1. For Netcool Documentation click HERE

Frank Tate

We will be holding the ITM 6.1 for Implementers class at our Raleigh facility on these dates:
Feb.26-27
Mar.19-20
Apr.16-17
May 14-18

For more information, check IBM's education website.

Frank Tate

One of the known issues with ITM 6.1 universal agent is that in a multi-TEMS environment, UA will not work correctly because application support is installed only on one computer. This article lists two ways to resolve the issue.

Copy cat and atr files

The main problem with the UA in a multi-TEMS environment is that the application support files need to be copied from the RTEMS to the HUB TEMS manually. You could achieve this by manually copying xxxCAT00 and xxxATR00 files from your RTEMS to the hub tems. (xxx is the three character application name from your MDL).
This step might require a restart of Hub TEMS.

Re-connect your UA to Hub TEMS

This is a much easier method than manually copying files. Run "itmcmd config -A um" or MTEMS GUI to reconnect the Universal agent to the hub TEMS. Recycle UA. When the UA connects, it automatically populate the application support files on the TEMS, in this case hub. Don't forget to reconnect the UA back to the RTEMS once the application support files are installed.

Hope you find it useful.

Frank Tate

Sometimes you might want to monitor commands issued by various users for a potentially dangerous commands. This article gives you an idea about how to do this.

Use sudo

Sudo is the simplest choice for auditing the commands invoked as super user. It comes as a standard package on Unix/Linux and it provides standard logging into syslog. You could use a ITM universal agent file data provider or ITM Unix Log agent to monitor the log messages written by sudo. However one drawback of sudo is that it is difficult to setup an audit trail for users other than root.

Use command history files

This is a simplistic way but not a feasible solution at all. We could use the command history stored for each shell but users can easily disable history logging by switching to say Bourne Shell. Moreover, the history does not indicate when the command was invoked thus missing a crucial piece of information.

Use audit trail utilities

If you are looking for a basic security audit trail utility, you could use the psacct utility for logging the commands invoked by all users. It is very easy to setup and it provides commands such as "lastcomm" to display the list of commands invoked by a particular user along with the timestamps. You could run the lastcomm in your Universal Agent Script Data provider to monitor the commands invoked by a particular user. There are other commercial tools available as well and you may want to consider them if your budget allows.

Hope this gives you an idea.

Frank Tate

This was some good food for thought question posted by one Netcool List participant about a week ago. The answer to the question "What is a service?" often breeds interestingly varying answers. Some will even argue that the answer depends on who is asking, and it could also depend on who is answering! And moreover, how is it monitored?

Here's my $0.02 on the subject. Feel welcomed to chime in to share your wisdom...

ESMers (Enterprise Systems Management experts) are often charged with the responsibility of providing monitoring and availability information for services. But nowadays due to the influences of ITIL guidance and other best practices, it has become apparent to many, that it is probably insufficient to assume reporting the availability or status of a CI (Configuration Item) implies availability reporting on a service provided to a customer. In other words, when tasked with implementing a monitoring solution to provide availability and status information for a service, monitoring of ALL CIs critical to the usability of a service served to the end recipient MUST be considered.

An "IT service" can be defined as a specific output that provides customer value. It is a measurable product which is the basis for doing business with customer, and is deliverable through a series of interrelated processes, or activities, or both. It comprises of a group of related, CI delivered functionality required by a customer for business use. It is NOT available to a customer if the functions that customer requires at that particular location CANNOT be used. ESMers provide status and availability information to assist other IT personnel ensure the underpinning CIs for a given service are kept sufficient, reliable and properly maintained. They monitor a service, by monitoring in a correlated manner CIs that comprise an IT service. Internet, E-mail and Telephone are just a few examples of well known IT services that come to mind.

Since in general an IT service comprises only a limited number of CIs, monitoring and availability information should be focused on those CIs responsible for the service delivered to the customer, instead of everything in the environment has been traditionally.

Frank Tate

After installing and configuration Warehouse data collection, there is no data flowing into your database? This article explains how long you need to wait for data to appear.

If you have enabled historical data collection, give about 25 hours or longer before checking for the historical data in the warehouse database. No matter, how much you pound your tables and bang your keyboard, ITM seems to take little more than a day for data to appear.

Why does it take so long? There is a reason for that. In historical data collection, the last 24 hour of data is stored on the TEMA (if you configured to store the data on TEMA) and the first time the historical data collection start, the information will be stored at the TEMA for the first 24 hours and only on the 25th hour, the data will start flowing in.

This assumes that your warehouse data collection is set to every 1 hour. However, if your WPA data collection interval is set to 1 day, you might even wait longer times before you start seeing data.

Frank Tate

A product called NeuSecure, which was owned by a company called GuardedNet, was acquired by Micromuse when they bought GuardedNet in July 2005. Since the IBM acquisition of Micromuse later that year, IBM has released NeuSecure as Tivoli Security Operations Manager, or TSOM. In this article I'll cover some of the features in TSOM 3.1 and it's integration points.

TSOM provides a way for network operations folks to gather security threats from sources in the network, called "sensors", or network devices such as firewalls, Intrusion Detection systems, web servers, and present these threats based on threat level on a console. The product allows the use of watchlists to group events together, and has a number of handy console types, including an event console, and a "Powergrid" to visually manipulate events for quick analysis.

Events from the sensors can be acted on by stateful rules, alot of which are product provided, that can watch for a threat "signature" through correlation.

TSOM uses MySQL for it's event database, and offers an Oracle alternative to MySQL for the persistent database. TSOM supports a number of different firewall formats, and collects information from them using a number of different protocols, or "conduits", such as syslog, SNMP, SMTP, XML (custom events), eStreamer and Check Point FW-1.

Some features in TSOM 3.1:

Integration with TIM and TAM

Cisco SDEE support

Event import/export via SNMP

Ability to import vulnerability scans from a number of different scan products from an XML file

Ability to forward events to Netcool and Tivoli

More to come so stay tuned.

Frank Tate

This is the best place at ibm.com I have found for DB2 patches.

http://www-306.ibm.com/software/data/db2/udb/support/downloadv8.html

Frank Tate

Several people have requested information on how to run the Summarization and Pruning agent multiple times per day.

I have figured it out on Windows based SPA's. in the KSYENV file there is a section called schedule. This section has several lines including these:

KSY_HOUR_TO_RUN=
KSY_HOUR_AM_PM=

You can manipulate these times and then recycle the SPA to pick up the changes. Maybe you create some AT jobs or something like to copy different KSYENV files in place then recycle the agent.

I believe it is the same on Unix/Linux - but I have not looked or tested.

Frank Tate

The ITM TEP Browser client requires IBM Java 1.4.2; the TADDM console (aka CCMDB CDT console) requires IBM Java 1.5. However, I've found that something in the IBM Java 1.5 install completely inserts itself as THE plugin for Internet Explorer 7 (I haven't tested on 6.x), no matter what you do.

The effect this has is that the TEP Browser Client appears to work (you get a login dialog), but then you get a "Cannot connect to TEP server" error. I tried using the IBM Java Plugin control panel, the Java Web Start application, all Internet settings, and directly editing the registry in several ways, and cannot get IE to use the 1.4.2 version of the plugin after installing IBM Java 1.5 (Sun Java 1.5.0_10 installs just fine and doesn't cause any problems). So if you need to access both interfaces, the only way I've found is basically to create a VMWare image with the other IBM Java installed.

Frank Tate

As you may well know, Netcool like Tivoli is a very long listed suite of products. This doc provides a few links to resources you may find helpful in getting up to speed with some of the products included in the Netcool suite.

