IBM Support

IBM Application Performance Management 8.1.4 8.1.4.0-IBM-APM-SERVER-IF0005 Readme

Readme file for: IBM Cloud Application Performance Management Private, Version 8.1.4.0 Server Interim Fix 5
Product/Component Release: 8.1.4
Update Name: 8.1.4.0-IBM-APM-SERVER-IF0005
Fix ID: 8.1.4.0-IBM-APM-SERVER-IF0005
Publication Date: 31 May 2018
Last modified date: 31 May 2018

Download location

IMPORTANT NOTE: To download this update, you must first login to IBM Fix Central. Once logged in, you may select from the individual download packages. When selecting fixes, ensure your download options are set to "Include requisites: Yes".
http://www.ibm.com/support/fixcentral/

Below is a list of components, platforms, and file names that apply to this Readme file.

Fix Download for Linux

Product/Component Name: Platform: Fix:
IBM Application Performance Management Linux x86_64
8.1.4.0-IBM-APM-SERVER-IF0005

Prerequisites and co-requisites

General description
This is a cumulative interim fix for IBM Cloud Application Performance Management family of products, Version 8.1.4.0.
It includes these component patch versions for the IBM Cloud Application Performance Management server:

amui-8.1.4.0.5
apmui-8.1.4.0.5
ccm-scripts-8.1.4.0.5
ccs-8.1.4.0.5
datalayer-8.1.4.0.1
datalayer-scripts-8.1.4.0.1
dbutils-8.1.4.0.2
dqe-1.2.0.8.2
ibmjava-8.1.4.0.3
itmcdp-8.1.4.0.2
itportal-8.1.4.0.4
kafka-8.1.4.0.1
liberty-17.0.0.2.2
min-8.1.4.0.4
oidc-8.1.4.0.2
omnibus-8.1.4.0.1
oslc-8.1.4.0.2
rbac-8.1.4.0.2
scr-6.1.2.15.4
synthetics_script_manager-01.00.05.02
topology-calculator-8.1.4.1.1
tt-8.1.4.0.3
uviews-1.1.0.0.5


Platforms and prerequisites
This interim fix is supported on the IBM Cloud Application Performance Management server platforms documented here.

Prerequisites for this interim fix
This interim fix is intended to be applied to any of the following levels of IBM Cloud Application Performance Management server software:

IBM Cloud Application Performance Management Base Private, Version 8.1.4.0
IBM Cloud Application Performance Management Advanced Private, Version 8.1.4.0

Known issues

None

Known limitations

None

Installation information

Prior to installation

The IBM Cloud Application Performance Management server Version 8.1.4.0 must be installed and running before applying the interim fix.


This server interim fix includes security fixes for Synthetics, which has dependency on a change in Synthetic Playback Agent for IBM Cloud APM 8.1.4.0 Interim Fix 2. You should update your playback agents before installing the server interim fix. See the following technote for more details on the dependency and where to find the Synthetic Playback agent interim fix:

http://www.ibm.com/support/docview.wss?uid=swg22015137

Installing

Installing the IBM Cloud Application Performance Management Server update

  1. As the root user, download 8.1.4.0-IBM-APM-SERVER-IF0005.tar from IBM Fix Central to a temporary local directory (e.g. /tmp/IF05-patch) on the computer where you installed the Cloud APM server. The root user must have read/write access to the directory.

  2. Check if the <apm-sever-home>/ccm/fixes directory exists. If the directory exists then enter this command to get the list of Cloud APM server interim fixes that are already installed:

    ls server*

  3. Enter the following command if the Cloud APM 8.1.4.0 IF0003 or later server interim fix is not already installed and you have agents connected:

    <apm-server-home>/kafka/bin/kafka-topics.sh --zookeeper localhost:2181 --topic alarm.enriched.json --alter --config retention.ms=300000

    • Note: The command displays this message:

      WARNING: Altering topic configuration from this script has been deprecated and may be removed in future releases. Going forward, please use kafka-configs.sh for this functionality

      Updated config for topic "alarm.enriched.json".

    • If you see the message "kafka-run-class.sh: line 243: exec: java: not found" then enter the following command and then run the kafka-topics.sh script again:

      export JAVA_HOME=<apm-server-home>/java/jre

  4. Change your current directory to the download location, e.g.

    cd /tmp/IF05-patch

  5. Expand the archive file using the tar command e.g.

    tar -xf 8.1.4.0-IBM-APM-SERVER-IF0005.tar

  6. Run the script apmpatch.sh:

    cd 8.1.4.0-IBM-APM-SERVER-IF0005
    ./apmpatch.sh


  7. Wait a couple of minutes and then enter the following command if the Cloud APM 8.1.4.0 IF0003 or later server interim fix is not already installed and you have agents connected:

    <apm-server-home>/kafka/bin/kafka-topics.sh --zookeeper localhost:2181 --topic alarm.enriched.json --alter --config retention.ms=14400000



Performing the necessary tasks after installation


  1. Run the following script to complete the database update if the Cloud APM 8.1.4.0 IF0003 server interim fix or later was not already installed:

    • If Cloud APM server is using a local DB2 database OR the database server is remote and the Cloud APM server admin knows the DB2 instance password then perform this procedure on the Cloud APM server:

      1. cd <apm-install-dir>/ccm/SCR/XMLtoolkit/bin
      2. ./setdbschema.sh -U db2apm -P <password> -f 814if03

      3. where <password is the db2apm instance user password

    • Else If the Cloud APM server is using a remote DB2 and only the DB2 administrator knows the DB2 instance password then ask the DB2 administrator to perform this procedure on the DB2 server:

      1. Login as the DB2 instance user for the Cloud APM databases
      2. db2 connect to scr32
      3. db2 "DROP TABLESPACE TBSMCFG16KTS_TEMP"
      4. db2 disconnect scr32

  2. It is also recommended that you install this patch for the Cloud APM Server ksy service if it's not already installed:

    http://www.ibm.com/support/docview.wss?uid=swg24044625

  3. If the <apm-server-home>/ccm/version_product.properties file contains build=201707241336, this is the first Cloud APM server interim fix that you have installed, and you are not installing the interim fix in preparation for a disaster recovery restore operation then you may need to perform additional steps:

    1. If you created custom views that are associated with a navigator item in the Groups or Instances section of the Cloud APM console navigator then your custom views are not available after you install the server interim fix. After installing the Cloud APM server interim fix, you can recover the custom views by performing these steps:

      1. cd <apm-server-home>/wlp/usr/servers/uviews/utility
      2. ./rescueDashboards.sh

      Note: The rescueDashboards.sh moves any custom views that were associated with a navigator item in the Groups section or in the Instance section of the Cloud APM console navigator to the Custom Views tab of the application's node in the console navigator.

    2. If you installed the Cloud APM Base offering then the Cognos Reporting URL and Cognos Reporting Requires XSS Validation config fields will not appear on the Advanced Configuration page of the Cloud APM console after the interim fix is installed. Perform the following steps on the Cloud APM server to enable the display of the config properties:

      Note: if you customized the apmadmin password during the Cloud APM server installation, use the customized password in place of apmpass in the steps below.

      1. Enter the following command to get the current value of the Cognos Reporting Requires XSS Validation config property:
        curl -k -u smadmin:apmpass -X GET https://localhost:8091/1.0/monitoring/systemconfig/services/com.ibm.tivoli.ccm.apmui/configitem/tcrXssCheckingEnabled

        Note: The command returns a JSON string that looks similar to the one below but may have a different value for the value property if you had customized the config property on the Advanced Configuration page before applying the interim fix.

        {"duplicated":false,"uivisibility":false,"encrypted":false,"readonly":false,"datatype":"BOOLEAN","name":"tcrXssCheckingEnabled","value":false,"cfgrequired":false,"uiorder":20}

      2. Save the JSON string from the response and change "uivisibility":false to "uivisibility":true in the saved string

      3. Enter the following command to make the Cognos Reporting URL config property visible on the Advanced Configuration page:

        curl -k -u smadmin:apmpass -v -H "Content-Type: application/json" -X PUT -d 'JSON-string' https://localhost:8091/1.0/monitoring/systemconfig/services/com.ibm.tivoli.ccm.apmui/configitem/tcrXssCheckingEnabled

        where JSON-string should be replaced with the JSON string that was modified in the previous step. For example:

        curl -k -u smadmin:apmpass -v -H "Content-Type: application/json" -X PUT -d '{"duplicated":false,"uivisibility":true,"encrypted":false,"readonly":false,"datatype":"BOOLEAN","name":"tcrXssCheckingEnabled","value":false,"cfgrequired":false,"uiorder":20}' https://localhost:8091/1.0/monitoring/systemconfig/services/com.ibm.tivoli.ccm.apmui/configitem/tcrXssCheckingEnabled

      4. Enter the following command to get the current value of the Cognos Reporting URL config property:

        curl -k -u smadmin:apmpass -X GET https://localhost:8091/1.0/monitoring/systemconfig/services/com.ibm.tivoli.ccm.apmui/configitem/tcrReportsUrl

        The command returns a JSON string that looks similar to the one below but may have a different value for the value property if you had customized the config property before applying the interim fix:

        {"duplicated":false,"uivisibility":false,"encrypted":false,"readonly":false,"datatype":"STRING","name":"tcrReportsUrl","value":"","cfgrequired":false,"uiorder":10}

