Date:2012-11-12
OS: Windows/Linux
Etrack Incidents: 2650538, 2924502, 2934630, 2937368, 2937805, 2937960,
2941639, 2941806, 2944336, 2944616, 2944814, 2945765, 2946060, 2952484,
2952809, 2955756, 2957316, 2957680, 2968233, 2972341, 2976643, 2982141,
2982453, 2875273, 2953188, 2959957, 2963072, 2973172, 2982513, 2990530
Errors/Problems Fixed:
2650538 - Update Data Inventory report to catch files when index_calculate_owner
returns an error, or returns an owner of 0. Also update merge code
to produce a new table to summarize comparison between DIR numbers
and dashboard numbers.
2924502 - Data Inventory report is crashing with invalid pointer read in owner index.
2934630 - Issues while deleting winnas server with the option of "uninstall agent".
2937368 - Download Logs throws OutOfMemoryError for large data set.
2937805 - Enable/Disable site collection auditing on sharepoint server when Enabling/Disabling
site collection in DI.
2937960 - Use custom chunk size for sqlite3 via reports (sensitive_summary.dll).
2941639 - While merging report outputs, move intermediate output db's rather than copy
and delete the intermediate ones after merge is complete.
2941806 - Dashboard: Save filter table does not save all filtered data.
2944336 - localuser.exe not picking up the local groups from Netapp filer.
2944616 - Implement a central place in LogServlet to change log level on any node, for any service.
2944814 - Dashboard does not consider absense of share level permission while evaluating open shares.
2945765 - Download logs should try and capture security policies for a collector/winnas ndoe.
2946060 - ConfigUtils.isWindows fails on Turkish locale.
2952484 - Automatically add DFS mapping for winnas cluster after share discovery.
2952809 - queryd should truncate the sharelist file so that old entries are purged.
2955756 - Automatically set security options for fpolicy in registry.
2957316 - Workspace--->Users, BU attribute query not working for NOT EQUAL operator.
2957680 - Optimize Disk Space and speed for intermediate files for reports by transferring those with
in memory compression.
2968233 - fixed Notify custodian shows wrong info.
2972341 - Large file download via File Transfer Job causes exception in StatsManager.publishStat.
2976643 - Time taken for directory scan shown on Uber dashboard appears to be incorrect.
2982141 - HA setting : 'Number of files in err folders' is not working.
2982453 - For Exclude Rule, exclude access for a particular user on a particular path doesn't work.
it Excludes access for all the users on that path.
2875273 - Error generating audit log data for extracts. Added retry logic if sqlite db is locked.
This is for a small db which holds the generation number. Parallel collector processes
run by DataInsight commd service may encounter a db locked and all input files are moved to
collector/err folder.
2953188 - Getting warning show run out of disk space after new install.
2959957 - Indexer collector is reporting errors( Refer addtional notes of README point 4).
2963072 - When installing multiple Winnas agents with installcli, configdb uses 100% of CPU.
2973172 - fpolicy crashes since upgrade to DI 3.0.1: SEVERE: #{10} [ReportsDBUpgrade.upgradeReportsDB]
HSQL DB path is invalid.
2982513 - Add a node property for fpolicyd called fpolicyd.rulefilter to exclude rules at fopolicy level
Please refer to point 3 in addtional notes / Impact setion below for more details.
2990530: ConfigServlet does not update cache after config updates. Collector node does not update its list
of associated WinNas nodes and forwards update config requests to MS
Install/Uninstall Instructions:
Apply this rolling patch to all Data Insight servers with version 3.0.1 or 3.0.1RP1 only.
NOTE: Please keep a backup of the Data Insight files in the installation
directory. This will be required in case you want to manually roll back the
patch.
High Level Steps:
1. Remember to take a backup of original files under INSTALL_DIR before you install the rolling
patch.
2. Apply the rolling patch on Management Server first, followed by all Worker
Nodes.
3. Next, apply patch to Windows File Server agents (if applicable).
Patching Data Insight Management Server and Worker Nodes:
1. Log onto each server with Administrative privileges.
2. Unzip the patch files to a temporary folder. In this folder, locate the rolling
patch installer for the appropriate OS architecture. The installer is called
Symantec_DataInsight_windows_301RP2_3_0_1_3201_x64.exe for 64 bit Windows OS,
Symantec_DataInsight_windows_301RP2_3_0_1_3201_x86.exe for 32 bit Windows OS
and Symantec_DataInsight_linux_301RP2_3_0_1_3201_x64.sh for 64 bit Linux OS.
3. Launch the installer executable to install the rolling patch on Windows.
Launch the Shell as sh ./Symantec_DataInsight_linux_301RP2_3_0_1_3201_x64.sh
on Linux.
Patching Data Insight Windows File Server agents:
1. Unzip the patch files to a temporary folder on a computer that will be used to
access the Data Insight Management Console. In this temporary folder, locate the
rolling patch installer bundles for Windows File Server agents. The agent
bundle is called Symantec_DataInsight_windows_winnas_301RP2_3_0_1_3201_x64.zip
for 64 bit OS and Symantec_DataInsight_windows_winnas_301RP2_3_0_1_3201_x86.zip
for 32 bit OS.
2. Log into the Management Console with Server Administrator privilege and upload the
agent bundles to the appropriate collector worker nodes using "Agent Uploader" page
in the Settings tab.
3. Navigate to Filer details page for each configured Windows File Server in the Settings
tab and click on "Upgrade Agent" button available on the top of the page. This option
is only visible if you have enabled the option to let Data Insight install/upgrade
agent for this filer.
4. Alternately, to manually patch a Windows File Server agent, log onto the Windows File
Server machine with Administrative privileges, unzip the agent installer bundle in a
temporary location, and launch the patch installer. The patch installer is called
Symantec_DataInsight_windows_301RP2_3_0_1_3201_x64.exe for 64 bit OS,
and Symantec_DataInsight_windows_301RP2_3_0_1_3201_x86.exe for 32 bit
OS.
Additional Notes / Impact:
1. At this time, automated roll back of patch is not supported. To roll back the
patch manually:
a. To roll back the patch, stop all Data Insight services, overwrite the
patched files with original files from backup, and restart services.
2. To confirm if a system has been patched, check the version of Data Insight
using "Add/Remove Programs" applet in the Control Panel.
3. If exclude rules are applied at fpolicy level, then after upgrading to 3.0.1RP2,
these rules will not be applied at fpolicy level untill the fpolicy.rulefilter property
is set to true. In order to set the property navigate to Settings >
DataInsight servers > collector node > Advanced settings > Edit Advanced settings
> set custom property and specify property name as fpolicy.rulefilter
and property value as true. If fpolicyd.rulefilter is set to true at the node level, the
exclusion rules are applied in fpolicyd service. If it is set to false, fpolicyd does
not evaluate the exclude rules and they are applied at collector level.
The property if absent is treated as false.
If the rules are applied at fpolicy level, there may be some performance impact
in fpolicyd while processing audit events.
4. All Security(ACL change) events from Netapp on paths which are not present in the index of
Data Insight will be ignored. A warning would be logged in the index_xx.log to this effect.
A limitation on the Netapp filer prevents us from ascertaining the path type (file/folder)
in the ACL change event and unless we know the path type from our index, such events are ignored.
Typically this will happen when the first set of events on that path contains security event
and the same path has not been scanned earlier.
5. Seven million records is the maximum supported value for consumption by file group report.
If the value exceeds seven million records, report will be blank.