1. For Netcool Documentation click HERE

The above link also contains PDF formats of the documentation. The documentation includes amongst other things administration guides and user guides for products like Netcool/Omnibus, Netcool/Webtop, Flex License Manager, Netcool/Security Manager, Netcool GUI Foundation, Netcool/Precision IP, most is not all the probes, etc.

2. For Netcool User Group HERE

You'll find the folks here very helpful. And of course Gulf Breeze is always ready to help when the going gets rough.

3. For Netcool Certification HERE

The Tivoli Netcool Core V1.0 certification consists of three exams as shown on the page referenced by the above link. Though the certification lists Webtop V1.3.1, please note that the latest version is Webtop V2.0

4. From the Gulf Breeze Software Team

a. Netcool Overview for newbies

b. What's a Netcool Probe?

c. Netcool Precision and Omnibus Screenshots

d. Extracting Omnibus Events

e. NetCool License Server Installation Problems

f. UPDATED - Netview 7.1.5 vs PrecisionIP v3.6

g. January News Letter

h. Since so much of the above involves Java :- Facts about Java

...and much more to come. Watch this space...

Hope the above provides some direction on delving into Tivoli Netcool and getting some hands-on experience ;-).

Frank Tate

Many people are under the impression that since during ITM 6.1 installs you are asked for an encryption key that encryption is turned on. Nothing is further from the truth.

The only time encryption is turned on is when the IP.SPIPE protocol is enabled between two components. So if I use IP.SPIPE between my HUB and Remote TEMS, that communications is encrypted. However, if I use IP.PIPE between my agents the Remote TEMS - that data is not encrypted - begging the question: What's the point of using encryption is one place but not another.

Does that mean that the encryption key is never used, nope. Apparently the keys do get exchanged internally, but no one can tell me exactly how, when or why.

If you are going to use encryption, IP.SPIPE, use it on everything (TEPS, HUB, Remote, Agents) otherwise there is a gaping hole in your security.

Also, beware that we have seen 20 - 25% performance hits when enabling IP.SPIPE because of the extra encryption overhead.

Frank Tate

Here are some more links on the Year 2007 Daylight Savings Time information. What a SNAFU...

http://www.microsoft.com/windows/timezone/dst2007.mspx

http://www-1.ibm.com/support/docview.wss?rs=56&context=SSEPDU&q1=daylight+saving+time&uid=swg21248542

Frank Tate

Since many of you have never seen Netcool/Omnibus or Netcool/Precision. I have put some screen shots into a PDF for you to take a look at.

Download Here

Frank Tate

Just observed this small weird behavior after upgrading to ITM fixpack 4. As you know, the SOAP Server is disabled on RTEMS for Unix/Linux platforms to improve the stability from fixpack 3 onwards. However, this has an interesting side effect. Read on.

Viewing depot contents

When SOAP was enabled on RTEMS, you could directly logon to the RTEMS using tacmd login and view the contents of depot using "tacmd viewdepot" command. I remember back in Fixpack 1 level, you don't even have to authenticate to view the depot contents. However, now you need to authenticate before you can view the depot contents. After Fixpack 3, you can't logon to the RTEMS using "tacmd login". So, how do you view the depot contents?

The answer is logon to the HUB TEMS and use the "-j" switch to the tacmd viewdepot command along with the name of the RTEMS. For example, if you have a HTEMS named tivoli1_HUB and a RTEMS named tivoli2_REMOTE, to view the depot contents, issue the following command.
$ tacmd login -s tivoli1 -u sysadmin -p 'blah' $ tacmd viewdepot -j tivoli2_REMOTE
Hope you find it useful.

Frank Tate

Omnibus uses a memory resident database to store events in. This database is accessible via an API that you can pass SQL statements.

Here are some of the basic SQL statements to get you started.

select * from alerts.table;
select Node, Tally, Summary from alerts.table;
describe alerts.table;

Look for ITM and TEC integration information for Netcool OMNIBus coming in the next month.

Frank Tate

I know, it sounds like the title of some email that your spam killer dropped before getting to your inbox, but as corny as it sounds there are ways to customize ITM to better suite the user's needs. One of these ways is by using links in your TEP workspaces. In this article I'll demystify links and discuss their use.

There are two types of links in ITM 6 - simple and advanced.

Simple Link
Basically an HTML link from one workspace to another. Click the link in a source workspace and it takes you to a target workspace. The navigator basically does the same thing, only with simple links, you can link charts, navigator items, tables and graphical icons to a specific workspace that you create.

Advanced Link
This is the same as a simple link, only it allows you to pass data through from the target workspace to the source workspace through something called a link symbol. A link symbol is like a variable or place holder that you create, and data gets passed into it from the source workspace.

Uses
From your graphical view, you could have a representation of your company by application, for example, and create links on each application icon that takes the user to a more detailed workspace for each application.

From a multi-result row query from a UA, you could create advanced links to pass the data returned by the UA you wrote to a target workspace you create, and have the target workspace filter on that data only. You can get even more creative and manipulate the data being passed dynamically.

Advanced links can minimize the number of workspaces you need to create by making them more dynamic. So it's more than just a fancy term.

Frank Tate

One of my customers, who shall remain nameless for now, has a support contract with Gulf Breeze Software to maintain and monitor their Tivoli Infrastructure. This encompasses everything from User Admin, TDW reporting, remote monitoring of the ITM 6.1 and TEC infrastructure, custom situations and patch deployment.

We use site to site VPN from our data center to maintain a constant network connection that allows remote monitoring and administration of the ITM and TEC infrastructure

I am excited because over the last 3 months, we have achieved 99.998% uptime/availability of the monitoring infrastructure. This is equivalent to 51 seconds of unplanned outages over 3 months. People always want to know, what is availability?

Here is my definition - ITM 6.1 is available IF:

1) I can login to the TEP
and
2) I can view realtime data from an agent on a remote tems
and
3) I can view historical data from the TDW
and
4) TEC has processed a heartbeat event in a specified time frame
and
5) I can successfully access the Universal Message Console on the HUB TEMS.

If I can do all of these - then ITM is ready for business.

While ITM 6.1 has some issues to overcome, the overall code is proving to be stable. Most of the procedures used are located on this web site in the BLOG, however every situation (no pun intended) has its own issues and will require experienced individuals to implement a solution correctly and quickly.

Items such as the TEC Heartbeat, TDW Last Write UA and the SOAP server are all actively being used to achieve our high availability numbers.

If anyone is interested in service contracts from Gulf Breeze Software - contact Tony Delgross at tony.delgross@gulfsoft.com

Frank Tate

It's been a long time since we had a newsletter, but we've made up for it with the Blog articles. So here is a collection of our best articles in a nice newsletter.

Happy New Year.

Our newsletter can be downloaded here....

Frank Tate

So what is this Netcool thing people are talking about in the office? What does it do? Why is it so great? Why should I care? Read on for an overview of Netcool that will help answer these questions..

Micromuse

Netcool was formerly owned by Micromuse, who was aquired by IBM in February of last year. The Netcool product suite is now under the IBM umbrella of enterprise monitoring tools.

Netcool

Netcool is a term that stands for multiple products, or components, that make up the total Netcool product suite.

Probes

Probes are executables that are designed to collect event data from a specific source, like email or a database, and apply any rule logic defined to the event data before forwarding an alert to the ObjectServer event bus.

Omnibus

Omnibus contains the event console, called an event list, and the event bus called the ObjectServer. Most components, but not all, connect to the ObjectServer to get event data from the bus.

License Server

License Server listens on a port for license validation requests from most Netcool products, otherwise the products will not function. Licensing is strictly controlled in this way.

Security Manager

Security Manager provides integration with LDAP (e.g. Active Directory, OpenLDAP, etc.), NIS, or you can use you ObjectServer for authentication. Security Manager provides authentication for other Netcool products like Impact, Precision, Webtop, and RAD.