      5. Save the JSON string from the response and change "uivisibility":false to "uivisibility":true in the saved string.

      6. Enter the following command to make the Cognos Reporting Requires XSS Validation config property visible on the Advanced Configuration page:

        curl -k -u smadmin:apmpass -v -H "Content-Type: application/json" -X PUT -d 'JSON-string' https://localhost:8091/1.0/monitoring/systemconfig/services/com.ibm.tivoli.ccm.apmui/configitem/tcrReportsUrl

        where JSON-string should be replaced with the JSON string that was modified in the previous step. For example:

        curl -k -u smadmin:apmpass -v -H "Content-Type: application/json" -X PUT -d '{"duplicated":false,"uivisibility":true,"encrypted":false,"readonly":false,"datatype":"STRING","name":"tcrReportsUrl","value":"","cfgrequired":false,"uiorder":10}' https://localhost:8091/1.0/monitoring/systemconfig/services/com.ibm.tivoli.ccm.apmui/configitem/tcrReportsUrl

Troubleshooting installation problems from the Support site

For more detailed information, refer to the Troubleshooting and support Guide:
http://www.ibm.com/support/knowledgecenter/SSHLNR_8.1.4/com.ibm.pm.doc/install/trouble_intro.htm

Uninstalling if necessary

Files modified by the interim fix are backed up during the installation. If you encounter an issue with the interim fix and need to back it out then contact IBM support for assistance.

For detailed instructions to Uninstall the server, please refer to the IBM Cloud Application Performance Management guide, here:
http://www.ibm.com/support/knowledgecenter/SSHLNR_8.1.4/com.ibm.pm.doc/install/install_server_uninstall.htm

Additional information

The Secure Hash Algorithm 1 (SHA1) checksum of the image is as follows:
SHA1(8.1.4.0-IBM-APM-SERVER-IF0005.tar)= da53b9ee47a51ce64e97e5e959f9a782be8435e5

Image Contents
The following files implement this fix:
- 8.1.4.0-IBM-APM-SERVER-IF0005.readme.html - This README file
- 8.1.4.0-IBM-APM-SERVER-IF0005.tar - For extracting patch files use the tar utility

Extracting the above bundle (.tar) creates the following directory and patch files:

8.1.4.0-IBM-APM-SERVER-IF0005/
|-- apmpatch_functions
|-- apmpatch.sh
|-- msg
|-- nls_replace
|-- patches
|-- patch.properties

New Features

The following changes are included in IBM Cloud Application Performance Management 8.1.4.0 Interim Fix 5:

  • Defect fixes and other stability improvements
  • Enhancements for EIF slot customization and custom views.


List of fixes

The following problems are addressed by this interim fix.

APARs

  • IJ04710: Partitions in the datamart DB are not created if the delete partitions script performs a detach into the obsolete_data table when obsolete_data already exists
  • IJ05333: Role Based Access UI should not display My Transaction application since you cannot restrict access to that application
  • IJ05478: The string "script" is not accepted in the Threshold Manager UI Execute command field.
  • IJ05733: LTPA value in the user-exit.xml file is ignored
  • IJ05771: Fix server1 out of memory error for topology calculator handling of aggregate application topology objects
  • IJ05784: EIF slot customization of the msg slot is not performed correctly if the agent data set contains an attribute named msg or hostname.
  • IJ05948: Events are not displayed in the APM UI Events tab or forwarded to Netcool OMNIbus if an event larger than 1 MB is received from an agent
  • IJ06014: Non-ASCII characters are not accepted in the Threshold Manager EIF slot customization UI or in the Threshold description.
  • IJ06418: The browser tab to accept the certificate for port 8093 appears even if the certificate has already been accepted
  • IJ06430: APM server startup time is over 30 minutes if the LANG environment variable is not set to LANG=en_US.UTF-8

IBM Cloud Application Performance Management Server defects:

  • 51264: A copy of existing custom view is created when clicking the Save button in Edit mode
  • 51305: Fix issues for custom views metric element window
  • 51319: Not able to delete a custom view when editing custom views
  • 51326: Custom view grid chart image is displaying differently than other chart images
  • 124610: May see login page and then the "Invalid Context" message on a custom view pae if the Custom Views tab is selected after a period of inactivity on the Cloud APM console
  • 130397: Add less than and greater than options for the custom views Grid widget type
  • 131558: CURI data provider is comparing the absolute value for particular time parameter and ignoring the specified time zone
  • 131818: Request name column should be resizable for lightweight data collector and .Net agent diagnostics dashboards
  • 132815: Prevent users from deleting the apmadmin@us.ibm.com and apmadmin from roles using the RBAC UI or RBAC API for Cloud APM SaaS subscriptions
  • 132851: Change permissions of the RBAC policy files
  • 131858: There is a difference in which events are displayed in the Events tab depending on how you select an instance in the APM Console
  • 132103: Data provider error message is displayed when displaying event details on a mobile device
  • 132138: Threshold Manager API returns the wrong agent type for the _uiThresholdType property if the agent product code if K07
  • 132213: Reduce the uviews patch installation time
  • 132237: Support custom database names if the Cloud APM server has been installed and configured to use a remote Db2 server
  • 132253: Improve performance of duplicate managed system name checking
  • 132261: Address security vulnerabilities for custom view pages
  • 132286: com.ibm.tivoli.ccm.jmxthreshold property in the min/bootstrap.properties file is reset to 300 when applying a Cloud APM server interim fix
  • 132310: A threshold with a single condition that has a regular expression does not show up in resource group manager editor for default resource group
  • 132389: Online help cannot be displayed if the browser locale is set to Brazilian Portuguese
  • 132462: Data is not displayed for an application in the Response Time Monitoring agent reports if the application was deleted from the APM UI and then re-added.
  • 132485: Custom views online help updates to document less than and greater than options for the grid widget
  • 132502: Improve scr service stop handling if the database server has been down for several hours
  • 132528: Apply Liberty PI92494 APAR fix for a security vulnerability
  • 132638: Performance improvement to SCR queries to ensure that users see the correct number of components within applications.
  • 132688: Eliminate harmless GTMCL5205E error message from the server1/logs/messages.log files.
  • 132773: An error may occur when saving a resource group if Cloud APM 8.1.4.0 Server Interim Fix 4 is installed.
  • 132966: Resource group may not save if the resource group was created before upgrading from Cloud APM 8.1.3.0 to Cloud APM 8.1.4.0 and then interim fix 04 is applied.
  • 132974: Update the Custom Views online help with a note indicating that 'Interpolation' is not supported as the of Cloud APM Server 8.1.4.0 Interim Fix 05.
  • 133021: EIF slot customization UI should only support the Mapped Value Subtype when you select Number Type for the custom slot
  • 133104: Update Tree Table Widget to support both resizeable columns and row actions
  • 133142: Cannot save an EIF custom slot if the Multiplier field contains a fraction
  • 133196: apm command may not start a service if the apm start command is issued when the apm start cron is running
  • 133248: Transaction tracking events are not triggered after you run the db2_users_passwd.sh script, the Db2 server is remote, and you have a custom Db2 client install path.

Enhancements:

  • 130441: Allow multiple attributes to be mapped to the msg slot or custom slots in EIF Slot Customization dialog for the Threshold Manager UI
  • 132432: Add ability to filter data on custom views by selecting the start date and time and the end date and time

Superseded and/or included component patches from previous Performance Management server interim fixes:
  • amui-8.1.4.0.4 superseded by amui-8.1.4.0.5
  • apmui-8.1.4.0.4 superseded by apmui-8.1.4.0.5
  • ccm-scripts-8.1.4.0.4 superseded by ccm-scripts-8.1.4.0.5
  • ccs-8.1.4.0.4 superseded by ccs-8.1.4.0.5
  • datalayer-8.1.4.0.1 included from previous interim fix
  • dqe-1.2.0.8.1 superceded by dqe-1.2.0.8.2
  • dbutils-8.1.4.0.2 included from previous interim fix
  • ibmjava-8.1.4.0.3 included from previous interim fix
  • itmcdp-8.1.4.0.1 superceded by itmcdp-8.1.4.0.2
  • itportal-8.1.4.0.3 superceded by itportal-8.1.4.0.4
  • kafka-8.1.4.0.1 included from previous interim fix
  • liberty-17.0.0.2.1 superceded by liberty-17.0.0.2.2
  • min-8.1.4.0.3 superceded by min-8.1.4.0.4
  • oidc-8.1.4.0.2 included from previous interim fix
  • omnibus-8.1.4.0.1 included from previous interim fix
  • oslc-8.1.4.0.2 included from previous interim fix
  • rbac-8.1.4.0.1 superceded by rbac-8.1.4.0.2
  • scr-6.1.2.15.3 superceded by scr-6.1.2.15.4
  • synthetics_script_manager-01.00.05.02 included from previous interim fix
  • tt-8.1.4.0.3 included from previous interim fix
  • uviews-1.1.0.0.4 superseded by uviews-1.1.0.0.5

APARs and defects from superseded component patches and/or from component patches included in previous interim fixes:

  • IJ00525: Attribute details tab is showing data for the wrong agent if the page errors out before loading the requested data
  • IJ00816: User cannot access the Attribute Details page if their LDAP DN contains an apostrophe
  • IJ00903: Support disaster recovery for customers who installed IBM Cloud APM, Private part numbers CNLA6ML or CNL8JML
  • IJ01251: Subnodes are offline after an agent is restarted when there is an error when the APM server asks for the list of the agent's subnodes
  • IJ01484: Event status may be stale on the APM UI Events tab
  • IJ02251: Disaster recovery fails if the APM server locale is set to Italian
  • IJ02411: Disaster recovery fails if the APM server is using a non-English locale
  • IJ02492: WAS Agent Config UI page does not list the data collector version
  • IJ02666: Custom EIF slots are not sent to OMNIbus if you add custom EIF slots and do not customize the msg slot
  • IJ02849: SCR database table creation fails on remote DB2 server that is running RedHat 7.4
  • IJ03983: Unable to log into APM UI if the user's LDAP distinguished name contains an ampersand character
  • IJ04509: Undefined is displayed for the Threshold Manager UI dataset help text
  • IJ04619: set_metrics_retension.sh may fail if the Cloud APM server has been upgraded from version 8.1.3 to 8.1.4 and get_metrics_retention.sh is called with the -retention CURRENT option prior to setting the retention metrics.
  • IJ04990: Data provider error may occur after installing the Cloud APM 8.1.4.0 IF0003 server interim fix if custom UI root certificates does not have both of these properties: AuthorityKeyIdentifier and SubjectKeyIdentifier
  • IV91330: Deleted agents appear in APM UI as offline after the agent has been removed from the APM server tables if the agents provided transaction tracking data
  • IV98544: Disable usage of the JVM Shared Class Cache for the APM Liberty processes so that they will not crash if the cache becomes corrupted
  • IV98547: Events status is stale in the APMUI intermittently
  • IV98876: smapasswd.sh cannot reconfigure the oslc service if the CANDLEHOME environment variable is set to a path other than apm_server_home/oslc_pm
  • IV98921: User cannot access the Attribute Details page if their LDAP DN contains a comma
  • 48429: Do not prompt to overwrite a custom page if no changes were made
  • 49643: After exporting a graph to PDF, the graph is not displaying proper
  • 49644: Tooltips or values are not displayed when hovering over data points in line and area charts
  • 49785: A space character is added before file extension when creating the filename for exported raw data
  • 50169: Duplicate metrics appear in "Selected Metrics" list.
  • 50170: Option to add another metrics should not be available after selecting the grid chart type.
  • 50761: Custom view page name can be defined with special characters that are not supported
  • 50762: The tooltip text for the custom view page name does not display the name correctly when a space character is included in the name
  • 50810: Custom Views becoming unresponsive during or after running AppScan
  • 50868: Custom views widget title is not updated when you delete a Metric row on the Select Metric window.
  • 113421: Prevent Cross-Site Request Forgery in RBAC API
  • 117103: Invalid OS dashboard when drilling down from Tuxedo service dashboard
  • 122496: The disable all option is not working for the threshold enablement advanced configuration property
  • 122555: Custom views tab does not display area chart if the selected metrics have different time intervals
  • 122567: If an agent is removed from Cloud APM server tables after being offline for 4 days (the default) and later comes online then its permissions for My Components may not be correct
  • 122837: Fix screen resolution issues for graphs on the Custom Views tab
  • 122916: Updated CCS error handling to ensure threads that create/update private situation files do not stop running
  • 123072: When raw data is exported for a custom view, the file type should be .zip
  • 123295: After saving a custom view and clicking on the Back button, the text for the Save and Back buttons is not displayed correctly
  • 123423: Fix odd line connecting the last and first data points of a line graph on the Custom Views tab
  • 123549: Not all graphs appear when you export a PDF from the Custom Views tab if there are long legends
  • 123744: Need to click Application Performance dashboard link at least twice to see the dashboard page after the first login
  • 123747: Charts may be blank intermittently on the Custom Views tab when using Internet Explorer
  • 123773: The wrong view may be displayed when you select a favorite view on the Custom Views tab
  • 123801: Custom Views tab is missing toolbar and title and header information when displayed using Safari browser on a Mac
  • 123836: With Firefox browser version ESR 45, you cannot see the selected chart type when creating or editing custom views
  • 123840: Handle unreconciled database instances.
  • 123902: Custom views X and Y axis titles cannot have an unlimted character length
  • 124000: Add a space before the resource instance name in the message displayed when saving a custom view
  • 124057: Fix Authentication Bypass Using HTTP Verb Tampering vulnerabilities for the custom views tab
  • 124058: Fix a Blind SQL Injection vulnerability for the Custom Views tab
  • 124059: Fix a Missing Secure Attribute vulnerability for the Custom Views tab
  • 124117: No content is displayed when displaying Cloud APM console dashboard pages in Dashboard Application Services Hub
