APAR status
Closed as program error.
Error description
Client had been using Application Discovery 5.0.4.1 successfully, but began having trouble starting the Configuration Server services, and had other issues related to the fact that the disk drive where Application Discovery was installed had filled up. A remote machine on the network performing penetration testing was sending multiple messages per second to an application server on the Application Discovery machine, and those messages looked similar to this in the Application Discovery logs: DEBUG 2018-03-17 09:01:28,960 [NanoHttpd Request Processor (#526)] com.ibm.ez.ad.ws.HttpServer - Request uri: / TRACE 2018-03-17 09:01:28,960 [NanoHttpd Request Processor (#526)] com.ibm.ez.ad.ws.HttpServer - Request details: uri=/, headers={cookie=Q=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA etc. with many more "A" characters in each message. Note that the uri value is only "/" instead of an expected uri value.
Local fix
There are two properties which can be used to reduce the amount of space occupied by the log files (in the log4j.properties file for the component in question) to work around the issue of the disk space being filled by logging: log4j.appender.file.MaxBackupIndex - the maximum number of log files kept log4j.appender.file.MaxFileSize - the maximum size of a log file
Problem summary
There was an embedded instance of log4j.properties that was not intended to have logging set to a high level, and which was overriding the logging level set by the user in the log4j.properties available to the administrator.
Problem conclusion
The embedded log4j.properties file (that was overriding the user-accessible log4j.properties file) was removed so that the administrator-accessible log4j.properties file could now be used.
Temporary fix
To work around the problem of logging growing too large in 5.0.4.1 and earlier, there are two properties which can be used to reduce the amount of space occupied by the log files (in the administrator-accesible log4j.properties file for the component in question): log4j.appender.file.MaxBackupIndex - the maximum number of log files kept log4j.appender.file.MaxFileSize - the maximum size of a log file.
Comments
APAR Information
APAR number
PI95741
Reported component name
APPL DISCOVERY
Reported component ID
5737B1600
Reported release
504
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2018-03-26
Closed date
2018-03-26
Last modified date
2018-03-26
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Modules/Macros
log4j.pr
Fix information
Fixed component name
APPL DISCOVERY
Fixed component ID
5737B1600
Applicable component levels
[{"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSRR9Q","label":"IBM Application Discovery for IBM Z"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"504","Edition":"","Line of Business":{"code":"LOB35","label":"Mainframe SW"}}]
Document Information
Modified date:
26 March 2018