GUI Foundation Server

This server provides the web framework for Netcool products like Precision, Webtop and RAD. It provides single-signon authentication by connecting to Security Manager, and routes license requests from these products to the License Server

Precision IP

Precision provides network monitoring in Netcool. Precision will perform network discovery (both layer 2 and 3 for routers and switches) and handles SNMP (supports v3). Precision provides multiple products inside of it, among them Topoviz, which manages the network topology in a mySQL database, and Webtop for web access.

Impact

Impact provides the ability to connect to a data source, like a database, and enrich an exsting event on the bus with additional information, and then publish it back to the bus.

Stay tuned for further details..

Frank Tate

So what is thing in netcool they call a probe? It has nothing to do with the X-Files or a trip to the proctologist. Probes can be equivalent to monitors, they collect data - apply some logic and then forward events to Omnibus. They can also do no monitoring at all. they can be used to integrate products like TEC with Omnibus and Impact. Omnibus is an event subsystem that receives alerts/events from various source - we will talk about that in a later article

Typically, probe has a "props" or properties file that tells the probe where to connect, how often to do something, any specific user id's and various other parameters. There are also "rules" files, these files let you apply logic to the data you collect.

The number of probes available from IBM/Netcool is incredible, everything from a pring probe that simply pings hostnames/ip addresses to an ODBC probe that remotely connects to compliant databases and extracts data and then you can apply rules to the data. You also have the ability to write your own probes.

Frank Tate

My lab setup consists of several virtual machines and two physical systems, one running Linux and one running Windows XP. To distribute the load I need to shift these virtual machines from one system to another and I needed a common filesystem that can be natively accessed by both Windows and Linux. FAT filesystem is good for smaller and insecure filesystems, but its disadvantages far outweigh the benefits. Surprisingly, NTFS seems to be better bet for sharing filesystems across Linux and Windows. Here is a brief information on how to share NTFS filesystems in Linux

Download, compile and install NTFS driver and FUSE

There are quite a few NTFS drivers are available for Linux. But some of them offer only read capability. The best NTFS driver I found was ntfs-3g. It supports both NTFS read and write and worked flawlessly.

You can download and install NTFS-3g driver from here. The installation instructions are available at the website as well.

One quick note: ntfs-3g requires FUSE (File System in User Space). You will have to insert fuse module by running "/sbin/modprobe fuse" after the successful installation of fuse. (and everytime after boot! so better put it in a rc script).

Make entries in /etc/fstab.

I have an external USB NTFS hard drive and the /etc/fstab entry for that is given below.
/dev/sda1 /media/Vmware ntfs-3g silent,users,sync,umask=0,locale=en_US.utf8,no_def_opts,allow_other 0 0

Mount your NTFS filesystem

Now, you can mount the NTFS filesystem using mount command. If it is already mounted as read-only due to USB auto-detection, you can unmount and remount it. My mount shell script looks like below.
sudo umount /dev/sda2 sudo /sbin/modprobe fuse sudo mount /dev/sda1
That is it. Hope you find this useful.

Performance
Overall, the ntfs-3g performance was excellent. I was able to share the NTFS hard drive using Samba. However under extremely heavy load, the NTFS driver eats lot of CPU and during these times performance was poor. Having said that, ntfs-3g should be able to meet your day-to-day NTFS needs in Linux without any problems.

Frank Tate

What's the difference between the two products? A lot. Let's start with the names. Netview is the product that we have used on Unix and Intel platforms for many years. PrecisionIP is a Netcool product that will, in time, replace Netview.

Netview 7.1.5 is a decimal release upgrade to our old Netview. Support has been added for duplicate IP addresses, SNMP v2/v3 support, layer 2 support (with implementation of Switch Analyzer). The product NO LONGER requires Framework for installation, can still be integrated with it.

PrecisionIP has duplicate IP address support, full SNMP v2/v3 support, layer 2 and 3 support built-in, MPLS & ATM protocol support and the root cause analysis is superb. Precision is not Framework based, but does rely on the Omnibus and License Manager and Security Manager. PrecisionIP can also utilize the web based interface called WebTOP '?a much improved way to view and work over the Netview GUI.

Netview is still a simple product to get out and installed quickly and get good functionality. PrecisionIP is a little more intense to install and configure, but the capabilities and capacity far outwiegh Netview.

Frank Tate

So, let's the year off right - here is our first NetCool article.

The License Server is a key component of the NetCool infrastructure that manages the number of users/clients that are allowed to communicate with the server components of NetCool. This is a big change from traditional Tivoli that do not do any license enforcement.

The problem with the License Server is on Windows 2003. Windows 2003 has Data Execution Prevention turned on by default and gets in the way of the "lmtools" application along with a couple other programs..

Everytime I added an exception to the list, I got another pop-up saying that Data Execution Prevetion prevented another NetCool application from running. So I figured out how to turn off Data Execution Prevention completely.

You must first change the attributes of the boot.ini file so it is not Read Only. Then edit the boot.ini file and make it look kind of like this one...

[operating systems]
multi(0)disk(0)rdisk(0)partition(1)WINDOWS="Microsoft Windows 2003 Server" /FASTDETECT /NOEXECUTE=ALWAYSOFF

Adding the /NOEXECUTE=ALWAYSOFF will disable data execution prevention system wide.

This has proven to be very handy...

Frank Tate

Sometime back, I wrote an article about various Tivoli Provisioning Manager products and their functionality. However, that was not enough. Now there is another product called Tivoli Provisioning Manager for OS Deployment Embedded Edition and there seems to be some confusion about what it does and the manuals do not seem to address this question. This article addresses the difference between TPMfOSD and TPMfOSD Emebedded Edition.

A little history

TPM for OS Deployment product line is based on the acquisition of Rembo Technology. And Rembo had two products, viz. Rembo Auto-Deploy and Rembo-Toolkit. IBM rebranded them as TPM for OS Deployment and TPM for OS Deployment Embedded Edition respectively.

Auto-Deploy and Toolkit

Auto-Deploy is a complete product that provides easy to use functionality. It has a graphical user interface to perform all the OS management functions interactively.

Rembo Toolkit is meant for power users. It has APIs that will let you do OS management programatically and customize it suit your environment. Toolkit does not have any GUI. The Rembo toolkit aka TPM for OSD Embedded Edition is now installed as a component of Tivoli Provisioning Manager to natively perform OS management functions.

To sum up, to perform stand-alone OS management via GUI, use TPM for OS Deployment. If you are a power-user and want to perform stand-alone OS management programatically, use TPM for OS Deployment Embedded Edition. If you want to use OS management with in TPM, go with Tivoli Provisioning Manager (TPM).

Hope this clarifies.

Here is an interesting thread that discuss more about Auto-Deploy and Toolkit.

Frank Tate

In JDBC configurations for WPA, you have to specify the port that DB2 is listening on. I usually look for /etc/services or try one of 50000/50001 and it usually works. In SUSE Linux, both the solutions did not work and there was another process (Multithreaded routing toolkit aka mrt) was listening on port 50000.

So how do we find out the DB2 port in a reliable way? Read on...

Step 1: Set the DB2 environment.
$ . \db2inst1/sqllib/db2profile

Frank Tate

So I just got done installing Fix Pack 4 on a Red Hat 4 server and thought I would share some my experiences.

My first comment is - WOW!!!

The installation has been totally rewritten to look like an ITM installation, on Linux I simply ran ./install.sh. The installer found my existing agents and told me it had to shut them down - how polite is that...

My patch proceed by asking me what I wanted to do - install products locally or install to a depot. Yes - the depot management has changed too. I upgraded my depot through the install.sh script - I didn't have to do anything un-natural. Surprised? I was.

