AIOps & Management

 View Only

Monitoring Academy ITM Nuggets: ITM 6.3 Fix Pack 7

By IMWUC Community Team posted Fri September 01, 2017 06:06 AM


By Mark Leftwich

ITM 6.3 Fix Pack 7 has been released!  Is time to plan that upgrade, to get all the new features and fixes. Here is all the info you need to download, review and plan you next upgrade, happy downloading! LIVE and direct Download links, APAR and packages all listed below!

All of the links in the below tables are live. They will take you directly to the download location of the package you require, or the IBM official technote for one of the APARs included in this fix pack (if you wish to know more about the APAR).

Fix Pack 7 Readme:

IBM Tivoli Monitoring Version 6.3.0 Fix Pack 7 README.html|View Details

What Each Package Contains

NOTE: All of the APAR hyper links are in the process of being published as I type and all will be alive be release date. If anyone needs a specific APAR information before the link is live, post a message below and I will obtain the data for you.


Product/Component Name


File Name

IBM Tivoli Monitoring Base

64-bit Windows

IBM Tivoli Monitoring Base

32-bit Windows

IBM Tivoli Monitoring Base



IBM Tivoli Monitoring Base

64-bit Linux(R) on AMD64 and Intel(R) EMT systems


IBM Tivoli Monitoring Base

32-bit Linux(R) on AMD and Intel(R) systems


IBM Tivoli Monitoring Base

Linux(R) on System z


IBM Tivoli Monitoring Base Agents



IBM Tivoli Monitoring Tools



IBM Tivoli Monitoring Agent Reports



IBM Tivoli Monitoring Tivoli Performance Analyzer Reports and Domain Definitions




List of APARs and Fixes included in the fix pack

Full list of APARs in Readme


Command Line Interface APARs


HUB monitoring server may crash during shutdown if monitoring server SOAP service did not complete start-up. The HUB monitoring server does not shutdown gracefully and just hangs. This affects the FTO environment. Since the HUB is not shutting down gracefully, agents and RTEMS are not switching to other FTO HUB.



When using tacmd createsit to clone another situation, the values of the MAP tags are not preserved.



The maximum timeout that an administrator can specify with the "-t" option in the "tacmd login" command may be too high for some customer security policies. This APAR introduces the possibility to reduce the maximum timeout to only 15 minutes in a centralized way. 



The tacmd commands getfile, putfile and executecommand need to log their actions into the TEMS audit log file. Specifically the following info will be logged when this APAR is applied: 
username, executed command, result, source and target servers.



tacmd commands that manage the situations are not processing all the situations after the upgrade of the ITCAM agent affinities. With the ITCAM Agent for WebSphere Applications installed, there are error on the tacmd commands that work with the situations. In particular with the situations that has affinity like &IBM.CAM7_WAS or &IBM.CAM_WAS, issuing any of the following commands return error on the situation definintion:
tacmd bulkimportsit
tacmd bulkexportsit
tacmd listsit
tacmd createsit
tacmd editsit
tacmd viewsit
tacmd deletesit



Running the "tacmd viewuser" CLI command returns a java.lang.NullPointerException 
./tacmd viewuser -i



On AIX, when the ue(tacmd) and portal server component are installed in the same CANDLE_HOME, the TACMD EXPORTWORKSPACES command does not search in local portal server directories where are stored JAR resource files. This issue causes a memory leak on local or remote HUB TEMS server because of the continuous requests from TACMD client to the TEMS HTTP SERVER on port 1920 to get these JAR resource files instead of having these JAR resource files locally stored just one time. The command TACMD EXPORTWORKSPACES itself completes successfully because the JAR resource files are always retrieved from the cache if they are not available locally on the system from which TACMD EXPORTWORKSPACES command is issued.



When using tacmd executecommand with a command longer more than 64 characters or tacmd getfile and tacmd putfile with a source or target file longer more than 64 characters, the command crashes.



IBM Tivoli Enterprise Monitoring Installation APARs


For remote deploy update agent, additional disk space is required in CANDLEHOME. The Monitoring Agent for UNIX OS prereq check configuration file needs to be updated to more accurately reflect actual disk space requirements. 



