database settings administrator - helpsystems...document date: march 2013 document version: 1.3...
TRANSCRIPT
Database Settings AdministratorUser Guide
8.0VMC-Mxx
VISUAL Message Center Database Settings Administrator - User Guide
The software described in this book is furnished under a license agreement and may be used only in
accordance with the terms of the agreement.
Copyright Notice
Copyright © 2013 Tango/04 All rights reserved.
Document date: March 2013
Document version: 1.3
Product version: 8.0
No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language or computer language, in any form or by any means, electronic mechani-cal, magnetic, optical, chemical, manual, or otherwise, without the prior written permission of Tango/04.
Trademarks
Any references to trademarked product names are owned by their respective companies.
Technical Support
For technical support visit our web site at www.tango04.com.
Tango/04 Computing Group S.L.
Avda. Meridiana 358, 5 A-B
Barcelona, 08027
Spain
Tel: +34 93 274 0051
Table of Contents
Table of Contents
Table of Contents .............................................................................. iii
How to Use this Guide.......................................................................vii
Chapter 1
Introduction ...................................................................................... 11.1. What You Will Find in this Document..............................................................1
Chapter 2
Important Notes ................................................................................ 2
Chapter 3
Getting Started with Database Settings Administrator............................ 3
Chapter 4
T4EVENTLOG Migration ...................................................................... 5
Chapter 5
Data Sources ..................................................................................... 8
© 2013 Tango/04 Computing Group Page iii
Table of Contents
5.1. Common Parameters......................................................................................9
5.2. General Events Repository - ThinkServer ......................................................9
5.3. Portal Dashboards ........................................................................................11
5.4. Web SmartConsole.......................................................................................11
5.5. SmartConsole - BSM - Portal Events............................................................12
5.6. SmartConsole 8 ............................................................................................12
5.7. AccessServer................................................................................................13
5.7.1. Application Data Source..........................................................................13
5.7.2. Audit Data Source ...................................................................................13
5.8. Orchestrator ..................................................................................................14
Chapter 6
Events Signature.............................................................................. 156.1. Connection Settings......................................................................................15
6.2. Entities ..........................................................................................................16
6.3. Signature Levels ...........................................................................................17
Chapter 7
Maintenance ................................................................................... 187.1. Schedule .......................................................................................................19
7.2. Events ...........................................................................................................19
7.2.1. Production Database...............................................................................20
7.2.2. Historical Database .................................................................................20
7.2.3. Archived Data Source .............................................................................20
7.3. Web SmartConsole.......................................................................................21
7.3.1. Production Database...............................................................................21
7.4. BSM ..............................................................................................................22
7.4.1. Production Database...............................................................................22
7.4.2. Historical Database .................................................................................22
7.5. Portal Events.................................................................................................23
7.5.1. Production Database...............................................................................23
7.5.2. Historical Database .................................................................................23
7.6. iSeries ...........................................................................................................24
7.6.1. HST Monitor ............................................................................................27
7.6.2. Job History ..............................................................................................28
7.6.3. SQL Monitor ............................................................................................29
7.7. AccessServer................................................................................................30
7.7.1. Production Database...............................................................................30
7.7.2. Historical Database .................................................................................30
7.8. SmartConsole Messages..............................................................................31
7.8.1. Production Database...............................................................................31
7.8.2. Historical Database .................................................................................32
© 2013 Tango/04 Computing Group Page iv
Table of Contents
7.9. Supported Database Engines .......................................................................32
Chapter 8
Settings .......................................................................................... 348.1. Language ......................................................................................................34
8.2. AccessServer................................................................................................35
8.2.1. Rebuild AccessServer Model ..................................................................35
Appendices
Appendix A: Partitioned Tables.......................................................... 36A.1. Introduction...................................................................................................36
A.2. SQL Server 2005/2008.................................................................................36
A.2.1. Steps to Configure SQL Server 2005/2008 ............................................36
A.2.2. Altering Partitions....................................................................................39
A.2.3. Analyzing Partitions ................................................................................40
A.3. Oracle ...........................................................................................................41
A.3.1. Steps to Configure Oracle ......................................................................42
A.3.2. Altering Partitions....................................................................................45
A.3.3. Analyzing Partitions ................................................................................45
A.4. Oracle 11g only ............................................................................................46
A.4.1. Different Table Creation Statement .................................................46
A.4.2. Changing from Date Range Partitioning to Interval Partitioning .............48
Appendix B: Working with DB2/iSeries Databases............................... 49B.1. General Events Online Database .................................................................49
B.1.1. Creating Tables - General Events Online Database...............................49
B.1.2. Creating and Assigning Journals - General Events Online Database ....54
B.1.3. Adding Constraints - General Events Online Database..........................55
B.1.4. Initializing Data - General Events Online Database................................56
B.2. Historical Database (for maintenance) .........................................................56
B.2.1. Creating Tables - Historical Database ....................................................56
B.2.2. Creating and Assigning Journals - Historical Database..........................61
B.2.3. Adding Constraints - Historical Database ...............................................61
B.3. Archived Database (for Maintenance) ..........................................................62
B.3.1. Creating Tables - Archived Database.....................................................62
B.3.2. Creating and Assigning Journals - Archived Database ..........................66
B.3.3. Adding Constraints - Archived Database................................................67
© 2013 Tango/04 Computing Group Page v
Table of Contents
Appendix C: Use of 32-Bit ODBC Drivers for a 64-Bit Windows System........................................................................................... 68
Appendix D: Tamper Proof Technology ............................................... 70D.1. Signing Process ...........................................................................................70
D.1.1. Soft Sign Process ...................................................................................70
D.1.2. Hard Sign Process..................................................................................71
D.2. Archiving Process.........................................................................................71
D.3. Assessment Process....................................................................................72
Appendix E: Backup and Restore ....................................................... 74
Appendix F: Contacting Tango/04...................................................... 75
About Tango/04 Computing Group .................................................... 77
Legal Notice .................................................................................... 78
© 2013 Tango/04 Computing Group Page vi
How to Use this Guide
© 2013 Tango/04 Computing Group Page vii
How to Use this Guide
This chapter explains how to use Tango/04 User Guides and understand the typographical conventions
used in all Tango/04 documentation.
Typographical Conventions
The following conventional terms, text formats, and symbols are used throughout Tango/04 printed
documentation:
Convention Description
Boldface Commands, on-screen buttons and menu options.
Blue Italic References and links to other sections in the manual or further documentation containing relevant information.
Italic Text displayed on screen, or variables where the user must substitute their own details.
Monospace Input commands such as System i commands or code, or text that users must type in.
UPPERCASEKeyboard keys, such as CTRL for the Control key and F5 for the function key that is labeled F5.
Notes and useful additional information.
Tips and hints that will improve the users experience of working with this product.
Important additional information that the user is strongly advised to note.
Warning information. Failure to take note of this information could potentially lead to serious problems.
Introduction
© 2013 Tango/04 Computing Group Page 1
Chapter 11 Introduction
The Database Settings Administrator is a versatile tool designed to help you configure several important
VISUAL Message Center settings. With the Database Settings Administrator you can:
• configure different database connection settings
• set up event signature levels, and
• configure the Tango/04 Maintenance Service in order to schedule several database
maintenance tasks.
1.1 What You Will Find in this DocumentThis guide explains how to configure the main database connection settings for VISUAL Message
Center components and setup the database maintenance tasks, specifying in which days and hours to
perform these tasks. Furthermore, you can also define which encryption level will be used to sign
events.
Information regarding how to configure the Events Integrity ThinAgent to verify event signatures
sequentially can be found in the Events Integrity ThinAgent - User Guide.
Important Notes
© 2013 Tango/04 Computing Group Page 2
Chapter 22 Important Notes
When using DB2/iSeries as a Database Engine, you should be aware that tables must be created
manually. Please refer to Appendix B: Working with DB2/iSeries Databases on page 49 for more
information.
