Hello
We made this observation about 1 year ago and then forget to investigate it further but this week the same behavior was made in our Production environment.
It seems that beginning with ISAM Virtual Appliance (V8 or V9, we are running 9) that the below messages logged normally in webseald server log file are no longer reported:
DPWWA2025W IBM Security Access Manager WebSEAL has lost contact with junction server: %s (0x38cf07e9)
DPWWA2026W IBM Security Access Manager WebSEAL has regained contact with junction (%s) server: %s (0x38cf07ea)
We have had an incident this week because we could not detect that a junction state changed from "up" to "down". This is because we cannot trace in our logs the message DPWWA2025W. The root cause of the incident of course is a human manual error but it all comes down to the delay it took us to realize the problem and fix it. The lack of the usual messages contributed to worsen the incident duration.
We did see another message more detailed "DPWAD0411E The TCP/IP host information could not be determined from the server hostname: someservername. Ensure that the server hostname is correct and that the domain name server is functioning correctly" appearing in the webseal server logs which we could opt to track also in the future but I can image other cause than this particular one for a junction to go down.
Before I open a support case, just want to know if there was any conscious effort not to log those 2 events anymore?
Thanks in advanced for your comments/responses.
Sylvain Gilbert, p. ing., Conseiller Technique Infrastructures Securité/Security Infrastructures Technical Advisor
Intact Corporation Financière | 1935 des Cascades, Saint-Hyacinthe, QC J2S 8K9
(T) 855.646.8228, x 86667 | (M) 450.223.9537
sylvain.gilbert@intact.net | www.intactfc.com