I selected to install products locally and it present me with a list upgrade options - Server Support, Agent, Browser Agent, etc... I went through each selection and chose to upgrade all components. The Linux OS agent is still at version 6.1.3 (FP3) so upgrading the OS agent on Linux does not give you anything.

After the install routines completed, it restarted my agents. This is where I noticed my first problem. My agents did not show online after the agent restart. I waited 15 minutes, went and got a drink and they still did not show online. So, I manually restarted the agents one at a time. They came back in as new agents. So, under my Linux server I had one Linux OS agent OFFLINE and one Linux OS agent ONLINE. This also repeated on my Unix Log and Universal agents. I'm still investigating this and trying to recreate it.

I did run ./itmcmd support -t hub_name pc (where pc is the product code for each agent). This completed successfully. It was not clear, if this step was required or if it was covered in the install routine - since there was not error stating the product support was all ready installed, I have to assume this process is required. In all, I ran the command on these product codes, um - ux - lz - nt - a4 - sy and tm.

Everything else seems to be working, I still have all my TEP workspaces and my Data Warehouse is still populating and summarizing. I did notice that the TEC GUI Integration software has been updated - that's great since it adds the ability to link to Situation Event results from the TEP.

One of the major enhancements I was expecting was the use of Embedded Websphere on the TEP server. I don't see anything new on my TEPS in terms of processes or look and feel. I'm a little disappointed - but I'll live. There were supposed to be enhancements to the Take Action function too - but if there is, it's transparent.

I will post more information when I have time, I will be upgrading a Windows 2003 HUB and TEP soon too - I will post that separately.

Frank Tate

ITM Fixpack 04 was released last week and the readme document contains detailed information about its features. But, for those who are short in time in this holiday season, we will give you a quick overview of its features.

New way to install fixpacks

Seems like the itmpatch command is gone for the good. The new way to install fixpack is similar to the initial ITM installation (install.sh or setup.exe) and you can upgrade multiple components with single invocation of installer.

Vmware & Windows Vista & DB2 9.1 support

Fixpack 04 added support for Windows 2003 on VMware ESX Server as the "tier1" platform. In addition, portal client is now officially supported on Windows Vista platforms.

Also, DB2 UDB 9.1 is now officially supported for TEPS and Warehouse.

Minor improvements WPA & Portal

Trailing whitespace characters in WPA are now removed. This might seem trivial but depending upon the amount of data collected in the history tables, this might save some significant space on your harddisk.

Also, there are some "cosmetic" improvements to Topology views to format its appearance.

Fixes

There were plenty of fixes addressed in this release. If you have stability issues with ITM 6.1, this fixpack is definitely worth taking a look. And since, there are not many new features introduced in this fixpack, I would hazard a guess that the upgrade will NOT be that exciting :-)

Wish list

As you can see, the big blue Santa did not bring out support for Oracle or Solaris fully yet. I remember seeing somewhere that Oracle support will be added either at FP04 or 6.2, but can't remember which one.

Featurewise, this is a "lameduck" fixpack waiting for 6.2 release. But if IBM's idea is to introduce new features in one fixpack (e.g. FP03) and address stability issues on the other (e.g. FP04), I really like the idea as it would provide customers with a stable ITM environment.

If you are still at Fixpack 02 or lower, you must upgrade to this release so you are not left behind too far and also to gain all the nice features that FP03 introduced. Also, if your environment is having stability issues, this fixpack is definitely worth taking a look.

Frank Tate

Do you need access to the latest real-time data for an agent? It is a reasonable requirement. For example, you may want to find out the latest diskusage for an NT managed system in your automation scripts before deploying an application. This article explains how to fetch such a real-time data from ITM.

To fetch real-time data, all you have to do is to use a simple CT_Get SOAP call. For example, if you want to fetch a Disk related attributes for an Windows OS agent, the following SOAP call will do.
<CT_Get><userid>sysadmin</userid><password></password><object>NT_Logical_Disk</object><target>Primary:MYHOST:NT</target></CT_Get>
This will fetch the real time data from the OS agent running on MYHOST.

Remember the above query gets all the information for NT_Logical_Disk attribute group,not just disk usage and it is your responsibility to filter out what you need.

The attributes fetched during the above SOAP calls are,

Avg_Disk_msRead

Disk_BytesSec

Disk_Name

Disk_Queue_Length

Disk_Read_BytesSec

Disk_Read_Time

Disk_ReadsSec

Disk_Time

Disk_TransfersSec

Disk_Write_BytesSec

Disk_Write_Time

Disk_WritesSec

Free

Free_Megabytes

Total_Size

Used

Of course, if you're not a fan of XML parsing and want to issue the above SOAP call from your scripts, you could use gbscmd to fetch the information.

gbscmd CT_Get --server --object NT_Logical_Disk --target Primary:MYHOST:NT

Hope you find this information useful.

Frank Tate

This was finally released out on OPAL.

It's a java utility that converts a MIB to both an mdl and trapcnfg file. We tested the utility today and used it to create trapcnfg entries for a Compaq MIB. To test, we used Trap Console (www.cscare.com) to send mock traps to it and it works like a charm.

You can also use the mdl it creates for MIB data collection. For example monitoring Compaq drive status by polling the SNMP agent. Read on for details..

Here is the syntax of the utility:

java -jar MibUtility.jar -d directory [-a] {[-b batchFile] | [-m moduleName -r regpointName]}

Here is how we used it during testing:

java -jar MibUtility.jar -d c:\testmib -m CPQHOST-MIB -r cpqHoComponent

The traps will show up in TEPS under SNMP-MANAGER TRAP workspace.

From there you can write a situation to monitor the contents of the trap.

See this previous article for help with using the mdl for MIB data collection.

Frank Tate

UA Versioning is a great concept to provide automatic versioning, but its implementation is not great. For example, if you want to turn off versioning, you won't be able to. Also, if you make some modifications to MDLs, the application version changes and all the situations and rules may need to be rewritten for the new version. True, um_cleanup provides a way to reset the version numbers but it is an all or nothing approach. i.e. it can reset the version numbers of all applications or nothing at all.

This article comes up with a modified version of um_cleanup called um_cleanup_app that provides a way to reset the version number for a specific application. Let us say, after successful testing of the UM MDL, your application version is at 03. Now, you can run um_cleanup_app using the following procedure, re-import the MDL and it will reset the version back to 00.

Disclaimer: Honestly I have not had a chance to test this in diverse environments. This was tested in my test lab, so your mileage may vary. There may be other side-effects of this script that we don't know at this time. Always use it with caution. Please understand that this modified tool is not supported by IBM or GulfBreeze.

About um_cleanup_app

You can download um_cleanup_app from here. There are two files in the zip, one for Unix/Linux platforms (um_cleanup_app) and one for Windows platforms (um_cleanup_app.bat). The syntax of these modified scripts is similar to the regular um_cleanup except that it accepts an extra argument, which is the name of the application that is specified in the //APPL statement of UA MDL (case sensitive).

For example, here is the syntax for um_cleanup_app to run on TEMS servers to cleanup the application "WinSample"
$ ./um_cleanup_app $CANDLEHOME li6243 REM_OPENESM01 CMS WinSample

And here is the syntax for um_cleanup_app.bat that cleans up the same application on Windows Universal Agent
C:\>um_cleanup_app.bat %CANDLEHOME% UA WinSample

Steps to clear the UA Version for an application

To reset the UA Version for a particular application, follow the procedure given below.

1. Delete the MDL using kumpcon/um_console.
2. Clear the offline entries for the application.
3. Stop universal agent.
4. Run um_cleanup_app.bat/um_cleanup_app.sh on Universal agent host and TEMS servers according to your platforms.
5. Start Universal agent.
6. Reimport the MDL

Now check to make sure that newly imported MDL has version 00 at the end.