Database Settings Administrator is composed of different tabs according to their functionality. Features
such as Events Signature and Maintenance Settings may not be available in your VISUAL Message
Center solution.
Getting Started with Database Settings Administrator
Chapter 33 Getting Started with Database Settings Administrator
To open the Database Settings Administrator for the first time:
Step 1. Launch the application and enter the AccessServer connection settings.
Click Start > All Programs > VISUAL Message Center > Database Settings
Administrator > Database Settings Administrator to launch the application. The first
time the application is run, you are required to enter the language for the application
and the AccessServer connection settings in the window shown below in Figure 1:
Figure 1 – Database Settings Administrator initial Settings window
Step 2. Enter the connection details in the Settings window. These settings can be changed at
any time in the Settings tab, for further information please refer to Chapter 8 - Settings
on page 34.
Step 3. Click Save to save the settings and proceed.
© 2013 Tango/04 Computing Group Page 3
Getting Started with Database Settings Administrator
Step 4. Log in to AccessServer
Enter the user name and password in the fields provided for the Security Administrator
to connect to AccessServer.
Click Log in to continue.
Figure 2 – Enter the AccessServer user credentials
© 2013 Tango/04 Computing Group Page 4
T4EVENTLOG Migration
Chapter 44 T4EVENTLOG Migration
This feature is available beginning with Database Settings Administrator v8.0 Service Pack 01. It was
designed to save you time and effort: it migrates your current T4EVENTLOG events from their old table in
their old DSN into new tables (which it creates) in a new DSN (that you specify).
Note
Even though the new T4EVENTLOG Migration Tool migrates your events from your old DSN
to your new one, this alone does not update ThinkServer to the new database model. You
still must manually edit the EvLgCnfg.exe.config file and paste Database Settings
Administrator root folder DLLs into the SysWow64 (or System32) directory (see How to
Make the Events Integrity ThinAgent Compatible with ThinkServer 1.6 for complete
instructions).
Important: Migrating T4EVENTLOG events to the open-variable model
Please take note of the following:
• Please, do not cancel an unfinished process (commit). If you cancel a commit
and then restart it, you will have duplicated events in your new T4EVENTLOG table
(those that were first committed before the cancel).
• You will not be able to navigate to other Database Settings Administrator tabs
during the migration.
• The Migration Tool will create the new T4EVENTLOG and necessary tables for you if
they are not yet present in your new DSN.
• Do not change Events Signature Levels during the migration.
• Stop ThinkServer before you run the Migration Tool. If you cannot stop
ThinkServer: close ThinkServer (if open), open Database Settings
Administrator, click the Data Sources tab and select General Events Repository
- ThinkServer. Change ThinkServer's data source to the new one, save without
exiting, start ThinkServer, and then you can start the migration.This will ensure
that no events will be written to the old table during the migration (this is very
important to avoid).
• Commits are set to 5,000 events-per-commit. Try not to set a huge value—which
will cause the transaction log to crash, nor a tiny value—which will cause the
process to take a lot of time to finish.
© 2013 Tango/04 Computing Group Page 5
T4EVENTLOG Migration
In the T4EVENTLOG Migration tab (follows), do the following:
Figure 3 – The T4EVENTLOG Migration tab
Step 1. In the Old Model Datasource tab, enter:
• DSN: Enter the name of your current DSN containing the T4EVENTLOG table
(T04_Events, by default)
• User: Enter the name of a user associated with this data source
• Password: Enter the db-authenticated user name’s password
• Table Name: T4EVENTLOG is filled in for you automatically. If your table is named
differently, enter the name of your table here.
Click the Test button. You are notified about connection success or failure (for your
current DSN).
Step 2. In the New Model Datasource tab, enter:
• DSN: Enter the name of the new DSN where you want the T4EVENTLOG table to be
created
• User: Enter the name of a user associated with this data source
• Password: Enter the db-authenticated user name’s password
Click the Test button. You are notified about connection success or failure (for your new
DSN).
Step 3. In the Migration Options section, select one of the following options:
• Migrate all events: select this option if you wish to migrate all the events residing in
your current T4EVENTLOG table
• Migrate from: Deselect Migrate all events and select a date and time from the
Migrate from drop-down list. Select a date and time from the drop-down lists
Migrate from and to.
Step 4. In the Commit Every field, select a number of events you wish Database Settings
Administrator to migrate, in partial commits, for the course of the migration.
© 2013 Tango/04 Computing Group Page 6
T4EVENTLOG Migration
Step 5. Click the Estimate button to estimate the quantity of events that will be migrated. This
will allow you to follow the Migrator’s progress, too, given that you are not notified of a
an error.
Step 6. Click Migrate to begin the migration. Remember not to cancel the process or change
Event Signature Levels during the process.
© 2013 Tango/04 Computing Group Page 7
Data Sources
Chapter 5 5 Data Sources
The Database Settings Administrator allows you to configure every database connection setting you
may have for each VISUAL Message Center product. The Data Sources tab is divided into further tabs,
one for each of the VISUAL Message Center products that uses data sources:
• ThinkServer 8.0
• Dashboards
• Web SmartConsole
• SmartConsole
• SmartConsole 8.0
• AccessServer
• Orchestrator
A typical VISUAL Message Center solution may use each of the above products, each requiring
database configurations, and therefore database management is of vital importance. The following
figure shows a typical VISUAL Message Center database set up:
© 2013 Tango/04 Computing Group Page 8
Data Sources
Figure 4 – VISUAL Message Center database configuration
Data source connection settings for each product are explained in this chapter.
5.1 Common ParametersThe following parameters can be found in each of the tabs:
Click the Restore button to retrieve the current database connection settings.
5.2 General Events Repository - ThinkServer
In the General Events Repository - ThinkServer tab you can configure the ODBC connections to the
data sources that VISUAL Message Center ThinkServer will use to store the events that it generates.
This connection will also be used by VISUAL Message Center to retrieve events.
There are two types of data source that can be created here. Specifying the type of data source is useful
for improving the organization of your data.
Variable Description
DSN The ODBC data source name
User Database user
Password Password of the database user
Note
Please note that this Database Settings Administrator version 8.0 functionality is only
compatible with ThinkServer V8.0 or above.
Note
ThinkServer must be restarted to apply the new configuration.
© 2013 Tango/04 Computing Group Page 9
Data Sources
Select the appropriate data source to match the type of data to be accumulated:
• Real-time data sources: statistical data for example, for calculating trends
• Log data sources: data related to security for example, such as monitoring user log in/off
Figure 5 – General Events Repository tab
To create a new data source:
Step 1. Click the Create button to open the New Data Source window.
Step 2. Click the Select button to open the Select Data Source window.
Step 3. Navigate to the data source you want to use and click OK.
Step 4. The SQL Server Login window opens where you are required to enter the Login ID and
password details and then click OK to continue.
Figure 6 – SQL Server Login
Step 5. Select the corresponding option button to specify if you want the data source type to be
Real-time or Log.
Figure 7 – Create a new ThinkServer data source
Tip
We recommend using Real-time data sources to send events to SmartConsole-Portal
events.
© 2013 Tango/04 Computing Group Page 10
Data Sources
Click Save to save the data source configuration.
The created data sources appear in two lists depending on whether they are Real-time or Log type data
sources. From the lists you can edit, delete, or select the default data source for each data source type.
5.3 Portal DashboardsIn the Portal Dashboards tab you can configure the ODBC connections to the data sources that
ThinkServer will use to store VISUAL Message Center Dashboards information.
Figure 8 – Data Sources Portal Dashboards tab
5.4 Web SmartConsoleIn the Web SmartConsole tab you can configure the ODBC connections to the data sources that Web
SmartConsole will use to read VISUAL Message Center SmartConsole information.
