©Copyright International Business Machines Corporation 2008. All rights reserved. U.S. Government Users Restricted Rights -- Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp.
NOTE: Before using this information and the product it supports, read the general information under Notices in this document.
Date: 2008 December 19
This fix pack corrects several problems in IBM Tivoli Compliance Insight Manager, Version 8.5.0. It requires that IBM Tivoli Compliance Insight Manager, Version 8.5.0, already be installed. After installing this fix pack, your Tivoli Compliance Insight Manager installation will be at software service level 8.5.0.5.
This fix pack package contains:
This fix pack is distributed as an electronic download from the IBM Software Support Web site.
This fix pack package supports the same operating system releases as the IBM Tivoli Compliance Insight Manager 8.5 product. Refer to chapter 1 ("System Requirements") of the IBM Tivoli Compliance Insight Manager 8.5 Installation Guide for a complete list.
This fix pack supersedes the Windows, AIX, HP-UX, and Solaris part of fix packs from 8.5.0-TIV-TCIM-FP001 to 8.5.0-TIV-TCIM-FP004. z/OS actuator last fix pack is 8.5.0-TIV-TCIM-FP001.
Tivoli Compliance Insight Manager supports multiple platforms; for each platform requiring updates, a separate package is installed. Each package contains the updates for all components installed on that platform.
The following problems are corrected by this fix pack. For more information about the APARs listed here, refer to the Tivoli Compliance Insight Manager Support site.
Be aware of the following considerations before installing this fix pack:
You must already have Tivoli Compliance Insight Manager 8.5.0 and its prerequisites installed.
The Fix Pack 5 package is provided as an executable file for the Microsoft Windows platform and as an archive file for each supported non-Windows platform.
The fix pack detects all the Tivoli Compliance Insight Manager components that are installed on the system and automatically updates them.
Note: If one or more interim fixes have already been installed on the system, the fix pack automatically detects them and takes the appropriate action to ensure they do not need to be reapplied.
To apply the fix pack for Tivoli Compliance Insight Manager Actuator for AIX, follow these steps:
# gzip -dc 8.5.0-TIV-TCIM-AIXPPC32-FP005.tar.gz | tar xvf -
# ./apply.sh /usr/lpp/IBM/TCIM/actuator
# ps -ef | grep agent
To apply the fix pack for Tivoli Compliance Insight Manager Actuator for HP-UX, follow these steps:
# gzip -dc 8.5.0-TIV-TCIM-HPUXPARISC-FP005.tar.gz | tar xvf -
# ./apply.sh /opt/IBM/TCIM/actuator
# ps -ef | grep agent
To apply the fix pack for Tivoli Compliance Insight Manager Actuator for Solaris, follow these steps:
# gzip -dc 8.5.0-TIV-TCIM-SolarisSparc-FP005.tar.gz | tar xvf -
# ./apply.sh /opt/IBM/TCIM/actuator
# ps -ef | grep agent
After applying the fixpack, a new option named "Truncate" is present in the DB2 8-9.1 ES properties. It's set to 'yes' by default in the DB2 SelfAudit ES (the one that audits TCIM's DB2 instance) and 'no' by default for all the other ES instances. If this option is set to 'yes', TCIM will automatically prune db2audit.log after each collect, at most once an hour; the db2audit.log pruning process consists in removing logs that have already been collected, reducing the log file size. A mitigation was provided by the support document named "Control growing DB2 audit log on Tivoli Compliance Insight Manager 8.5 Server", and this fix renders the described mitigation obsolete.
To roll back the mitigation:
Remove cifdb2prune.vbs script from the scheduled tasks
From the Windows Start menu, open the Control Panel, and then "Scheduled Tasks". Delete the task that executes C:\ibm\TCIM\Tools\cifdb2prune.vbs.
Deleting cifdb2prune.vbs script
Delete the cifdb2prune.vbs file from the C:\ibm\TCIM\Tools\ folder.
Enable TCIM's db2audit.log truncation
If you are using DB2 SelfAudit ES, and want to prune the log file, you simply need to apply the fix pack; the 'Truncate' option will appear in all DB2 ES properties, and it will be set to 'yes' for the SelfAudit one, which will prune the db2audit.log as described before. If you are using other DB2 ES, and want to enable this feature, set the 'Truncate' option to 'yes' in the ES properties panel after applying the fix pack.
Note: It's highly recommended to prune "db2audit.log" periodically to keep that file small, as a large audit log file may affect the database performance.
For experienced TCIM users only, when in doubt, please contact TCIM L2
During the mapping phase, the "gethostname" GSL operator queries the DNS for the host name corresponding to the supplied argument, which is assumed to be an IP address. Use of this operator can seriously reduce the performance of the mapper.
To solve the performance problem, it's possible to disable the "gethostname" function in "gensub.ini", at the cost of not having the reverse lookups in the mapped results.
To disable the "gethostname" function for all ESes, the following lines have to be added to <TCIM directory>\server\run\gensub.ini:
[RegexOperators]
gethostname=nl.consul.cea.gensub.scanning.regex.OperLit
It's also possible to disable the operator for a specific GSL file. To disable the function for a specific GSL file, the following lines should be added to the <TCIM directory>\server\run\gensub.ini file:
[RegexOperators.<GSL file name without the extension>]
gethostname=nl.consul.cea.gensub.scanning.regex.OperLit
For instance, the following lines will disable the "gethostname" function for FW1.gsl:
[RegexOperators.FW1]
gethostname=nl.consul.cea.gensub.scanning.regex.OperLit
After TCIM v85 group server is installed on a drive other than c:, the TCIM DB2 instance is installed on c:. Follow the instructions to move the DB2 instance to the right drive:
DB_NAME=CIFDB DB_PATH=C:,F: INSTANCE=CIFINST NODENUM=0 STORAGE_PATH=C:,F:
STORAGE_PATH variables should be taken for each case separately from the database: select * from sysibmadm.dbpaths where type='DB_STORAGE_PATH' If there are more then one storage path all them should be added.
