Novell Sentinel 6.1 SP1 Hotfix 2
September, 2009
This document has the following information about Novell® Sentinel™ 6.1 SP1 Hotfix 2:
Section 1, “Overview,” on page 1
Section 2, “New Features in Sentinel 6.1 SP1 Hotfix 2,” on page 1
Section 3, “Prerequisites,” on page 2
Section 4, “Installation,” on page 3
Section 5, “Sentinel Database Patch Installation,” on page 5
Section 6, “Post-Installation,” on page 8
Section 7, “Defects Fixed in Sentinel 6.1 SP1 Hotfix 2,” on page 8
novdocx (en) 16 April 2010
Novell®
Section 8, “Known Issues in Sentinel 6.1 SP1 Hotfix 2,” on page 9
Section 9, “Defects Fixed in Sentinel 6.1 SP1 Hotfix 1,” on page 10
Section 10, “Documentation Conventions,” on page 11
Section 11, “Legal Notices,” on page 11
1 Overview
This hotfix applies the latest software fixes and enhancements to an existing installation of Sentinel
6.1 SP1 and 6.1 SP1 Hotfix 1.
This hotfix must be installed on all existing Sentinel 6.1 SP1 clients and servers. This includes
machines with the Sentinel server, correlation engine, Sentinel database, Collector Manager,
Sentinel Control Center, Collector Builder, and Sentinel Data Manager.
2 New Features in Sentinel 6.1 SP1 Hotfix 2
Sentinel 6.1 SP1 Hotfix 2 is a maintenance release for Sentinel 6.1 SP1 and Sentinel 6.1 SP1 Hotfix
1. In addition to bug fixes, enhancements are made to the following features.
Section 2.1, “Global Filters,” on page 1
Section 2.2, “JRE Upgrade,” on page 2
Section 2.3, “LDAP Authentication,” on page 2
Section 2.4, “Collector Manager,” on page 2
2.1 Global Filters
JavaScript* actions have now been associated with global filters
An Action Manager button has been added in the Global Filter Configuration window, which
enables you to add, modify, and delete actions.
Novell Sentinel 6.1 SP1 Hotfix 2 1
For more information on global filters, see Global Filters (http://www.novell.com/documentation/
sentinel61/s61_user/?page=/documentation/sentinel61/s61_user/data/bhjlkyb.html#bhjlkye).
2.2 JRE Upgrade
The Java* Runtime Environment* (JRE*) has been upgraded from 1.5 to 1.6 as Java 2 Platform,
Standard Edition (J2SE)* 5.0 will be unsupported by Sun* as of October 30, 2009.
2.3 LDAP Authentication
A Sentinel 6.1 server can now be configured for LDAP authentication to enable users to login to
Sentinel using a Novell eDirectory™ or Microsoft* Active Directory* username and password.
NOTE: LDAP authentication is currently supported only on Linux* servers.
For more information on configuring a Sentinel server for LDAP authentication, see Configuring
Sentinel 6.1 Server for LDAP Authentication (http://www.novell.com/documentation/sentinel61/
s61_install/?page=/documentation/sentinel61/s61_install/data/blutcr3.html).
novdocx (en) 16 April 2010
2.4 Collector Manager
By default, the EventRouter, which is one of the components of the Collector Manager, runs in the
standalone mode. In this mode, the EventRouter handles internal functions such as maps and
applying global filters on events parsed by the Collector Manager.
Sentinel 6.1 SP1 Hotfix 2 enables the EventRouter to operate in server and client modes on both
DAS machines and Collector Manager machines. The Collector Manager installation on which the
EventRouter is configured to run in client mode is referred to as Light Weight Collector Manager.
NOTE: You should configure a Light Weight Collector Manager on machines that have limited
CPU and RAM for the Collector Manager process.
For more information on configuring a Light Weight Collector Manager, see Configuring the Light
Weight Collector Manager (http://www.novell.com/documentation/sentinel61/s61_install/?page=/
documentation/sentinel61/s61_install/data/bgms016.html#bl53pzx).
3 Prerequisites
The prerequisites for the hotfix depend on the Sentinel version and platform. Read each section
carefully to determine whether the steps apply to your environment.
If Sentinel 4.x or 5.x is installed, it must be upgraded to Sentinel 6.1 by using the upgrade
installer. See the Patch Installation Guide for instructions.
If Sentinel is not yet installed, install Sentinel by using the Sentinel 6.1 installer. See the
Sentinel Installation Guide for instructions.
If Sentinel 6.1 is installed, ensure that you have upgraded to Sentinel 6.1 SP1.