Figure 9 – Data Sources Web SmartConsole tab
Note
ThinkServer must be restarted in order to apply the new configuration.
Note
The index.php page must be reloaded if the database was not initialized.
© 2013 Tango/04 Computing Group Page 11
Data Sources
5.5 SmartConsole - BSM - Portal EventsIn this tab you can configure the ODBC connections to the data sources that SmartConsole will use to
store its configurations. If you want to configure ODBC for the Service Mode console, please select the
Service check box at the bottom of the tab.
Figure 10 – Data Sources SmartConsole tab
5.6 SmartConsole 8In this tab you can configure the ODBC connection string that SmartConsole will use to store the
application configuration.
Figure 11 – Data Sources SmartConsole 8 tab
Note
SmartConsole must be restarted in order to apply the new configuration.
Note
SmartConsole 8.0 must be restarted in order to apply the new configuration.
© 2013 Tango/04 Computing Group Page 12
Data Sources
5.7 AccessServerIn this tab you can configure the ODBC connections to the data sources that AccessServer will use to
store its configuration and the audit data.
5.7.1 Application Data SourceIn this section you can setup the connection with the AccessServer application database. See section
5.1 - Common Parameters on page 9 for details.
5.7.2 Audit Data SourceIn this section you can setup the AccessServer audit.
Figure 12 – Data Sources AccessServer tab
Note
AccessServer must be restarted in order to apply the new configuration.
Variable Description
Audit to
Specify the storage of the audit data:
• Data Source
• Windows Event Log
DSNThe ODBC data source name
(If you choose Data Source Audit)
UserDatabase user
(If you choose Data Source Audit)
PasswordPassword of the database user
(If you choose Data Source Audit)
© 2013 Tango/04 Computing Group Page 13
Data Sources
5.8 OrchestratorIn this tab you can configure the ODBC connection string that Orchestrator will use to store monitoring
information.
Figure 13 – Data Sources Orchestrator tab
Note
Orchestrator must be restarted in order to apply the new configuration.
© 2013 Tango/04 Computing Group Page 14
Events Signature
Chapter 6 6 Events Signature
The VISUAL Message Center Event Signature solution employs the Events Integrity ThinAgent to check
the signature field of the T4EventLog table to see if the table has been modified, effectively making the
table tamper-proof. The Database Settings Administrator is an essential part of this solution as it used to
setup event signature levels.
In the Events Signature tab you can configure which encryption level will be used to sign Events.
Information regarding how to configure the Events Integrity ThinAgent to verify event signatures
sequentially can be found in the Events Integrity ThinAgent - User Guide.
6.1 Connection SettingsIn order to set up which signature level will be used to sign events in a particular solution, you must first
select the data source connection to the General Events Repository database for VISUAL Message
Center.
To select the data source:
Step 1. Click the Select button to open the Select Data Source window.
Step 2. Navigate to the data source you want to set up the signature levels for and click OK.
Step 3. The SQL Server Login window opens where you are required to enter the Login ID and
password details and then click OK to continue.
Figure 14 – Enter the user and password details to login to the selected data source
Note
Please note that this Database Settings Administrator V8.0 functionality is only available with
ThinkServer V8.0 or above.
© 2013 Tango/04 Computing Group Page 15
Events Signature
Step 4. Once you have selected the data source, click the Connect button in the Events
Signature tab and you are ready to edit the signature levels for events in this data
source.
Figure 15 – Events Signature tab
6.2 EntitiesOnce connected, you will see the current signature level for each solution entity. Depending on the
deployment of the solution, you can specify the signature level used by each component to insert
events. By default, the T04 Default Entity represents all the components that are able to insert events.
Figure 16 – Events signature entities showing the identifier of the first event that was signed with each particular signature level. In this example events 1 to 20 had the Soft signature level applied,
while from event 21 onwards the signature level is set to None.
Note
If you need to change the selected data source simply click the Change button and repeat
the above steps.
Important
Stop all event related components (ThinkServer and NiceLink Daemon services) before
changing the signature level, otherwise inconsistencies in the events signatures will occur.
© 2013 Tango/04 Computing Group Page 16
Events Signature
In the Signature Levels list you can see the historical levels of the selected entity and the Identifier of the
first event signed with each level.
If you change several Levels with no Events insertions between them, these Levels will remain as Not
Applied.
6.3 Signature LevelsThere are three different signature levels used to sign each event:
• None
• Soft
• Hard
None
Events will not be signed and therefore modifications to events will not be recognized and a null value
will be stored in the Signature field of the T4EventLog table for each event.
Soft
This event signature will be generated based on a SHA256 algorithm (Secure Hash Algorithm) over a
low level modification process.
Hard
Takes the soft level signature and applies another stronger cryptography transformation, so the event
signature will be generated based on an AES encryption process over the Soft Level process applied
previously.
The use of each level depends on the scenario. The Hard level is recommended but is the slowest
option, while no signature level encryption will be clearly faster but less secure.
For further information regarding signature levels please see Appendix D: Tamper Proof Technology on
page 70.
Important
Setting up this signature level cannot ensure a successful Event Integrity verification
process.
© 2013 Tango/04 Computing Group Page 17
Maintenance
Chapter 7 7 Maintenance
With the Tango/04 Maintenance Service installed, you can schedule database maintenance tasks in the
Database Settings Administrator using the tools available in the Maintenance tab.
You can setup several maintenance plans for the following VISUAL Message Center components:
• Events
• Web SmartConsole
• BSM
• Portal Events
• iSeries
• AccessServer
• SmartConsole Messages
Figure 17 – Maintenance tab
Each of the above components can be configured individually. Simply click on the tab corresponding to
the component you wish to configure for a maintenance schedule.
Once the settings have been saved, the Service will automatically schedule the tasks.
© 2013 Tango/04 Computing Group Page 18
Maintenance
Each maintenance task is identified by a Production Database connection and in some cases by
Historical database and Archived data source connections also.
To connect to each database you will be required to enter the DSN name and logon credentials
necessary.
When the DSNs are configured, if the Use Windows authentication option is selected, the DSN is
configured to authenticate to SQLServer using the domain credentials. In Database Settings
Administrator, when you select that DSN, the DSN and User fields are automatically completed but the
Password field is left empty.
If you do not select the DSN using the Select button but manually type the DSN name in the DSN field,
you can leave the User and Password fields empty.
The user which authenticates against SQLServer is the user logged in to Windows.
7.1 ScheduleIn each of the specific component tabs you will find the Schedule panel where you define the Days and
Hours to run the maintenance tasks.
Figure 18 – Schedule panel
Simply click on the days you wish to run the maintenance tasks, click again if you wish to deselect a
selected day, then select the check boxes for the hours you wish to run the tasks and enter the specific
minutes in the fields below.
7.2 Events
The Events tab provides the tools needed to schedule maintenance tasks on any selected Events
databases. For further information regarding setting the schedule see section 7.1 - Schedule on
page 19.
Note
It is not necessary to restart the Tango/04 Maintenance Service to schedule the tasks.
Tip
You can select more than one day per week and more than one time per day to schedule
maintenance tasks.
Note
Please note that Database Settings Administrator V8.0 Events Maintenance is only available
with ThinkServer V8.0 or above.
© 2013 Tango/04 Computing Group Page 19
Maintenance
7.2.1 Production DatabaseIn the Production Database section you must specify the connection settings according to an Events
database which is already functional.
7.2.2 Historical DatabaseIn the Historical Database section you can specify the connection settings to a new or previously used
Historical database. The Events maintenance process will initialize the schema if the tables do not exist.
7.2.3 Archived Data SourceIn the Archived Data source section you can specify the connection settings to a new or previously used
Archived data source. The events maintenance process will initialize the schema if the tables do not
exist.
The use of the Archived data source is optional, and if it has been configured, the maintenance tasks will
move the deleted data from the Historical database to the Archived database.