Hope you like it. Again, the tool can be downloaded from here.

Frank Tate

One of the installation differences between ITM 6.1 TEMA installation and the Tivoli Endpoint installation is that ITM 6.1 does NOT provide a separate installation image for TEMA installation. So, if you want to install a particular TEMA, you need to copy the whole ITM installation image, which is huge (520 megs) and not practical to do it. At GulfBreeze, we have come up with a simple tool to extract only the required files from the installation image and wrap them in a tar file. This article discusses more about this tool.

How do I extract only the required files from ITM install image?

We have a simple script and associated config file to do this. Just click here to download this tool and transfer it to a Unix/Linux host. Sorry, it won't work on Windows because there is no standard archiving tool available in Windows.

To extract the required files for NT OS agent, execute the following command from the root of ITM install image. This will create a tar file named, NT.tar in the TARGET_DIR location specified in the config file.

$ \/projects/itm61/bin/gbsagentext.pl NT

Frank Tate

Even though creating a big metafile has its own disadvantages due to version changes, there may be few instances where you will end up with a big metafile if a particular application has lot of "static" monitoring needs. For example, SNMP DP Universal agent may have one attribute group for each SNMP TRAP and some of them might have hundreds of traps. In these cases, you might approach the ITM default limit for maximum attribute groups per metafile (application). This article talks about this issue and a way to get around it.

What is the maximum number of attribute groups per metafile?

It is 64.

What if I have more than 64 attribute groups per metafile?

Use the KUMA_MAX_ATTRGROUPS_PER_APPL variable in um.ini file to override it. For example, setting KUMA_MAX_ATTRGROUPS_PER_APPL=128 will increase the limit to 128. You need to restart the Universal agent after setting this environment variable.

Hope you find it useful.

Frank Tate

TPMfS has now been released on Partner World!

This entry is to provide you a write up on my experiences so far with the beta.

TPM (Tivoli Provisioning Manager) 5.1 is the next evolution to TCM (Tivoli Configuration Manager). TPMfS provides the ability to connect TCM into TPM, which will allow for the management of both environments from TPM.

So what's the big change? Well, pretty much everything!

Here is a quick summary of some of the features.

Web Based Front-end
There is a usable web based front-end, that has easy flow in a task oriented design. I have found it fairly easy to navigate to the various tasks that are required to perform.

Profile Managers
There are no Profile Managers anymore, they are now called groups. These groups can be defined as static or dynamic. The dynamic groups are determined by a report that is re-executed when a group is accessed.

Inventory
Inventory is now known as Discovery. This provides the same functionality as InventoryConfig profiles and much more. Discovery also provides a facility to discover new devices (computers, switches, routers) using many different methods such as SMB (for Windows), SSH, SNMP, MSAD, CCMDB and more.

Reports
Reports replace the Query Libraries with many pre-built web based reports. These reports can be exported to PDF, XML and CSV formats. The reports can also be sorted by columns and the columns can even be re-arranged. New reports are easily created by following a 4 step wizard that generates a SQL based query that is executed against the TPM database. This is the one thing that Tivoli has really lacked from the beginning. It has had excellent data in the inventory database, but getting that data was next to impossible.

Software Packages
About the only thing that is event the same is that Software Packages built in TCM can be used in TPM. This is good news for everyone that has spent lots of time developing Software Packages.

Framework
Much like Tivoli Monitoring, this new product does not require Framework to be installed to be able to use the product. TPM for Software is designed to connect to the old TCM environment with endpoints and the new TPM environment with TCAs (Tivoli Common Agents)

Installation
TPMfS was relatively painless to install. You will require two computers to install the product. One server is the Topology Installer and the other will be your TPM server. The Topology Installer is a server that contains all the product images that are required to install TPMfS. From this computer you will remotely install the various components for TPMfS. This installer will take care of installing everything that is required for TPMfS to function. This includes: DB2, Websphere and Tivoli Directory Server (if MSAD is not available). Once the TPMfS server is up, you can then perform the Discovery of computers and install the TCA (but not on the TPMfS server).

TCM Connection
This was the part I really wanted to see work, as this is the most important part of TPMfS for people that are currently on TCM. In order to prepare your TCM environment, you have to be at 4.2.3 FP02 with IF0001 installed (I see that there is IF002 now out also, not sure about the requirements for that one). Once everything was patched up I executed the TCM replication and IT WORKED! Imagine my surprise when I saw my TMR, MN/GWs, endpoints, SoftwarePackages, InventoryConfigs in TPMfS.

Ok, so now everything was in, does it actually work you ask. Yes it does, I was able to send an InventoryConfig profile to both Endpoints and TCAs from the same task and the data was returned. Same thing with SoftwarePackages. Very cool!

Pros and Cons
During this install and test of TPMfS, it was very interesting to see all the new features and functions that are available. The question now is, what was good and bad about TPMfS? Remember, these opinions are based on my testing with the beta 2 product, so they could change. This is also done on a all Windows environment.

Pros
1) I really think that Tivoli is nailing the market with this one. They have provided a really good front end to a really good back end. They have had a really good back end in the TCM environment, but the front end was always, shall we say lacking.
2) The reports are very good. The canned ones will not provide all the features you need, but it is very easy to create new ones and customize existing.
3) Discovery is a really nice feature. In the TCM/FW environment, is was always hard to find when new computers/devices come online. Now with all the various ways of discovering devices, it is much easier to know what is in the environment
4) Compliance checking is a new feature that has many checks that can be done against a system to see if it meets compliance configurations. For example (these exist already):
- see if the screen saver is enabled and set to a period of time to activate
- check if the system has an antivirus product installed (Symantec, Mcafee, Trend Micro)
5) If found that the product demos and locally stored Info Center where very useful. TCM did have help files, but they were hard to get at and for the most part were stored in MAN pages. For the average 'user'of TPMfS, this will be very welcome.

Cons
1) TCA install is currently limited to install only through the TPMfS server. I have not heard of any way to manually install the TCA on a system. Hopefully this will be addressed somehow
2) The TCA is a Java based client. This can be a pro or a con, depending on your point of view. I personally do not like it as it always seems to make the client fatter on the disk and memory
3) The TCA client takes about 200MB of disk space. Part of this is because the JRE is installed and that is 95MB by itself.
4) Once loaded into memory, the java process takes about 35MB of real and 35MB of virtual memory. I found that once I did any action, this would jump to about 100MB of real and 100MB virtual. Also once the job was done, the memory usage did not drop.
5) I found that the CLI is somewhat lacking from what we were used to in TCM/FW. For anyone familiar with ITM, you now use mostly SOAP calls to do anything. Good/bad, you be the judge.

Conclusion
I would have to say that I am pretty satisfied with where Tivoli has gone with this product. My only caveat on that statement is that I have not tested this in a large environment, so it will be interesting to see how it really performs under load. This would be similar to ITM 6.1. We saw that in a smaller environment, this product was very cool. That is until you really got to the larger environments and saw the headaches people where having (a lot of this has been addressed since GA).

Now would I put this product in full production? Well not yet, but from what I have seen I think that it would be good to get this into the test lab soon so that you can get the feel for the new way of doing things. I would say that full production is still a couple months away just so some bugs can be worked out in people's test environments. A caveat on this statement is that this is the TPMfS with integration for TCM. Since TPMfS is just a subset of TPM 5.1 and TPM 5.1 has been out there since the end of June, if you are not planning on connecting to TCM, then get going!

