HOME%bin
open the file named system.param
remove the two lines that starts with old and new like below.
old 1: select table_name || ',' from user_tables where
tablespace_name='ARC_SYSTEM_DATA' and table_name <> 'PLAN_TABLE' &1
'&2'
new 1: select table_name || ',' from user_tables where
tablespace_name='ARC_SYSTEM_DATA' and table_name <> 'PLAN_TABLE' and
upper(table_name) not like 'ARC_SLD_%'
Save the file.
cd <ARCSIGHT_HOME>bin
expdp <username/password@instance> directory=ARCSIGHT_DUMP_DIR
dumpfile=arcsight.dmp parfile=<ARCSIGHT_HOME>system.param
ESM-49566 The Case schema customized settings are not transferred over during upgrade.
Please contact Customer Support for help with transferring the Case
customization settings.