Variable Description
DSN The ODBC data source name
User Database user
Password Password of the database user
Keep Days to keep the historical data
Variable Description
DSN The ODBC data source name
User Database user
Password Password of the database user
Keep Days to keep the historical data
Note
If you do not specify a Historical Database, the process will only delete the events from the
Production Database without actually backing up or transferring any data.
Variable Description
DSN The ODBC data source name
User Database user
Password Password of the database user
© 2013 Tango/04 Computing Group Page 20
Maintenance
Figure 19 – Maintenance Events tab
7.3 Web SmartConsoleThe Web SmartConsole tab provides the tools needed to schedule maintenance tasks on any selected
Web SmartConsole databases. For further information regarding setting the schedule see section 7.1 -
Schedule on page 19.
7.3.1 Production DatabaseIn the Production Database section specify the connection settings to connect to a functioning Web
SmartConsole database.
Variable Description
DSN The ODBC data source name
User Database user
Password Password of the database user
Keep Days to keep the historical data
Always maintain the last event of each Business
View
Indicates if the maintenance process must leave in pro-duction database the last event of each Business View.
© 2013 Tango/04 Computing Group Page 21
Maintenance
Figure 20 – Maintenance Web SmartConsole tab
7.4 BSMThe BSM tab provides the tools needed to schedule maintenance tasks on any selected BSM
databases. For further information regarding setting the schedule see section 7.1 - Schedule on
page 19.
7.4.1 Production DatabaseIn the Production Database section specify the connection settings to connect to a functioning BSM
database.
7.4.2 Historical DatabaseIn the Historical Database section specify the connection settings to connect to a new or existing
Historical database. The BSM maintenance process will initialize the schema if the tables do not exist.
Variable Description
DSN The ODBC data source name
User Database user
Password Password of the database user
Keep Days to keep the historical data
Note
If you do not specify a Historical Database, the process will only delete the events from the
Production Database without actually backing up or transferring any data.
© 2013 Tango/04 Computing Group Page 22
Maintenance
Figure 21 – Maintenance BSM tab
7.5 Portal EventsThe Portal Events tab provides the tools needed to schedule maintenance tasks on any selected Portal
Events databases. For further information regarding setting the schedule see section 7.1 - Schedule on
page 19.
7.5.1 Production DatabaseIn the Production Database section you must specify the connection settings according to a functioning
Portal Events database.
7.5.2 Historical Database
Variable Description
DSN The ODBC data source name
User Database user
Password Password of the database user
Keep Days to keep the historical data
Variable Description
DSN The ODBC data source name
User Database user
Password Password of the database user
© 2013 Tango/04 Computing Group Page 23
Maintenance
In Historical Database section you can specify the connection settings to a new or previously used
Historical database. The Portal Events maintenance process will initialize the schema if the tables do not
exist.
Figure 22 – Maintenance Portal Events Tab
7.6 iSeriesThe iSeries tab provides the tools needed to schedule maintenance tasks on any selected iSeries
databases. For further information regarding setting the schedule see section 7.1 - Schedule on
Keep Days to keep the historical data
Variable Description
Note
If you do not specify a Historical Database, the process will only delete the events from the
Production Database without actually backing up or transferring any data.
Variable Description
DSN The ODBC data source name
User Database user
Password Password of the database user
Keep Days to keep the historical data
© 2013 Tango/04 Computing Group Page 24
Maintenance
page 19.
There are a further three tabs available here, where you can manage maintenance schedules for the
following iSeries tables:
• HST Monitor (BDHST02X table)
• Job History (HSJOB01P table)
• SQL Monitor (SLLOG01X table)
Tip
When creating an iSeries DSN, follow these steps to ensure the data is read correctly and
the maintenance job is successfully executed:
Step 1. In the iSeries Access for Windows ODBC Setup window click the
Translation tab, and select the Convert binary data (CCSID 65535) to text
check box.
© 2013 Tango/04 Computing Group Page 25
Maintenance
Figure 23 – Transaction tab
Step 2. Click on the Advanced button and select the Allow unsupported
character check box.
Figure 24 – Advanced options
© 2013 Tango/04 Computing Group Page 26
Maintenance
7.6.1 HST Monitor
Production Database
In the Production Database section you must specify the connection settings according to a functioning
HST Monitor database.
Historical Database
In Historical Database section you can specify the connection settings to a new or previously used
Historical database. The HST Monitor maintenance process will initialize the schema if the tables do not
exist.
Variable Description
DSN The ODBC data source name
User Database user
Password Password of the database user
Library iSeries Library
Keep Days to keep the historical data
JISS Hostname
ThinkServer Java System i Server.
The connection to the JISS is established to execute the specific delete command in order to purge the database securely
JISS PortPort of the ThinkServer Java System i Server. (usually 8082)
iSeries HostHost of the iSeries system to be used to execute the delete command
iSeries UserUser of the iSeries system to be used to execute the delete command
iSeries Password Password of the iSeries User
Note
If you do not specify a Historical Database, the process will only delete the events from the
Production Database without actually backing up or transferring any data.
Variable Description
DSN The ODBC data source name
User Database user
Password Password of the database user
© 2013 Tango/04 Computing Group Page 27
Maintenance
7.6.2 Job History
Production Database
In the Production Database section you must specify the connection settings according to a functioning
Job History database.
Historical Database
In Historical Database section you can specify the connection settings to a new or previously used
Historical database. The Job History maintenance process will initialize the schema if the tables do not
exist.
Variable Description
DSN The ODBC data source name
User Database user
Password Password of the database user
Library iSeries Library
Keep Days to keep the historical data
JISS Hostname
ThinkServer Java System i Server
The connection to the JISS is established to execute the specific delete command in order to purge the database securely
JISS PortPort of the ThinkServer Java System i Server (usually 8082)
iSeries HostHost of the iSeries system to be used to execute the delete command
iSeries UserUser of the iSeries system to be used to execute the delete command
iSeries Password Password of the iSeries User
Note
If you do not specify a Historical Database, the process will only delete the events from the
Production Database without actually backing up or transferring any data.
Variable Description
DSN The ODBC Data Source Name
User Database User
Password Password of the database user.
© 2013 Tango/04 Computing Group Page 28
Maintenance
7.6.3 SQL Monitor
Production Database
In the Production Database section you must specify the connection settings according to a functioning
SQL Monitor database.
Historical Database
In Historical Database section you can specify the connection settings to a new or previously used
Historical database. The SQL Monitor maintenance process will initialize the schema if the tables do not
exist.
Variable Description
DSN The ODBC data source name
User Database user
Password Password of the database user
Library iSeries Library
Keep Days to keep the historical data
JISS Hostname
ThinkServer Java System i Server.
The connection to the JISS is established to execute the specific delete command in order to purge the database securely
JISS PortPort of the ThinkServer Java System i Server. (usually 8082)
iSeries HostHost of the iSeries system to be used to execute the delete command
iSeries UserUser of the iSeries system to be used to execute the delete command
iSeries Password Password of the iSeries User
Note
If you do not specify a Historical Database, the process will only delete the events from the
Production Database without actually backing up or transferring any data.
Variable Description
DSN The ODBC data source name
User Database user
Password Password of the database user
© 2013 Tango/04 Computing Group Page 29
Maintenance
Figure 25 – Maintenance iSeries Tab
7.7 AccessServerThe AccessServer tab provides the tools needed to schedule maintenance tasks on any selected
AccessServer databases. For further information regarding setting the schedule see section 7.1 -
Schedule on page 19.
7.7.1 Production DatabaseIn the Production Database section you must specify the connection settings according to a functioning
AccessServer database.
7.7.2 Historical DatabaseIn Historical Database section you can specify the connection settings to a new or previously used
Historical database. The AccessServer maintenance process will initialize the schema if the tables do
not exist.