  • 124121: Prevent out of memory error in server1 if you create a custom view for a dataset that has a large quantity of data
  • 124130: Cannot open Advanced Configuration panel with IE browser
  • 124131: Prevent RBAC policies from being corrupted
  • 124396: Prevent deadlock issue for SCR database
  • 124400: Fix cross site scripting vulnerability for the Custom Views tab
  • 124401: Fix Microsoft Windows MHTML cross site scripting vulnerability for the Custom Views tab
  • 124402: The legend for a Custom views line graph does not display well if there are a large number of attributes in the graph
  • 124403: Improve the performance of displaying the template types for a new custom view
  • 124420: SCR threads may hang when the JDBC connection pool is exhausted
  • 124438: A blank page is displayed on the Custom Views tab when the user is not re-authenticated
  • 124543: Change way the threshold manager determines the group name so that the label is not used
  • 124548: Custom Views tab disappears if user selects a time range comparison
  • 124566: Improve response time of OSLC MOSWOS page while the oslc service is busy processing requests.
  • 124567: oslc service should batch delete requests to the scr service
  • 124616: Custom views tab displays blank page after clicking on a template if the system running the browser does not have Internet access
  • 124783: Fix Cross Site Scripting error in the Threshold Manager UI
  • 124784: Fix SQL injection issue for resource group manager UI
  • 124872: A user with no permissions to view applications and resources sees all resources in the My Components application
  • 124912: Hybrid Gateway Manager UI may hang when editing a profile
  • 124944: Custom Views metric attribute drop-down list is empty for SAP Instance and SAP System agents
  • 124995: Updates to create_security_artifacts.sh for using a private certificate authority
  • 125030: Agents visible to users who are not authorized to see them if the agent hostname is long
  • 125131: In 10K agent environment, APMUI status queries take ~10 seconds, causing high APMUI, server1 and db2 utilization
  • 125460: Updates to the min service JMX thresholds in the server_size.sh script
  • 125566: Add index to DataMart table for performance improvements
  • 125592: Add export to PDF option to Custom Views tab
  • 125681: Adjust the Liberty data collector Heap dump widget length
  • 125690: WAS agent sending AARS containing requestName and transactionName > 256 characters causes the MongoETL to crash and the DataMart ETL to fail
  • 125753: Fix accessibility issues for visually impaired users on the Custom Views tab
  • 125764: Resource Group API security Issue for SaaS - smadmin can be used externally to access the API for any subscription
  • 125796: Prevent Authentication Bypass using HTTP Verb Tampering vulnerability for custom view pages
  • 125797: Add Secure Attribute to Custom Views SSL cookie
  • 126025: Prevent the oslc service from having cores related to garbage collection
  • 126209: Global timestamp for an event should not be updated when the agent goes offline and back online
  • 126307: Events should not be un-suspended if the thrunode has changed for a subnode and agent offline events should be generated when subnodes go offline but the agent is still online
  • 126361: Update help for the SMTP advanced config properties
  • 126375: Uninstall.sh does not always uncatalog databases
  • 126707: Support DB2 10.5 FP9
  • 127045: After the APM server is upgraded from 8..1.3 to 8.1.4, the Hybrid Gateway cannot connect to the TEPS if the Hybrid Gateway is upgraded to 8.1.4 or a new Hybrid Gateway is connected to the APM server.
  • 127181: Support AARs sizes larger than 2MB for Synthetic transactions
  • 127182: Duplicate entries are added to the uviews/user-exit.xml after a restore if OIDC is disabled
  • 127210: The About page for the Cloud APM console indicates the offering type is IBM Monitoring instead of Cloud APM Base after an upgrade.
  • 127271: Online help updates
  • 127363: Prevent SCR Derby errors that occur when SaaS subscriptions are provisioned
  • 127378: Add additional SCR debug messages
  • 127380: Synthetic scripts are not removed from an application when you delete the script from the application.
  • 127394: Fix MongoDB queries that fail with Executor error: Overflow sort stage
  • 127604: The min service may experience an out of memory error when processing a SDA jar file from an updated agent
  • 128092: Cross-site scripting error in Hybrid Gateway Manager UI
  • 128211: Fix typo in OMNIbus probe itm_apm_event.rules file for the SourceType slot
  • 128233: Unresponsive script errors for a custom view that displays a high quantity of metric data
  • 128240: Error message box pops up when click the location on Synthetic transaction details page
  • 128252: Fix Cross-Site Scripting error in the Synthetics Script Manager UI
  • 128327: No data in graph for a custom view that displays a high quantity of metric data
  • 128442: Reorg tables and indexes for the SCR database
  • 128444: Hybrid Gateway profiles cannot be saved if apmui TAI traces are enabled
  • 128481: If an Agent Builder agent is upgraded or an agent patch is applied then an agent's summary group widget may not display data after a disaster recovery is performed.
  • 128488: server1 out of memory error may occur after a large number of Threshold Manager, RBAC, or Resource Group Manager API calls
  • 128540: The prefetch task of the min service may get restarted when there is a long DB2 database outage
  • 128656: Hybrid Gateway Manager UI page may not load