Please feel free to ask any questions about comments made above or anything else you want to ask. We will do our best to get you the answer, even if we have to work 24 hours a day 7 days a week. Oh hang on, we already do that ;)

Here are some previous write-ups on TPM 5.1
Tivoli Provisioning Manager V5.1 - Product Overview
Articles on TPM 5.1: Workstation Discovery Process
Articles on TPM 5.1: Installing Tivoli Common Agent
Articles on TPM 5.1: Executing inventory scans

And if you don't mind, please complete our polls on TPM
GBS Polls

Martin Carnegie

Frank Tate

Here is a simple EIB query that will list situations along with situation description text. You can execute the query using gbscmd. Hope you find it useful.

If you have security disabled
gbscmd executesql --server ddcaptiv01 --sql "SELECT SITNAME, TEXT FROM O4SRV.TSITDESC" --table O4SRV.UTCTIME

If you have security enabled
gbscmd executesql --server ddcaptiv01 --user --password --sql "SELECT SITNAME, TEXT FROM O4SRV.TSITDESC" --table O4SRV.UTCTIME

Related Info

To learn more about gbscmd, please checkout the following article.

gbscmd v2.1

Frank Tate

Microsoft, after a long time, released its newest browser, Internet Explorer 7.0. At GulfBreeze, we tested this new browser for TEPS compatibility and here are our test results.

Does TEPS work with IE 7.0?

Yes, TEPS Client works fine with IE 7.0.

Does IBM support it?

It is a tricky question! We have not found any communique indicating the new browser is supported. And, the Installation Guide says only "Internet Explorer 6" is supported. (Remember the Installation Guide is about an year old). So, if you ask a lawyer or a language police, he/she would probably say that it is NOT supported. Check with your IBM representative on this!

Is there anything I have to do after IE upgrade?

It is recommended that you clear the JRE Cache after the IE upgrade so that new applet will get downloaded. To do this goto Control Panel -> Java Plug In, click on the Cache tab, click Clear and click Apply.

Is there any side effect of upgrading to IE 7.0?

Well, it is working fine in our test environment without any issues. However, there are couple of minor side effects that you should be aware of. One, the viewing area of IE 7.0 is vastly greater than that of IE 6.0. This will slightly affect the way your workspace display in the browser and if you are a finicky person, you may have to re-align your workspaces for IE 7.0.

How about memory?

Based on our unscientific tests, we found that IE 7.0 takes slightly more memory than IE 6.0. Again there were several factors that could have influenced this and not necessarily IE 7.0 itself, but when we observed the memory usage while bringing up the portal, it was 203 Megabytes for IE 6 while IE 7.0 consumed about 214.8 Megabytes.

Hope you find this useful.

Frank Tate

Recent ITM 6.1 enhancements provide mechanisms for exporting TEP workspaces from one TEP to another but no way to migrate situation associations without doing a full export of the TEPS database. Read on to find out how situations are associated to TEP navigator items and how to export the associations and import them into a different TEP server.

Unlike situation definitions which are stored in the TEMS EIB database, the associations to navigator items are stored in the TEPS database in the KFWTMPLSIT table. This table is composed of three columns NAME, TEMPLATE, STATE, and TYPE. As you have may have already guessed, the NAME column is the situation name. The TEMPLATE column is the navigator entry where a situation is associated. This value is an internal identifier, not the actual text a person sees in the TEP display. The STATE column is the severity (Critical, Warning, or Informational) of the association. The TYPE column is a numeric value. Associations manually configured from the TEP always seem to have a 0 for the TYPE column. Situations added by product support seem to have a TYPE of 256 and a form of pattern matching fro the NAME. An example of this is the row:
'*Critical' 'KFW_ENTERPRISE' 'Critical' 256
This seems to imply that any situation ending with '*Critical' will be associated at the Enterprise level but this is not the case as you can create a situation ending in Critical but you will not see it unless you associate it.

To do an association using SQL you simply shut down the TEPS, issue the SQL inserts and the restart the TEPS. For example this is how you would associate the MS_Offline situation with the Enterprise navigator item:
INSERT INTO KFWTMPLSIT (NAME,TEMPLATE,STATE,TYPE) VALUES ('MS_Offline','KFW_ENTERPRISE','Critical',0);

Until the mappings of the template values to navigator items is better understood it will probably be safer to create the associations in a development environment then export them as SQL and run the SQL to import them in a production TEPS.

Another table that is modified when a situation is associated in the TEP is the KFWTMPL table. This table appears to contain information about navigator items and when an association is done, the LSTDATE is changed to the ITM timestamp of the time the association was set. It does not appear to be necessary to modify rows in this table when applying associations using SQL.

Here is a simple perl script that will export associations by generating SQL insert statements that you can redirect to a file and then use the file to import the associations.

This is the usage text:
This script is provided as is with no warranty expressed or implied.
The export and import of ITM 6.1 situation associations is undocumented and
unsupported. Use at your own risk...

migrate_sit.pl export [-r REGEX]
Export sitiation associations to STDOUT
-r REGEX
Only export situation with names that match REGEX

migrate_sit.pl import SQL_EXPORT_FILE
Import situation associations from SQL_EXPORT_FILE

migrate_sit.pl -h
Prints this help text.

Notes:
Run on the TEPS host.
Ensure that the KfwSQLClient executable is the PATH and the environment is
setup to allow the KfwSQLClient program to execute.

On Linux source the pathsetup.sh file and add the locations of the files
libjsig.so and libjvm.so to LD_LIBRARY_PATH
Example:
. $CANDLEHOME/li6243/cq/bin/pathsetup.sh
LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$CANDLEHOME/JRE/li6243/bin
LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$CANDLEHOME/JRE/li6243/bin/classic

To use this script to export the MS_Offline associated situation simply call it in this manor:
On source TEPS
./migrate_sit.pl export -r MS >/tmp/test.sql

On destination TEPS, copy the test.sql file and call
./migrate_sit.pl import /tmp/test.sql

The script has been tested on Windows and Linux, but I expect it to work on AIX. I can not stress enough that this method is not supported..

Frank Tate

Universal agents works great when you have fewer systems deploy to. But if you have more than a handful of systems, it is very tedious to log on to each system, bring up universal message console and import the MDLs. However, ITM provides couple of ways to import the MDLs remotely and this article discusses those methods.

From Universal Message Console (KUMPCON)

To remotely import the MDL from Universal Message Console (KUMPCON), you should first transfer the MDL to the remote system. Then, use the SET command in the console, to point it to remote host. After running SET command, you should be able to import the MDL using the import command. Please note that if you are importing using validate command, the file should be present on the local filesystem as well.
um_console set import example.mdl
From TEPS Portal Client

Another easy way is to use the TEPS portal server to remotely import the MDL. All you have to do is to transfer the MDL to the remote system, right click the UAGENT node -> Take Action -> Select/Edit -> Control Import. If you had already imported the metafile before, you will have to choose Control Refresh instead of Control Import. It will throw a little popup to enter the metafile name, enter the full path or relative path to the //um/metafiles directory, make sure that the correct target system is selected for import and click OK. That's it!

I hope this makes it little easier for you to import MDLs on multiple systems.

Frank Tate

Hopefully you all are aware of the upcoming changes to Daylight Saving Time in 2007 and you have already begun the process of researching and testing appropriate fixes for your environment. If you haven't heard about the 2007 DST changes, here's a short recap:

In 2005 the Energy Policy Act was signed into law extending Daylight Saving Time in the United States. Starting in 2007 Daylight Saving Time will begin on the second Sunday in March (instead of the first Sunday in April) and ends on the first Sunday in November (instead of the last Sunday in October).

Here are a couple of links for more information and the history of DST:
Infoplease: DST
History of DST

The change to 2007's DST start and end times affects all systems that rely on time zone-based date and time functions. Which means that you will need to update or apply fixes/workarounds to everything from operating systems, applications and databases to Palm and Blackberry devices and of course IBM products and the Java Runtime Environment (JRE).