When configuring the Portal Server as a non-root user while it is running, the following message is incorrectly displayed:



The OS agent will not connect using IP.SPIPE after running "SetPerm -a" or "secureMain lock" on HP-UX. IP.SPIPE or any ssl based protocol is not initialized on HP-UX when the agent binary is owned by root with the SUID bit turned on and the agent is launched from a non-root ID.



IV65616 added RHEL7 support for regular components in That APAR neglected to cover System Monitor Agents (SMA).



For a pristine install, if the installation image does not contain the file kcirunas.cfg, the install process ends with the message " failure". There is no indication as to the nature of the failure.



Performing monitoring server seeding on a Remote monitoring server causes the SQL to be processed at the HUB monitoring server instead, restarting the MS_OFFLINE situation causing new alerts for numerous known off-line systems.



On some Windows machines, the installer goes into an endless loop reading dummy_files_list.txt. The operating system fails to signal end of file while the installer is reading dummy_files_list.txt. This causes the installer to continually read without ever stopping. Eventually, the install log is filled to capacity and the install process is aborted, or the customer cancels the install.



For some locales that do not recognize daylight saving time, the reported current time in the KinCInfo header may be off by one hour. Locale developed time is performed by an IBM Tivoli Monitoring call to NLS code which may fail for locales that do not recognize daylight saving time.



The Java Attach API is a mechanism provided by the Java Runtime Environment (JRE). It is designed to allow applications to connect to a running Java Virtual Machine (JVM). The interface is described here:



Windows OS Agent (KNT) does not start after upgrade to 6.3.0 FP5. File PSAPI.DLL in the Windows directory, the ITMHOME\InstallITM, ITMHOME\CMS, and ITMHOME\TMAITM6 directories is not compatible with Windows 2008 and above.



On Windows, the IBM Tivoli Monitoring (ITM) installer updates the PATH value to include ITM directories. Before doing so, ITM computes the maximum PATH length and aborts the install if the updated PATH will be more than Microsoft supports. When this happens, ITM displays a popup with the following message:



Tivoli Enterprise Monitoring Server queries for CT_Affinity using product code returns incomplete list of affinities. This can result in various tacmd commands to not process correctly, for example tacmd listsit or tacmd bulkexportsit are not listing/exporting all defined situations for some product codes.



The customer's security policy requires that the Tivoli Monitoring server / AIX password encryption algorithm be changeable from 'crypt' to 'sha256' for user validation at the Tivoli Monitoring server.



In a FTO environment, the Acting hub monitoring enterprise server is always enabled for receiving and processing SOAP requests. Submitting SOAP requests to a Mirror hub monitoring enterprise server is not permitted; this restriction is a safeguard to prevent Mirror hub monitoring enterprise server from getting out of sync with the Acting hub monitoring enterprise server in an FTO environment.



Submitting multiple event map updates consecutively without delay can result in the HUB Tivoli Enterprise Monitoring Server shutting down. This problem is not likely to occur when only a small number of event map updates are made. This problem will not occur if event forwarding is not used.



These 'false' messages are benign. In spite of the 'false' error messages, 



The new situation take action command, ZOSWTO, will cause a multi-line WTO to be issued on the z/OS monitoring server that an agent is connected to or on a z/OS agent. The message will be produced when the situation is true or false. The message ID will always be KO41041I. Any data that follows the command name, ZOSWTO, will be present in the multi-line WTO. When the situation is false the values of substitution variables will be NA. The format of the message will be as follows:



IBM Tivoli Enterprise Portal Client APARs


When using the portal client through WebSEAL, clicking the "Logout" link does not display the WebSEAL logout page. This only occurs when using the browser version of the portal client.



The tivoli portal client contained some java script that is used to scub URI's of HTML tags. This java script function and the regrular expressions used to do the scrubbing was found to be vulnerable to attacks.



As of Java 8 u60 the java webstart process started throwing parse errors when processing the tep.jnlp file. Oracle introduced a new xml parser in the webstart process.