  • 128695: Group summary widget can display data after a disaster recovery if 8140 agent patches were applied or Agent Builder agents were updated when the APM 8.1.4.0 IF01 server patch was not applied
  • 128782: Include msgid and correlid transaction properties provided by the MQ and IIB agents and transaction id property provided by the DataPower agent in a transaction instance topology to identify the specific transaction instance details
  • 128789: Online help updates for the event status topic
  • 128898: APM UI may not load completely in Internet Explorer 11
  • 128931: The first time you select the Custom Views tab, you may see the message "This page can't be displayed" on Internet Explorer, "Content Encoding Error" on Firefox, or "The webpage at might be temporarily down" on Chrome
  • 129037: Aggregate transaction topology may not include an agent if the agent's resources were removed and re-added and the oslc service erroneously determines that the agent is no longer connected to the APM server
  • 129044: Update backup and restore scripts to return an error if a database cannot be backed up or restored
  • 129060: White space utilization issue on APM UI Events tab
  • 129096: The uviews.sh patch script needs to handle the case where SQL updates have already been applied/li>
  • 129121: Online help updates for the Permissions topic
  • 129126: Cannot delete custom resource groups from the UI
  • 129175: Cannot remove threshold to resource group association
  • 129268: Prevent out of memory errors in the min service when agents send a transaction name or request name longer than 256 characters
  • 129363: Stop logging the KASPR032E message over and over again in the oslc service message log file
  • 129432: The Custom Views filter selection drop-down list may not display all values for the selected metric
  • 129442: Fix Blind SQL Injection vulnerability for the Threshold Manager UI
  • 129462: Uplift to IBM Java 8.0.5.5 for security fixes
  • 129505: Add a 1x1 template to the Custom Views tab
  • 129530: Improve capability to select multiple attributes when creating or editing a custom view
  • 129581: Cross site scripting vulnerability for the Threshold Manager UI and fix for an out of memory error
  • 129603: The My Transactions application is missing from APMUI after restarting the APM server
  • 129669: Agents cannot be added to applications if their resource type is changed
  • 129707: Custom Views tab, exported PDF file, and exported raw data need improvements on displaying the date and time
  • 129719: Online help updates for the Custom Views tab
  • 129728: Provide the rescueDashboards.sh script to recover custom views that were created using the Cloud APm server 201707241336 build
  • 129740: msgID property is missing for a MQ node in the aggregate application topology for a MQ destination queue in remote queue manager
  • 129749: Database backup may fail if other applications connect to the database during the backup
  • 129761: Agent offline events for subnodes are not cleared when the agent is restarted
  • 129835: Fix cross-site request forgery for ccm/config/main/hybrid/gateway
  • 129904: Long metric names are truncated in the custom views editor
  • 129910: Improve the installation time of the uviews patch and eliminate the SQL error messages
  • 129933: Cannot use Threshold Manager UI or Resource Group Manager UI if the browser timezone locale contain a dash
  • 130176: The interim fix version number may be missing for subnode managed systems
  • 130196: Cross site scripting vulnerability can occur when deleting applications
  • 130218: Custom view tab may not work if there is no user activity on the tab for more than 30 minutes
  • 130220: Event status online help updates for the timestamp and global timestamp field descriptions
  • 130223: Change how the apmui service registers managed system attributes for resources so that unreconciliation can occur
  • 130264: Custom Views tab shows 'Invalid Context value' intermittently
  • 130265: Upper half of Custom Views page is blank after removing a chart from a custom view
  • 130268: Improve anomaly event description and provide link to Predictive Insights UI for an anomaly event
  • 130311: Custom view metric selection may not be available for an agent builder agent
  • 130333: Resource Group Manager UI hangs when editing a custom resource group if the internal group ID contains a dash character
  • 130386: Improve wording of Custom View page where you select the chart type
  • 130393: Improve the logic that displays a message if too many data points will be displayed for a custom view
  • 130395: Values selected in a custom views WHERE condition should be preserved if user adds or removes metrics for the view
  • 130396: Frequently used templates should be displayed first when creating a custom view
  • 130398: Support a space, dashes and underscroes in custom page names
  • 130401: Apply Liberty APAR PI94351 for Missing Secure Attribute in Encrypted Session (SSL) Cookie oidcclient/redirect/rpoed
  • 130404: Fix Cross-Site Request Forgery vulnerability for /com.ibm.smai.smccs.provider.proxy/rest/providers/itm.KD8/datasources/*
  • 130405: Fix Cross-Site Request Forgery vulnerability for /config/pageThresholdEditor.jsp and ThresholdManager.jsp
  • 130406: Cannot log into APM UI after a disaster recovery if the role admin user name contains a comma
  • 130454: Fix JavaScript Denial of Service for /datasets/sitdist/items
  • 130470: Request Response Time chart may display the Data Not Available message when it is first displayed
  • 130472: Fix security vulnerabilites for the Custom Views tab