IBM has already released fixes for AIX, DB2, WAS and numerous Tivoli and Netcool products with more to follow. If you haven't already started, make sure you keep checking the IBM Support site and all of your product vendor sites for new fixes and announcements as they become available.

Here is a good starting point that includes links to fixes for OS's, JREs and ITM5.1.x:
Daylight Saving Time Info for IBM Tivoli Monitoring

Good Luck!

UPDATE: IBM Support site has recently posted a page specifically to get the current status of fix availability for the 2007 DST changes across their entire product line.
http://www.ibm.com/support/alerts/daylightsavingstimealert.html

Frank Tate

Seems Microsoft has finally come to terms with getting rid of the OLD DOS command shell. From the little I have seen thus far, the Windows PowerShell brings significant power to Windows system management over poor old DOS scripting.
The introduction of the $ character to prefix variables in PowerShell scripting is great as it fits nicely into my Perl world...And there are many other NIX like capabilities built into the "new kid". The .Net environment is also extensively leveraged by the new shell.

Below are links to the "horse's mouth" on PowerShell for those who haven't yet heard of the new command shell on the block...You be the judge.

Scripting with Windows PowerShell:
http://www.microsoft.com/technet/scriptcenter/hubs/msh.mspx

Windows PowerShell in action:
http://www.microsoft.com/technet/scriptcenter/topics/winpsh/payette3.mspx

How to get Windows PowerShell:
http://www.microsoft.com/technet/scriptcenter/topics/msh/download.mspx

Enjoy

Frank Tate

Those who have read Dan Brown's Digital Fortress or studied Plato will easily recall that Latin phrase, who will guard the guardians? You can very well ask the question to a Tivoli pro too. Who will monitor the monitoring application? In Tivoli world, the answer is the monitoring application itself with the aid of Operating system and other Tivoli tools. This article describes some of the self-monitoring ideas in a Tivoli environment.

Situations and views to monitor TEMS and agents

You can create custom SQL queries and workspaces to monitor the availablity of TEMS and TEPS servers. There is an excellent OPAL solution describing how to create such queries and views to monitor the performance and availability of ITM services. THe solution also talks about how to setup situations to monitor the TDW database. Click here to go to OPAL site

Remote restart of TEMS and agents

To enable self-monitoring, you should be able to stop/start services remotely from command line.One of the drawbacks of ITM is the lack of remote restart mechanism. Even though there are few hacks to remotely execute commands by using a fake tacmd addsystem command, a standard remote restart mechanism is yet to be available in ITM and is expected in the upcoming major release ITM 6.2. To remotely restart TEMS/agents, you have to rely on other Tivoli products such as Framework or tools such as Windows SC command or Sysinternals.com pstools. If you have Tivoli Framework, you can write tasks to restart TEMS/agents and use TEC rules to restart them when they go offline.

Monitoring HTEMS

Monitoring HTEMS is slightly different. If the HTEMS goes down, the monitoring mechanism also goes down with it unless you have a hot-standby setup. If you have hot-standby setup, then you could setup situations to alert and take actions to bring up the HTEMS. If you don't have hot-standby setup, then you have to develop a custom solution using a TEC heartbeat or a scheduled job to bring the primary HTEMS back up.

Monitor other Tivoli applications

Since other Tivoli applications such as Framework, TEC and Software Distribution are key to the functioning of monitoring environment, these applications should be monitored very closely within ITM. We have already published a few blog articles on how to monitor TEC and Software Distribution and the links are given below.

1. IV Blankenship's TEC Workspaces in ITM
2. MDist2 Customization in ITM

These are some of the starting points to implement a reliable self-monitoring solution. Do you have more ideas? Please feel free to talk back.

Frank Tate

Hi

When I try to export workspace using the following commands:
tacmd login -s itm
tacmd exportWorkspaces 's itm 't klz knt

I encounter the following error:
Oct 18, 2006 12:47:29 PM com.ibm.tivoli.itm.workspace.cli.WorkspaceImportExportCLI run
SEVERE: Unhandled exception caught
java.lang.NoClassDefFoundError: candle/fw/model/RequestContext
at com.ibm.tivoli.itm.workspace.cli.WorkspaceImportExportCLI.validateTepsUserCredentials(WorkspaceImportExportCLI.java:2688)
at com.ibm.tivoli.itm.workspace.cli.WorkspaceImportExportCLI.run(WorkspaceImportExportCLI.java:454)
at com.ibm.tivoli.itm.workspace.cli.WorkspaceImportExportCLI.main(WorkspaceImportExportCLI.java:211)

Has anybody encounter the above problem?

Alexis

Frank Tate

We have 1 Main TEPS and another Backup TEPS with 3 read only TEP enviroment in our environment.

TEPS Master - Read Only TEP --Read Only TEP
|
TEPS Fail over.

Any idea how to synchronise between TEPS.

Mostly we will do the changes in the MASTER TEPS and we want a method so that all the TEPS will have the same data at any point of time.

Need your help.

Frank Tate

One of the best features of the Tivoli Enterprise Console is the ability to create custom Prolog predicates that are callable from within event processing rules. The Prolog source can be loaded into the TEC environment using either the consult/* built-in or the user_predicates file in TEC_TEMPLATES. The tricky part is verifying that your custom Prolog actually compiles and loads when TEC start, as the only indication you get is things break...

Here is a mechanism to test and alert if a Prolog source file in TEC_TEMPLATES does not load.

Refer to the Rule Builder's Guide for instructions of implementing your custom Prolog from the TEC_TEMPLATES directory. This article will assume that you already have created your source files and have a valid TEC_TEMPLATES/user_predicates file.

The compile and load process does funny things to your Prolog source. When a rule base is loaded, the files are copied to $DBDIR/tec/rb_dir and the compile process seems to translate the Prolog source file into FILENAME.rls.pro so we will have to take this into account when we check to see if the file is loaded.

In BIM Prolog you can check if a Prolog file has been loaded using the current_file/1 built-in. If the argument to current_file/1 is a free variable then the predicate will backtrack and provide a list of every file that is loaded in the environment. If you use a ground variable then the predicate will only succeed if the specified file is loaded.

So to check the files loaded from TEC_TEMPLATES we will have to give the full path and tack on the .rls.pro to end of the file name. Here is a simple reception action to perform the checks and generate an event when a file is not loaded.

reception_action:check_custom_predicate_load: ( _templates_dir = '$DBDIR/tec/rb_dir/TEC_TEMPLATES', re_user_predicates(_file), sprintf(_path,'%s/%s.rls.pro',[_templates_dir,_file]), not(current_file(_path)), sprintf(_msg, 'User predicate file TEC_TEMPLATES/%s was not loaded.', [_file]), generate_event('TEC_Error',[ hostname=_hostname, severity='CRITICAL', source='TEC', msg=_msg]) )

The same basic method can be used to check any consulted Prolog file, but you will have explicitly check each file you tried to consult.

Frank Tate

Since Tivoli is writing more and more applications in Java, I thought I would put together some tips to help Java novices understand some of concepts used in Java programming.

What is Java?

Technically speaking, Java is a high-level, object-oriented programming language. To write a Java program, you need to create a file with a name like MyFirstProgram.java. The contents of that file would need to have the following lines at a minimum:public class MyFirstProgram { static public main() { System.out.println("Hello World"); }}You would then need to compile the program, which requires the Java Software Development Kit (aka JDK or SDK). Most Tivoli installs only include the Java Runtime Environment (JRE), which does NOT include the javac Java compiler. But once you download the JDK , you can compile your program with a command similar to:C:\jdk1.5_06\bin\javac MyFirstProgram.javaIf all went well, the above command will produce no output (no news is good news in this case). You then need to run your program, which could be done with the command:C:\jdk1.5_06\bin\java -cp . MyFirstProgramAnd this would produce the output:

Hello World

OK, I can recognize some fairly familiar syntax in that program, but how did you know about "System.out.println"?