Currently when a Tivoli Portal user has "Take Action" authority, the dialog used for passing arguments with an action ('Edit Argument Values' pop-up ), command allows for inclusion of additional characters in the text field. By this APAR fix, the administrator is able to list the characters that are not allowed in this field.



A security vulnerability exists between the Tivoli Enterprise Portal client and the Tivoli Enterprise Portal Server in regard to user authorization. It was found that a mailicious attacker could, in principle, modify the information being transferred between the client and server in such a manner as to modify the user's authorization assignments associated with their user profile.



When user selects a row of data in a table view and then select the "take action" menu item, it lists all of their systems. 



The Tivoli Monitoring 6.3.x Tivoli Enterprise Portal browser client stopped functioning when launched using the Firefox browser from a Windows OS client.



More recent Java runtime releases from Oracle have maintenance levels that are greater than 99. An example would be Java 8u111 (release 1.8.0_111). One of the components packaged with the Tivoli Enterprise Portal requires that the maintenance level be < 100 in order to function properly. This component is responsible for the rendering of many graphical views in the Portal, including the Policy Workflow Editor, Graphic Views in workspaces, and Situation Formula display. If the Java runtime maintenance level is > 99, then access to these features in the Portal will fail, and the Portal client can become unstable.



IBM Tivoli Enterprise Portal Server APARs


The payload returned by the IBM Tivoli Monitoring Dashboard Data Provider for metric requests includes metadata information used by the dashboard widgets to calculate the displayed value. For percentage type attributes, this additional metadata includes the maximum range that the value can attain for the attribute. In some scenarios, that maximum range value was not computed correctly by the Dashboard Data Provider. This resulted in the displayed value on the dashboard being formatted incorrectly, where the decimal position was off by a factor of 10 or more.



Tivoli Enterprise Portal Server crashes after Windows Server reboot. The portal server is started automatically when Windows starts, but when the first portal client attempts to connect, the portal server crashes and generates a crash dump.



This display issue will occur under the following conditions:
1) The customer is viewing a dashboard constructed and displayed using DASH.
2) The dashboard displays timestamp atributes where the value originally provided by the monitoring agent contains all zero digits.



When an agent is offline and the portal server disconnects from the HUB Tivoli Enterprise Monitoring Server followed by the TEPS connecting to the HUB Tivoli Enterprise Monitoring Server again, in the navigator tree, the chid items associated with the offline agent ar no longer gred out. Clicking on the child items results in the workspace pane displaying the message 
"KFWITM454E Request failed due to offline manage systems(s)".



This CPU utilization problem can sometimes be observed when the Hybrid Gateway is used to retrieve agent metric information from agents at different version levels.



Portal server randomly crashes after applying 6.3.0 FP6.



The Visibroker libraries have been uplifted to address CVE-2016-6304 in OpenSSL when OSCP Stapling feature is used. The protal server does not explicitly use the feature but we are uplifting the libraries to cover the latest vulnerability.



Summarization and Pruning Agent APARs


Summarization and Pruning agent fails to create partitioned tables for various agent attribute groups. 



The Summarization and Pruning agent, as part of its normal purge processing, Drops tables from the Database Server. The DB2 Database Server performs Table Drop functions asynchronously. If the Summarization and Pruning Agent is terminated (Detached) by the user before the DB2 Database Server has completed its Drop processing, the Tables are left in an indeterminate state by DB2. When the Summarization and Pruning Agent is restarted, those Tables which were to have been Dropped reappear, and their status does not make it possible to clean up the Table status conflict. As a result the Summarization and Pruning Agent does not start (hangs).



The HTTP and HTTPS protocols are not supported by the KSY Agent to connect to the Portal Server.  See this Technote for more details.




Warehouse Proxy Agent APARs


When starting the WPA agent, any variables defined in the config/hd.environment file are ignored.



Monthly Paritions are not created if the Summarization and Pruning Agent is dormant (remains in a stopped state) for a time that exceeds the user configuration value of "Number of future partitions to maintain".