Variable Description
DSN The ODBC data source name
User Database user
Password Password of the database user
Keep Days to keep the historical data
Note
If you do not specify a Historical Database, the process will only delete the events from the
Production Database without actually backing up or transferring any data.
© 2013 Tango/04 Computing Group Page 30
Maintenance
Figure 26 – Maintenance AccessServer Tab
7.8 SmartConsole MessagesThe SmartConsole Messages tab provides the tools needed to schedule maintenance tasks on any
selected SmartConsole messages databases. For further information regarding setting the schedule
see section 7.1 - Schedule on page 19.
7.8.1 Production DatabaseIn the Production Database section you must specify the connection settings according to a functioning
SmartConsole messages database.
Variable Description
DSN The ODBC data source name
User Database user
Password Password of the database user
Keep Days to keep the historical data
Variable Description
DSN The ODBC data source name
User Database user
Password Password of the database user
Keep Days to keep the historical data
© 2013 Tango/04 Computing Group Page 31
Maintenance
7.8.2 Historical DatabaseIn Historical Database section you can specify the connection settings to a new or previously used
Historical database. The SmartConsole maintenance process will initialize the schema if the tables do
not exist.
Figure 27 – Maintenance SmartConsole Messages Tab
7.9 Supported Database EnginesThe following table shows which database engines are supported by each maintenance task:
Note
If you do not specify a Historical Database, the process will only delete the events from the
Production Database without actually backing up or transferring any data.
Variable Description
DSN The ODBC data source name
User Database user
Password Password of the database user
Keep Days to keep the historical data
Maintenance Task
Oracle v9
or above
SQLServerv2005
or above
PostgreSQL v8.3
or above
DB2v9.5
or above
Events X X X X
© 2013 Tango/04 Computing Group Page 32
Maintenance
Web SmartConsole
X X
BSM X X
Portal Events X
iSeries X
AccessServer X X
SmartConsole Messages
X X X
Maintenance Task
Oracle v9
or above
SQLServerv2005
or above
PostgreSQL v8.3
or above
DB2v9.5
or above
© 2013 Tango/04 Computing Group Page 33
Settings
Chapter 88 Settings
In the Settings tab it is possible to set the language of this application as well as AccessServer
specification.
The first time the application is run, a form with the content seen in the following image will be shown.
This content can also be found in the Settings Tab.
Figure 28 – Database Settings Administrator - Settings tab
8.1 LanguageIt is possible to specify the language of the Database Settings Administrator. In order to apply changes,
restart the application.
© 2013 Tango/04 Computing Group Page 34
Settings
8.2 AccessServerDatabase Settings Administrator uses AccessServer to manage authentication in the application.
8.2.1 Rebuild AccessServer ModelTo reset the Database Settings Administrator security model in AccessServer click the Rebuild
AccessServer model check box. You will then be able to change the credentials for the security
administrator. The following options are available:
Name Description
HostnameName of the host (or IP address where AccessServer is located
PortPort number where Access Server is listening, the default value is 18801
Domain/PC Domain identifier configured in AccessServer
Name Description
AccessServer AdministratorDomain and user name for the security administrator of AccessServer
Password Password of AccessServer administrator
AdministratorActorUser or Group configured as the application administrator
© 2013 Tango/04 Computing Group Page 35
Appendix A : Partitioned Tables
Appendix AAppendix A: Partitioned Tables
A.1 IntroductionWhen a database table grows in size to hundreds of gigabytes or more, it can become more difficult to
load new data, remove old data, and maintain indexes. Just the sheer size of the table causes such
operations to take much longer.
Partitions addresses the key problem of supporting very large tables and indexes by allowing you to
decompose them into smaller and more manageable pieces called partitions.
Once partitions are defined, SQL statements can access and manipulate the partitions rather than entire
tables or indexes.
We recommend using this if your VISUAL Message Center implementation stores too much information
in a short period of time.
It would be useful to create Date Range partitions dividing events by month periods using a
TimeGenerated T4EVENTLOG column.
This guide provides the procedure to set this in SQL Server and Oracle Databases, but you will need a
Database Administrator to control this configuration.
A.2 SQL Server 2005/2008In SQL Server Databases you can modify an existing T4EVENTLOG table into a partitioned table.
You will be able to specify each partition and you will have to remember to add new partitions as time
goes by.
A.2.1 Steps to Configure SQL Server 2005/2008Step 1. Set session DateFormat
SET DATEFORMAT YMD
© 2013 Tango/04 Computing Group Page 36
Appendix A : Partitioned Tables
Step 2. Create Partition Function
The partition function defines the partitions of the table. In this case, we are defining four
monthly partitions.
Step 3. Alter Database to add FileGroups for each Partition
Each partition will have an associated FileGroup which contains one datafile.
Step 4. Add a File to each Partition
Create the datafile of each filegroup of the Database where the T4EVENTLOG table
resides.
Specify the initial size, its growth, and its maxsize here.
CREATE PARTITION FUNCTION [PF_T4EVENTLOG_TIMEGENERATED] (datetime)
AS RANGE RIGHT FOR VALUES ('2009/07/01', '2009/08/01', '2009/09/01', '2009/10/01');
ALTER DATABASE Events_Historical
ADD FILEGROUP FG_T4EVENTLOG1
GO
ALTER DATABASE Events_Historical
ADD FILEGROUP FG_T4EVENTLOG2
GO
ALTER DATABASE Events_Historical
ADD FILEGROUP FG_T4EVENTLOG3
GO
ALTER DATABASE Events_Historical
ADD FILEGROUP FG_T4EVENTLOG4
GO
ALTER DATABASE Events_Historical
ADD FILEGROUP FG_T4EVENTLOG5
GO
GO
ALTER DATABASE Events_Historical
ADD FILE
(
NAME = FILE1_T4EVENTLOG2,
FILENAME = 'C:\T4EventLog2.ndf',
SIZE = 50MB,
MAXSIZE = UNLIMITED,
© 2013 Tango/04 Computing Group Page 37
Appendix A : Partitioned Tables
FILEGROWTH = 10%
) TO FILEGROUP FG_T4EVENTLOG2;
GO
ALTER DATABASE Events_Historical
ADD FILE
(
NAME = FILE1_T4EVENTLOG3,
FILENAME = 'C:\T4EventLog3.ndf',
SIZE = 50MB,
MAXSIZE = UNLIMITED,
FILEGROWTH = 10%
) TO FILEGROUP FG_T4EVENTLOG3;
GO
ALTER DATABASE Events_Historical
ADD FILE
(
NAME = FILE1_T4EVENTLOG4,
FILENAME = 'C:\T4EventLog4.ndf',
SIZE = 50MB,
MAXSIZE = UNLIMITED,
FILEGROWTH = 10%
) TO FILEGROUP FG_T4EVENTLOG4;
GO
ALTER DATABASE Events_Historical
ADD FILE
(
NAME = FILE1_T4EVENTLOG5,
FILENAME = 'C:\T4EventLog5.ndf',
SIZE = 50MB,
ALTER DATABASE Events_Historical
ADD FILE
(
NAME = FILE1_T4EVENTLOG1,
FILENAME = 'C:\T4EventLog1.ndf',
SIZE = 50MB,
MAXSIZE = UNLIMITED,
© 2013 Tango/04 Computing Group Page 38
Appendix A : Partitioned Tables
Step 5. Drop Current Clustered Index in T4EVENTLOG (Drops PK)
In order to create partitions in an existing table, the table cannot have a Clustered Index.
Therefore, we will drop the default Primary Key, which creates a Clustered Index.
Step 6. Create Partition Scheme associating Partition Function (at least one FileGroup for each
Partition)
The partition Scheme specifies the filesgroups that will be associated with the partition
function.
Step 7. Create Clustered Index on Partition Scheme
Step 8. Recover Primary Key
A.2.2 Altering Partitions The Partitions must be created manually. Therefore, you must create corresponding Filegroups and
Datafiles for each partition.