Well, when learning Java, you must first learn the syntax of the language (where the curly braces go, how to define variables, etc.), AND you've got to get familiar with some number of the objects provided by Java and the methods they support. This information is available in the SDK documentation, available from Sun at:http://java.sun.com/j2se/1.5.0/docs/ - for 1.5http://java.sun.com/j2se/1.4.2/docs/ - for 1.4.2Click on the link titled "Java 2 Platform API Specification" for information about all of the classes (i.e. types of bjects) available to you as a programmer. If you look in the lower left frame and scroll down, you will see a class named "System". You'll see that class cannot be instantiated, but you can access it directly using the class name, "System", or "java.lang.System" if you want to be complete about it. You'll see that it has a "field", i.e. attribute, named "out", which is an object of type "PrintStream" that represents standard output. If you click on the datatype of that attribute ("PrintStream"), you'll see all of the methods supported by that object. One of those methods is named "println" and accepts a single parameter of type String. If you click on that method, you will get a description of it.So as a Java programmer, you need to get familiar with *some number* of the classes provided within the Application Programming Interface (API) so that you will more quickly be able to figure out which objects you need to use to accomplish a particular task.For example, if you want to create a Java application that connects to an HTTP server, you would create an instance of the java.net.URL class and invoke the getContent() method on that object. How did I know that? By reading through the SDK API documentation. There are probably other ways to accomplish this same task, but this is the one I came up with by simply reading through the API trying to find an object that works the way I need it to work.

What's the deal with Java, Java2, Java2SE, J2EE, etc.?

Java is the name of the language, which, at its core, hasn't really changed appreciably since its introduction. The name Java2 was introduced with Java 1.2 (the last version before Java2 was 1.1.8), and it basically refers to any Java runtime version greater than 1.2. The versions and names get really weird at this point, however. For example, the package whose ZIP file is named jdk1.5_06.ZIP is known as "Java 2 Platform Standard Edition 5.0" (release 6). So version 1.5 is advertised as "5.0". Yep, confusing as anything, so here's my tip:If you're discussing features in different versions, use the actual version number that is returned when you run the command:

java -version

That'll keep you safe.Java2EE stands for "Enterprise Edition", and is basically a specification for the services and capabilities that must be provided by any application server (like WAS, Tomcat, JBoss, etc.) that will be labelled "J2EE Compliant". From a practical standpoint, this means that you would never be writing a J2EE standalone application - for that you would use J2SE (standard edition). Any J2EE application you write will be running inside an application server.

What do I need to know about JSPs, Servlets, EJBs, etc.?

Well, those are all part of the J2EE specification. So if you're writing a standalone app (like the MyFirstProgram above, or like the TEP desktop client), you don't have to worry about them at all!However, if your application is a web-based application that will be running inside WAS or another app server, you're interested in them. Specifically:JSP stands for Java Server Pages, and a .JSP file contains both HTML and Java code, where the Java code is compiled and interpreted by the app server (WAS). This basically allows a Java developer to easily insert Java code into web pages to perform operations (like accessing a backend database, etc.).A Servlet is a Java class that implements the HttpServlet interface, meaning that it implements the doGet() and doPost() methods to return HTML to the browser. The main difference between JSP and a servlet is that the developer never has to directly compile the JSP - the app server does that on her behalf - whereas a servlet is written as a .JAVA file and must be compiled by the developer.JSPs and servlets are both short-lived, in that they are accessed/invoked when a user access that resource, but then they go away.An Enterprise Java Bean is a Java class that will be instantiated by the application server and in general remain in memory for a "long" time. An EJB performs several functions, such as persistence and access control, among others.

Aren't you tired of typing all this in?

Yes I am, so I'll leave it here for now. There are resources all over the web, but one that I really like is http://en.wikipedia.org. While their information on individuals may get tainted from time to time, their technical information seems to be spot-on :)

Frank Tate

Gulf Breeze Software will be returning to the Tivoli Technical User Conference this year in San Francisco from May 7 - 10 2007. Stop by and see us, more details will follow as the time approaches.

We have been in front of Tivoli change in the past and continue to be at the forefront of delivering the best services with the best people in the industry.

Frank Tate

justin_eagleson

Frank Tate

0

Frank Tate

With ITCAMfRTT 6.1, the Apache Tomcat application server is now supported, though getting through the installation and instrumentation of it can be a little painful. This article describes some of the gotchas involved.

I recently installed ITCAMfRTT 6.1 and instrumented the Tomcat application server on a Windows 2000 box and came across some gotchas that I wanted to pass along:

1. You CANNOT instrument a Tomcat instance that was installed with the Windows installer (apache-tomcat-x.y.z.EXE). This is because this installer does not put down the main file expected by the ITCAM Tomcat component - catalina.bat. To get this file installed with Tomcat, you must unzip the contents of the apache-tomcat-x.y.z.ZIP file. Using this ZIP file means that you don't get a Windows service definition for Tomcat, so you have to start it manually using ...\bin\startup.bat and ...\bin\shutdown.bat. However, after you instrument Tomcat, you may not be able to start it, which leads us to the next gotcha ...

2. The default install directory for the ITCAM Management Agent (C:\Progra\1\IBM\itcam\RTT\MA) is too long if you're going to deploy the ITCAM Tomcat component to the MA. Specifically, if you accept this default path, when you try to start Tomcat after deploying the ITCAM Tomcat component, you'll get an error stating "The command syntax is incorrect" and "Line too long".

Frank Tate

This is a continuation of a look into TPM 5.1 covering the inventory and reporting features.

This article expands on the previous articles that covered the Discovery Process and the install of the Tivoli Common Agent. With a computer discovered and the agent installed, it is now possible to execute the inventory scan. Click here to access the PDF

Credits

These TPM blogs articles are created with the help of Venkat Saranathan. Together we will dive into the world of TPM and try to clear some of the confusion about the TPM family of products. Interested in learning TPM along with us? Stay tuned for our future blog articles on TPM. Are you planning to upgrade from ITCM to TPM anytime soon? Please feel free to talk back.

Thanks
Martin Carnegie and Venkat Saranathan

Frank Tate

Well here is nothing to do with Tivoli :)

For those of you that use OpenOffice like myself and others I know, the one feature that has always bugged me that was missing from Calc that was in Excel was the Text to Columns

I recently came across a macro that was created to provide this function. You can download it from: SourceForge

It is pretty easy to install.
1) download the zip file to your computer
2) Open Calc
3) Go to Tools|Package Manager
4) Press the Add button and browse to the zip file and press the Ok button
You might need to restart Calc

To use, just select the columns and use Tools|Add-ons|Text to Columns. This will start the Text to Columns wizard that is much like the one from Excel.

Enjoy!

Thursday, March 13, 2008

1. For Netcool Documentation click HERE

2. For Netcool User Group HERE

3. For Netcool Certification HERE

4. From the Gulf Breeze Software Team

a. Netcool Overview for newbies

b. What's a Netcool Probe?

c. Netcool Precision and Omnibus Screenshots

d. Extracting Omnibus Events

e. NetCool License Server Installation Problems

f. UPDATED - Netview 7.1.5 vs PrecisionIP v3.6

g. January News Letter

h. Since so much of the above involves Java :- Facts about Java

...and much more to come. Watch this space...

Wednesday, March 12, 2008

What is Java?

OK, I can recognize some fairly familiar syntax in that program, but how did you know about "System.out.println"?

What's the deal with Java, Java2, Java2SE, J2EE, etc.?

What do I need to know about JSPs, Servlets, EJBs, etc.?

Aren't you tired of typing all this in?

Contact Form

Labels

Blog Archive

Most Popular