The complete product documentation is available at the Novell Sentinel 6.1 Documentation Web site
(http://www.novell.com/documentation/sentinel61).
2 Novell Sentinel 6.1 SP1 Hotfix 2
NOTE: If your system is running an older version of Sentinel, then it is mandatory to upgrade it to
Sentinel 6.1 SP1 before applying this hotfix.
3.1 Back Up Sentinel
This prerequisite applies to all Sentinel systems, regardless of the version or platform.
You should have a complete backup of the machines on which you are installing the patch, including
the Sentinel database. If you cannot back up all the files, then at a minimum you need a backup of
the contents of the
ESEC_HOME
directory. This protects your system against unexpected installation
errors.
3.2 Back Up the AUDIT_RECORD Table
This prerequisite is not necessary if you have already applied Sentinel 6.1 Hotfix 1, Sentinel 6.1
SP1, or Sentinel 6.1 SP1 Hotfix 1. It is necessary only if Sentinel 6.1 Hotfix 1 or Sentinel 6.1 SP1
has not been applied yet.
novdocx (en) 16 April 2010
Starting with Sentinel 6.1 Hotfix 1, the AUDIT_RECORD table, which contains internal audit
events for the Sentinel system, is configured for partitioning and archiving for better table
management. Because the existing table is not partitioned or archived, the PatchDb script might fail
if the AUDIT_RECORD table is too large relative to the amount of temporary tablespace available.
There are two approaches to ensure that the PatchDb script runs successfully, depending on whether
it is critical to your organization to preserve the data in the AUDIT_RECORD table:
If the AUDIT_RECORD data is not important, truncate the AUDIT_RECORD table by using
the following SQL command:
TRUNCATE TABLE AUDIT_RECORD
If the AUDIT_RECORD data is important and needs to be preserved, add more space to the
temporary tablespace. The amount of space to be added depends on your environment; consult
your Database Administrator (DBA) for adequate settings.
4 Installation
1 Log in to every machine that has Sentinel installed.
On Linux*/Solaris*, log in as
On Windows* Vista*, log in as any user if User Access Control is enabled. If User Access
Control is disabled, you must log in as an
On other (non-Vista) Windows systems, log in as an
root
.
Administrator
.
Administrator
.
2 Verify that the environment variables for Sentinel are set by running one of the following
commands:
On Linux/Solaris:
On Windows:
3 Extract the
SENTINEL_6.1.1.2.zip
echo %ESEC_HOME%
4 Close all Sentinel applications running on the machine, including:
Sentinel Control Center (SCC)
echo $ESEC_HOME
file.
Novell Sentinel 6.1 SP1 Hotfix 2 3
Sentinel Collector Builder
Sentinel Data Manager
Solution Designer
5 Stop the Sentinel service running on the machine:
On Windows: use Windows Service Manager to stop the Sentinel service.
On Linux/Solaris: run the
$ESEC_HOME/bin/sentinel.sh stop
command.
6 Open the command prompt.
For most Windows systems and Linux/Solaris, you can log in as any user to open the prompt.
For Windows Vista, you must open the command prompt as an Administrator, using the
following instructions.
6a Go to Start > All Programs > Accessories.
6b Right-click Command Prompt and select Run as administrator.
If User Access Control is enabled and you are logged in as a user with administrator
privileges, a User Access Control window appears to notify that Windows needs your
permission to continue.
novdocx (en) 16 April 2010
6c Click Continue.
If you are logged in as a user without administrative privileges, then you are prompted to
authenticate as an administrative user.
7 On the command line, return to the extracted hotfix top-level directory and run the script to
start the hotfix installer:
On Windows:
On Unix*:
After you run the script, the
installation
service_pack.bat
./service_pack.sh
Sentinel 6.1 SP1 is the prerequisite for this hotfix
message appears.
8 Perform the following:
On Windows: Press Enter if Sentinel 6.1 SP1 is already installed and continue with the
installation or Ctrl+C to terminate the installation and install Sentinel 6.1 SP1.
On Unix: Press y if Sentinel 6.1 SP1 is already installed and continue with the installation
or n to terminate the installation and install Sentinel 6.1 SP1.
9 Press Enter when prompted to start the hotfix installation procedure.
10 After the installation completes, log out and log in to apply the environmental variable changes.
11 Repeat Step 1 through Step 10 on every Sentinel server and client machine that has Sentinel
software installed.
12 Restart Sentinel services on all machines:
On Windows: use the Windows Service Manager to start the Sentinel services.
On Unix: run
$ESEC_HOME/bin/sentinel.sh start
4 Novell Sentinel 6.1 SP1 Hotfix 2
Loading...