Step 1. Add new File Group in Database
FILEGROWTH = 10%
) TO FILEGROUP FG_T4EVENTLOG1;
MAXSIZE = UNLIMITED,
FILEGROWTH = 10%
) TO FILEGROUP FG_T4EVENTLOG5;
GO
ALTER TABLE [dbo].[T4EVENTLOG] DROP CONSTRAINT [PK_T4EVENTLOG]
CREATE PARTITION SCHEME PS_T4EVENTLOG
AS PARTITION [PF_T4EVENTLOG_TIMEGENERATED]
TO (FG_T4EVENTLOG1, FG_T4EVENTLOG2, FG_T4EVENTLOG3, FG_T4EVENTLOG4, FG_T4EVENTLOG5);
CREATE CLUSTERED INDEX CI_PartitionedT4EVENTLOG
ON T4EVENTLOG(TIMEGENERATED)
ON PS_T4EVENTLOG(TIMEGENERATED);
ALTER TABLE dbo.T4EVENTLOG ADD CONSTRAINT
PK_T4EVENTLOG PRIMARY KEY NONCLUSTERED (ID)
WITH( STATISTICS_NORECOMPUTE = OFF, IGNORE_DUP_KEY = OFF, ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON) ON [PRIMARY]
ALTER DATABASE Events_Historical
ADD FILEGROUP FG_T4EVENTLOG6
GO
© 2013 Tango/04 Computing Group Page 39
Appendix A : Partitioned Tables
Step 2. Add Data File to File Group
Step 3. Alter Partition Scheme to consider new File Group in next partition
Step 4. Alter Partition Function to consider new Month
In order to add a new partition, you must split the current partitions considering the new
month.
A.2.3 Analyzing PartitionsThe following SQL Statements allow you to verify the status of T4EVENTLOG partitions. Knowing the
number of rows in each partition is very useful.
Step 1. Shows created partitions for T4EventLog table
ALTER DATABASE Events_Historical
ADD FILE
(
NAME = FILE1_T4EVENTLOG6,
FILENAME = 'C:\T4EventLog6.ndf',
SIZE = 50MB,
MAXSIZE = UNLIMITED,
FILEGROWTH = 10%
) TO FILEGROUP FG_T4EVENTLOG6;
GO
ALTER PARTITION SCHEME PS_T4EVENTLOG NEXT USED FG_T4EVENTLOG6;
ALTER PARTITION FUNCTION [PF_T4EVENTLOG_TIMEGENERATED] ()
SPLIT RANGE ('2009/11/01')
SELECT PF.function_id, PF.fanout AS NumPartitions,
CASE WHEN PF.boundary_value_on_right = 0 THEN 'LEFT' ELSE 'RIGHT' END AS RangeType,
PP.parameter_id, PRV.boundary_id, PRV.value, CASE WHEN PF.boundary_value_on_right = 0
THEN PRV.boundary_id ELSE PRV.boundary_id + 1 END AS PartitionNumber
FROM sys.partition_functions AS PF
JOIN sys.partition_parameters AS PP ON PF.function_id = PP.function_id
JOIN sys.partition_range_values AS PRV ON PP.function_id = PRV.function_id AND PP.parameter_id = PRV.parameter_id
WHERE PF.name = 'PF_T4EVENTLOG_TIMEGENERATED'
© 2013 Tango/04 Computing Group Page 40
Appendix A : Partitioned Tables
Step 2. Shows File Groups of the Partition Scheme for T4Eventlog table
Step 3. Shows Row Count in each partition
A.3 Oracle In Oracle Databases there is a different process for configuring a T4EVENTLOG table as a partitioned
table.
You will have to create a temporary T4EVENTLOG table in order to apply partitions to it and then rename
the old one to the new one.
There are two ways to define partitions using TIMEGENERATED but it depends on the Oracle Database
Version you are using, both of which are explained as follows:
• Version 8i and above: You will be able to specify each partition and you will have to remember
to add new partitions as time goes by.
• Version 11g only: This version allows automatic partition creation specifying intervals of time.
SELECT SPS.name AS PartitionSchemeName, SDD.destination_id, SF.name AS FileGroup
FROM sys.partition_schemes AS SPS
JOIN sys.destination_data_spaces AS SDD ON SPS.data_space_id =SDD.partition_scheme_id
JOIN sys.filegroups AS SF ON SF.data_space_id = SDD.data_space_id
WHERE SPS.name = 'PS_T4EVENTLOG';
SELECT OBJECT_NAME(SI.object_id) AS PartitionedTable,
DS.name AS PartitionScheme,
PF.name AS PartitionFunction,
P.partition_number,
P.rows
FROM sys.partitions AS P
JOIN sys.indexes AS SI ON P.object_id = SI.object_id AND P.index_id = SI.index_id
JOIN sys.data_spaces AS DS ON DS.data_space_id = SI.data_space_id
JOIN sys.partition_schemes AS PS ON PS.data_space_id = SI.data_space_id
JOIN sys.partition_functions AS PF ON PF.function_id = PS.function_id
WHERE DS.type = 'PS'
AND OBJECTPROPERTYEX(SI.object_id, 'BaseType') = 'U'
AND SI.type IN(0,1)
AND OBJECT_NAME(SI.object_id) = 'T4EVENTLOG';
© 2013 Tango/04 Computing Group Page 41
Appendix A : Partitioned Tables
A.3.1 Steps to Configure OracleStep 1. Create Tablespaces to use in partitions
You must create the Tablespaces and Datafiles that will be used in partitions.
Step 2. Create new table using a Tablespace in each Partition
Now you must create a table similar to T4EVENTLOG but specifying the new partitions.