(Assuming the destination drive is drive F:, and the DB name/DB instance name are the default CIFDB/CIFINST.)
This procedure will replace "Chapter 5. Uninstalling IBM Tivoli Compliance Insight Manager components", page 35 from the TCIM v8.5 Installation Guide
To uninstall IBM Tivoli Compliance Insight Manager to the following steps should be executed in order. (Note the steps need to be performed with a user that has local administrator privileges.)
MSDOS> idsidrop.cmd -I idsinstChoose option 1 : (1) - Continue and delete the directory server instance
MSDOS>net user /delete cifdb2admin MSDOS>net user /delete db2adminitds MSDOS>net user /delete idsinst
When configuring RSA, ensure that only RSA authentication logfiles will be found in the Eventsource Properties RSA Log directory because all files in this directory will be processed and deleted, even when these are not logfiles.
For the following Event Sources we added an additional property 'Collect Directory':
This property could be used to specify a path to the directory where the TCIM Actuator stores its temporary files; these temporary files contain audit data created during collect before it is transferred to the log depot. The default value points to the directory /tmp. This value can be changed. Ensure that the directory exists; otherwise, collect will not start.
Note: For SSH version of the event sources, represented above, the 'Collect Directory' property is not used. The TCIM Actuator stores its temporary files in the run directory in the SSH user's home directory.
If you install a Tivoli Compliance Insight Manager component on the system after the fix pack has been applied, you must install the fix pack on that system again to ensure that all components are running at the same software service level.
None.
This information was developed for products and services offered in the U.S.A. IBM may not offer the products, services, or features discussed in this document in other countries. Consult your local IBM representative for information on the products and services currently available in your area. Any reference to an IBM product, program, or service is not intended to state or imply that only that IBM product, program, or service may be used. Any functionally equivalent product, program, or service that does not infringe any IBM intellectual property right may be used instead. However, it is the user's responsibility to evaluate and verify the operation of any non-IBM product, program, or service. IBM may have patents or pending patent applications covering subject matter described in this document. The furnishing of this document does not give you any license to these patents. You can send license inquiries, in writing, to:
IBM Director of Licensing
IBM Corporation
North Castle Drive
Armonk, NY 10504-1785
U.S.A.
For license inquiries regarding double-byte (DBCS) information, contact the IBM Intellectual Property Department in your country or send inquiries, in writing, to:
IBM World Trade Asia Corporation
Licensing
2-31 Roppongi 3-chome, Minato-ku
Tokyo 106, Japan
The following paragraph does not apply to the United Kingdom or any other country where such provisions are inconsistent with local law: INTERNATIONAL BUSINESS MACHINES CORPORATION PROVIDES THIS PUBLICATION "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Some states do not allow disclaimer of express or implied warranties in certain transactions; therefore, this statement may not apply to you.
This information could include technical inaccuracies or typographical errors. Changes are periodically made to the information herein; these changes will be incorporated in new editions of the publication. IBM may make improvements and/or changes in the product(s) and/or the program(s) described in this publication at any time without notice.
Any references in this information to non-IBM Web sites are provided for convenience only and do not in any manner serve as an endorsement of those Web sites. The materials at those Web sites are not part of the materials for this IBM product and use of those Web sites is at your own risk.
IBM may use or distribute any of the information you supply in any way it believes appropriate without incurring any obligation to you.
Licensees of this program who wish to have information about it for the purpose of enabling: (i) the exchange of information between independently created programs and other programs (including this one) and (ii) the mutual use of the information that has been exchanged, should contact:
IBM Corporation
2Z4A/101
11400 Burnet Road
Austin, TX 78758
U.S.A.
Such information may be available, subject to appropriate terms and conditions, including in some cases, payment of a fee.
The licensed program described in this document and all licensed material available for it are provided by IBM under terms of the IBM Customer Agreement, IBM International Program License Agreement or any equivalent agreement between us.
Any performance data contained herein was determined in a controlled environment. Therefore, the results obtained in other operating environments may vary significantly. Some measurements may have been made on development-level systems and there is no guarantee that these measurements will be the same on generally available systems. Furthermore, some measurement may have been estimated through extrapolation. Actual results may vary. Users of this document should verify the applicable data for their specific environment.
Information concerning non-IBM products was obtained from the suppliers of those products, their published announcements or other publicly available sources. IBM has not tested those products and cannot confirm the accuracy of performance, compatibility or any other claims related to non-IBM products. Questions on the capabilities of non-IBM products should be addressed to the suppliers of those products.
All statements regarding IBM's future direction or intent are subject to change or withdrawal without notice, and represent goals and objectives only.
This information contains examples of data and reports used in daily business operations. To illustrate them as completely as possible, the examples include the names of individuals, companies, brands, and products. All of these names are fictitious and any similarity to the names and addresses used by an actual business enterprise is entirely coincidental.
IBM and Tivoli are trademarks or registered trademarks of International Business Machines Corporation in the United States, other countries, or both.
Adobe, Acrobat, Portable Document Format (PDF), and PostScript are either registered trademarks or trademarks of Adobe Systems Incorporated in the United States, other countries, or both.
Java and all Java-based trademarks and logos are trademarks of Sun Microsystems, Inc. in the United States, other countries, or both.
Microsoft, Windows, Windows NT, and the Windows logo are trademarks of Microsoft Corporation in the United States, other countries, or both.
UNIX is a registered trademark of The Open Group in the United States and other countries.
Other company, product, and service names may be trademarks or service marks of others.