  • 130479: Online help updates for URL filtering functionality for Availability Monitoring
  • 130485: Online help updates to the threshold formula description displayed on the Events tab
  • 130488: Application widget event counts and status are not updating
  • 130599: Advanced Config online help updates
  • 130612: Response Time agent event may not appear in the APM UI if the event fires before the agent is added to an application
  • 130621: More Custom views online help updates
  • 130646: Improve performance of SCR database updates
  • 130650: Change quiesce processing of the DB2 databases to temporarily revoke the DBADM privilege
  • 130651: Certificate files in Liberty backup directories should not be included when running backup.sh
  • 130704: Fix SQL Injection vulnerability using DECLARE, CAST and EXEC for /datasets/situation/items
  • 130710: If an agent is removed from Cloud APM server tables after being offline for 4 days (the default) and later comes online then it may be missing from the Aggregate Transaction Topology
  • 130734: Address Blind SQL Injection vulnerability for custom view requests
  • 130735: Address Missing Secure Attribute in Encrypted Session (SSL) Cookie for logged-in (Cookie) for custom view requests
  • 130736: Fix Missing Secure Attribute in Encrypted Session (SSL) Cookie for WAS_p909081250 cookie for custom view requests
  • 130812: Uplift GSKit to version 8.0.50.86 to address a security vulnerability
  • 130818: Backup or restore may fail if there are active database connections
  • 130854: Fix deadlock issue in the APM UI component
  • 130895: Subnode offline events may be closed when the min process is restarted even though the subnodes are still offline
  • 130945: Display the correct product name on the About page for the Cloud APM SaaS offerings
  • 130989: An error message may be displayed when a resource group is deleted even though the delete eventually succeeds
  • 130991: Timing issue where events may not be displayed in the APM UI if the events are received by the APM UI component before it is notified that the agent is online
  • 131009: GDPR fixes for the Synthetic Script Manager UI. Fix requires Synthetic Playback agent to be updated.
  • 131110: Metrics added in an agent patch or for an updated Agent Builder agent are not available when creating or editing custom views
  • 131154: Apply Liberty APAR PI88642 for a security vulnerability
  • 131174: backup.sh script may fail if -q inst option is specified
  • 131198: A user with permission to view an application and resource group sees more agents than they should in the My Components application
  • 131199: Improve processing of incoming events and agent offline events when the min process is started
  • 131247: If a transaction is running in public point of precense (POP) and testing an internal url which can not be accessed from public PoPs, the status should be Failed, but the APMUI dashboard may indicate the status is Good.
  • 131306: Update config variable to add KAL product code so that the agent resources can be added to an application
  • 131312: Improve performance of My Components when querying for list of agents to display
  • 131405: install_app_support.sh script fails if JAVA_HOME is not set in the environment or Java is not in the path
  • 131451: get_metrics_retention.sh and set_metrics_retention.sh use hardcoded database name
  • 131466: If threshold distributions are changed after a prolonged Db2 connection issue is resolved, the agents may not be notified of the distribution update
  • 131478: The rename.sh scripneeds updates for DB2 10.5 Fixpack 9
  • 131500: Update online help index for each language when a new agent type connects to the Cloud APM server
  • 131510: Add additional error handling to CCS for handling Db2 connection issues
  • 131538: Threshold Manager Data Source Type label change for new agent type
  • 131567: Events are sent to OMNIbus even if the threshold is configured to not forward events
  • 131593: Update Java to 8.0.5.10 for security vulnerability fixes
  • 131596: Update SCR patch check for local vs remote Db2 2 so that the SCR patch install does not fail if the tbsmdb directory exists for a Cloud APM server using a remote Db2 server
  • 131727: Fix null pointer exception for com.ibm.apmsaas.EnableSNPAggregation.process
  • 131836: Close and stop events are forwarded to OMNIbus even if the threshold is configured to not forward events
  • 131890: backup.sh fails if CANDLEHOME environment variable is set
  • 131901: Apply Liberty APAR PI94763 fix for security vulnerability and an additional fix in Apache Commons
  • 131913: Online help updates to list the new characters that can be included in the page name for a custom view
  • 131983: Online help updates to describe how to see new metrics for patched agents or agent builder agents when creating or modifying a custom view
  • 132163: Display status of Warning instead of Unknown after the agent has been deleted from the APM server tables but is still in an application
  • 131644: Add notification when EIF forwarding state is changed for a threshold
  • 132193: Cannot save or edit a customer vilew if you select an instance and select "*" in the condition
  • 132259: Restore.sh fails with error when updating the Java cacerts keystore if default UI certificates are used and root certificate serial number on the APM server does not match root certificate serial number in the backup file.


Document change history


Version Date Description of change
1.0 30 May 2018 Initial Version

Document information

More support for: IBM Application Performance Management

Reference #: 00003892

Modified date: 31 May 2018