CREATE TABLESPACE ts_t4eventlog_1
DATAFILE 'e:\app\oracle\oradata\t4eventlog_01.dbf'
SIZE 50m AUTOEXTEND ON NEXT 10m MAXSIZE UNLIMITED;
CREATE TABLESPACE ts_t4eventlog_2
DATAFILE 'e:\app\oracle\oradata\t4eventlog_02.dbf'
SIZE 50m AUTOEXTEND ON NEXT 10m MAXSIZE UNLIMITED;
CREATE TABLESPACE ts_t4eventlog_3
DATAFILE 'e:\app\oracle\oradata\t4eventlog_03.dbf'
SIZE 50m AUTOEXTEND ON NEXT 10m MAXSIZE UNLIMITED;
CREATE TABLE "THINKSERVER"."T4EVENTLOG_TEMP"
( "ID" NUMBER(19),
"SYSTEM" VARCHAR(254),
"AGENT" VARCHAR(10),
"VERSION" NUMBER(19),
"EVENTID" NUMBER(19),
"EVENTTYPE" NUMBER(10),
"EVENTCATEGORY" NUMBER(10),
"SOURCENAME" VARCHAR(254),
"COMPUTERNAME" VARCHAR(254),
"USERNAME" VARCHAR(254),
"DOMAIN" VARCHAR(254),
"CATEGORY" VARCHAR(254),
"COMPLETEMSG" CLOB,
"EVENTLOGTYPE" VARCHAR(254),
"TIMEGENERATED" DATE,
"TIMEWRITTEN" DATE,
"VARIABLES" CLOB,
"VAR01" VARCHAR(254),"VAR02" VARCHAR(254), "VAR03" VARCHAR(254), "VAR04" VARCHAR(254), "VAR05" VARCHAR(254), "VAR06" VARCHAR(254), "VAR07" VARCHAR(254), "VAR08"
© 2013 Tango/04 Computing Group Page 42
Appendix A : Partitioned Tables
VARCHAR(254), "VAR09" VARCHAR(254), "VAR10" VARCHAR(254), "VAR11" VARCHAR(254), "VAR12" VARCHAR(254), "VAR13" VARCHAR(254), "VAR14" VARCHAR(254), "VAR15" VARCHAR(254), "VAR16" VARCHAR(254), "VAR17" VARCHAR(254), "VAR18" VARCHAR(254), "VAR19" VARCHAR(254), "VAR20" VARCHAR(254), "VAR21" VARCHAR(254), "VAR22" VARCHAR(254), "VAR23" VARCHAR(254), "VAR24" VARCHAR(254), "VAR25" VARCHAR(254), "VAR26" VARCHAR(254), "VAR27" VARCHAR(254), "VAR28" VARCHAR(254), "VAR29" VARCHAR(254), "VAR30" VARCHAR(254), "VAR31" VARCHAR(254), "VAR32" VARCHAR(254), "VAR33" VARCHAR(254), "VAR34" VARCHAR(254), "VAR35" VARCHAR(254), "VAR36" VARCHAR(254), "VAR37" VARCHAR(254), "VAR38" VARCHAR(254), "VAR39" VARCHAR(254), "VAR40" VARCHAR(254), "VAR41" VARCHAR(254), "VAR42" VARCHAR(254), "VAR43" VARCHAR(254), "VAR44" VARCHAR(254), "VAR45" VARCHAR(254), "VAR46" VARCHAR(254), "VAR47" VARCHAR(254), "VAR48" VARCHAR(254), "VAR49" VARCHAR(254), "VAR50" VARCHAR(254), "VAR51" VARCHAR(254), "VAR52" VARCHAR(254), "VAR53" VARCHAR(254), "VAR54" VARCHAR(254), "VAR55" VARCHAR(254), "VAR56" VARCHAR(254), "VAR57" VARCHAR(254), "VAR58" VARCHAR(254), "VAR59" VARCHAR(254), "VAR60" VARCHAR(254), "VAR61" VARCHAR(254), "VAR62" VARCHAR(254), "VAR63" VARCHAR(254), "VAR64" VARCHAR(254), "VAR65" VARCHAR(254), "VAR66" VARCHAR(254), "VAR67" VARCHAR(254), "VAR68" VARCHAR(254), "VAR69" VARCHAR(254), "VAR70" VARCHAR(254), "VAR71" VARCHAR(254), "VAR72" VARCHAR(254), "VAR73" VARCHAR(254), "VAR74" VARCHAR(254), "VAR75" VARCHAR(254), "VAR76" VARCHAR(254), "VAR77" VARCHAR(254), "VAR78" VARCHAR(254), "VAR79" VARCHAR(254), "VAR80" VARCHAR(254), "VAR81" VARCHAR(254), "VAR82" VARCHAR(254), "VAR83" VARCHAR(254), "VAR84" VARCHAR(254), "VAR85" VARCHAR(254), "VAR86" VARCHAR(254), "VAR87" VARCHAR(254), "VAR88" VARCHAR(254), "VAR89" VARCHAR(254), "VAR90" VARCHAR(254), "VAR91" VARCHAR(254), "VAR92" VARCHAR(254), "VAR93" VARCHAR(254), "VAR94" VARCHAR(254), "VAR95" VARCHAR(254), "VAR96" VARCHAR(254), "VAR97" VARCHAR(254), "VAR98" VARCHAR(254), "VAR99" VARCHAR(254),
"TIMEZONE" NUMBER(10),
"VARDEFID" NUMBER(10),
"NM_OPERATOR" VARCHAR(254),
"NM_ACTION" VARCHAR(254),
"NM_SOURCE_WKS" VARCHAR(254),
"NM_SOURCE_IP" VARCHAR(254),
"NM_DESTINATION_WKS" VARCHAR(254),
"NM_DESTINATION_IP" VARCHAR(254),
"NM_OBJECT" VARCHAR(254),
"NM_USER" VARCHAR(100),
"NM_GROUP_ROLE" VARCHAR(254),
"NM_APPLICATION" VARCHAR(254),
"NM_PLATFORM" VARCHAR(254),
"NM_RESULT" VARCHAR(1),
"NM_SEVERITY" VARCHAR(1),
"NM_PROTOCOL" VARCHAR(50),
© 2013 Tango/04 Computing Group Page 43
Appendix A : Partitioned Tables
Step 3. Redefine name
There is a package that can be used to rename the table.
"NM_NETSERVICE" VARCHAR(50),
"NM_COMPANY" NUMBER(10),
"NM_PERSON" VARCHAR(100),
"ENTITYGUID" VARCHAR(36),
"PRIORITY" NUMBER(10),
"APPLICATION" VARCHAR(254),
"SUBCATEGORY" VARCHAR(254),
"ADDINFO_1" VARCHAR(254),
"ADDINFO_2" VARCHAR(254),
"SIGNATURE" VARCHAR(128)
)PARTITION BY RANGE ("TIMEGENERATED")
(PARTITION t4eventlog200907 VALUES LESS THAN (TO_DATE('2009/08/01', 'YYYY/MM/DD')) TABLESPACE ts_t4eventlog_1,
PARTITION t4eventlog200908 VALUES LESS THAN (TO_DATE('2009/09/01', 'YYYY/MM/DD')) TABLESPACE ts_t4eventlog_2,
PARTITION t4eventlogRest VALUES LESS THAN (MAXVALUE) TABLESPACE ts_t4eventlog_3
);
CREATE INDEX "THINKSERVER"."IDX1_AGENT_TIMEWRITTEN_" ON "THINKSERVER"."T4EVENTLOG_TEMP" ("AGENT", "TIMEWRITTEN") ;
CREATE INDEX "THINKSERVER"."IDX2_TIMEGEN_AGENT_EVENTID_" ON "THINKSERVER"."T4EVENTLOG_TEMP" ("TIMEGENERATED", "AGENT", "EVENTID") ;
CREATE UNIQUE INDEX "THINKSERVER"."IDX3_SYS_AGENT_TIMEWRIT_ID_" ON "THINKSERVER"."T4EVENTLOG_TEMP" ("SYSTEM", "AGENT", "TIMEWRITTEN", "ID") ;
ALTER TABLE "T4EVENTLOG_TEMP" ADD CONSTRAINT "PK_T4EVENTLOG_TEMP" PRIMARY KEY("ID")
‐‐ check
EXEC DBMS_REDEFINITION.CAN_REDEF_TABLE('THINKSERVER','T4EVENTLOG');
‐‐start
BEGIN
DBMS_REDEFINITION.START_REDEF_TABLE(uname => 'THINKSERVER',
orig_table => 'T4EVENTLOG',
int_table => 'T4EVENTLOG_TEMP');
© 2013 Tango/04 Computing Group Page 44
Appendix A : Partitioned Tables
Step 4. Drop old Table
If desired insert old events to new table so they can stay in partitioned table.
Step 5. Rename all the constraints and indexes to match the original names.
A.3.2 Altering PartitionsStep 1. Create new Tablespaces to use
Step 2. Split last partition in the new period
A.3.3 Analyzing PartitionsStep 1. Gather Table Statistics
END;
BEGIN
dbms_redefinition.finish_redef_table(
uname => 'THINKSERVER',
orig_table => 'T4EVENTLOG',
int_table => 'T4EVENTLOG_temp');
END;
DROP TABLE T4EVENTLOG_TEMP;
ALTER TABLE T4EVENTLOG RENAME CONSTRAINT PK_T4EVENTLOG_TEMP TO PK_T4EVENTLOG;
ALTER INDEX IDX1_AGENT_TIMEWRITTEN_ RENAME TO IDX1_AGENT_TIMEWRITTEN;
ALTER INDEX IDX2_TIMEGEN_AGENT_EVENTID_ RENAME TO IDX2_TIMEGEN_AGENT_EVENTID;
ALTER INDEX IDX3_SYS_AGENT_TIMEWRIT_ID_ RENAME TO IDX3_SYS_AGENT_TIMEWRIT_ID;
CREATE TABLESPACE ts_t4eventlog_4
DATAFILE 'e:\app\oracle\oradata\t4eventlog_04.dbf'
SIZE 50m AUTOEXTEND ON NEXT 10m MAXSIZE UNLIMITED;
ALTER TABLE THINKSERVER.T4EVENTLOG
SPLIT PARTITION t4eventlogRest
AT (TO_DATE('2009/10/01', 'YYYY/MM/DD'))
INTO (PARTITION t4eventlog200908 TABLESPACE ts_t4eventlog_4, PARTITION t4eventlogRest)
UPDATE GLOBAL INDEXES;
EXEC DBMS_STATS.GATHER_TABLE_STATS('THINKSERVER','T4EVENTLOG');
© 2013 Tango/04 Computing Group Page 45
Appendix A : Partitioned Tables
Step 2. Get Statistics
A.4 Oracle 11g onlyOracle 11g allows defining automatic Interval Partitioning. In doing so, it is not necessary to create new
partitions for new periods of time.
There are two ways of doing this:
• Different Table Creation Statement
• Changing from Date Range Partitioning to Interval Partitioning
A.4.1 Different Table Creation Statement
SELECT PARTITION_NAME, NUM_ROWS, HIGH_VALUE
FROM USER_TAB_PARTITIONS
WHERE TABLE_NAME = 'T4EVENTLOG';
CREATE TABLE "THINKSERVER"."T4EVENTLOG_TEMP"
( "ID" NUMBER(19),
"SYSTEM" VARCHAR(254),
"AGENT" VARCHAR(10),
"VERSION" NUMBER(19),
"EVENTID" NUMBER(19),
"EVENTTYPE" NUMBER(10),
"EVENTCATEGORY" NUMBER(10),
"SOURCENAME" VARCHAR(254),
"COMPUTERNAME" VARCHAR(254),
"USERNAME" VARCHAR(254),
"DOMAIN" VARCHAR(254),
"CATEGORY" VARCHAR(254),
"COMPLETEMSG" CLOB,
"EVENTLOGTYPE" VARCHAR(254),
"TIMEGENERATED" DATE,
"TIMEWRITTEN" DATE,
"VARIABLES" CLOB,
"VAR01" VARCHAR(254),"VAR02" VARCHAR(254), "VAR03" VARCHAR(254), "VAR04" VARCHAR(254), "VAR05" VARCHAR(254), "VAR06" VARCHAR(254), "VAR07" VARCHAR(254), "VAR08" VARCHAR(254), "VAR09" VARCHAR(254), "VAR10" VARCHAR(254), "VAR11" VARCHAR(254), "VAR12" VARCHAR(254), "VAR13" VARCHAR(254), "VAR14" VARCHAR(254), "VAR15" VARCHAR(254), "VAR16" VARCHAR(254), "VAR17" VARCHAR(254), "VAR18" VARCHAR(254), "VAR19" VARCHAR(254), "VAR20" VARCHAR(254), "VAR21" VARCHAR(254), "VAR22" VARCHAR(254), "VAR23" VARCHAR(254), "VAR24" VARCHAR(254), "VAR25" VARCHAR(254),
© 2013 Tango/04 Computing Group Page 46
Appendix A : Partitioned Tables
"VAR26" VARCHAR(254), "VAR27" VARCHAR(254), "VAR28" VARCHAR(254), "VAR29" VARCHAR(254), "VAR30" VARCHAR(254), "VAR31" VARCHAR(254), "VAR32" VARCHAR(254), "VAR33" VARCHAR(254), "VAR34" VARCHAR(254), "VAR35" VARCHAR(254), "VAR36" VARCHAR(254), "VAR37" VARCHAR(254), "VAR38" VARCHAR(254), "VAR39" VARCHAR(254), "VAR40" VARCHAR(254), "VAR41" VARCHAR(254), "VAR42" VARCHAR(254), "VAR43" VARCHAR(254), "VAR44" VARCHAR(254), "VAR45" VARCHAR(254), "VAR46" VARCHAR(254), "VAR47" VARCHAR(254), "VAR48" VARCHAR(254), "VAR49" VARCHAR(254), "VAR50" VARCHAR(254), "VAR51" VARCHAR(254), "VAR52" VARCHAR(254), "VAR53" VARCHAR(254), "VAR54" VARCHAR(254), "VAR55" VARCHAR(254), "VAR56" VARCHAR(254), "VAR57" VARCHAR(254), "VAR58" VARCHAR(254), "VAR59" VARCHAR(254), "VAR60" VARCHAR(254), "VAR61" VARCHAR(254), "VAR62" VARCHAR(254), "VAR63" VARCHAR(254), "VAR64" VARCHAR(254), "VAR65" VARCHAR(254), "VAR66" VARCHAR(254), "VAR67" VARCHAR(254), "VAR68" VARCHAR(254), "VAR69" VARCHAR(254), "VAR70" VARCHAR(254), "VAR71" VARCHAR(254), "VAR72" VARCHAR(254), "VAR73" VARCHAR(254), "VAR74" VARCHAR(254), "VAR75" VARCHAR(254), "VAR76" VARCHAR(254), "VAR77" VARCHAR(254), "VAR78" VARCHAR(254), "VAR79" VARCHAR(254), "VAR80" VARCHAR(254), "VAR81" VARCHAR(254), "VAR82" VARCHAR(254), "VAR83" VARCHAR(254), "VAR84" VARCHAR(254), "VAR85" VARCHAR(254), "VAR86" VARCHAR(254), "VAR87" VARCHAR(254), "VAR88" VARCHAR(254), "VAR89" VARCHAR(254), "VAR90" VARCHAR(254), "VAR91" VARCHAR(254), "VAR92" VARCHAR(254), "VAR93" VARCHAR(254), "VAR94" VARCHAR(254), "VAR95" VARCHAR(254), "VAR96" VARCHAR(254), "VAR97" VARCHAR(254), "VAR98" VARCHAR(254), "VAR99" VARCHAR(254),
"TIMEZONE" NUMBER(10),
"VARDEFID" NUMBER(10),
"NM_OPERATOR" VARCHAR(254),
"NM_ACTION" VARCHAR(254),
"NM_SOURCE_WKS" VARCHAR(254),
"NM_SOURCE_IP" VARCHAR(254),
"NM_DESTINATION_WKS" VARCHAR(254),
"NM_DESTINATION_IP" VARCHAR(254),
"NM_OBJECT" VARCHAR(254),
"NM_USER" VARCHAR(100),
"NM_GROUP_ROLE" VARCHAR(254),
"NM_APPLICATION" VARCHAR(254),
"NM_PLATFORM" VARCHAR(254),
"NM_RESULT" VARCHAR(1),
"NM_SEVERITY" VARCHAR(1),
"NM_PROTOCOL" VARCHAR(50),
"NM_NETSERVICE" VARCHAR(50),
"NM_COMPANY" NUMBER(10),
"NM_PERSON" VARCHAR(100),
"ENTITYGUID" VARCHAR(36),
© 2013 Tango/04 Computing Group Page 47
Appendix A : Partitioned Tables
A.4.2 Changing from Date Range Partitioning to Interval Partitioning
"PRIORITY" NUMBER(10),
"APPLICATION" VARCHAR(254),
"SUBCATEGORY" VARCHAR(254),
"ADDINFO_1" VARCHAR(254),
ADDINFO_2" VARCHAR(254),
"SIGNATURE" VARCHAR(128)
")PARTITION BY RANGE ("TIMEGENERATED")
INTERVAL(NUMTOYMINTERVAL(1, 'MONTH'))
STORE IN (ts_t4eventlog_1, ts_t4eventlog_2,
ts_t4eventlog_3);
CREATE INDEX "THINKSERVER"."IDX1_AGENT_TIMEWRITTEN_" ON "THINKSERVER"."T4EVENTLOG_TEMP" ("AGENT", "TIMEWRITTEN") ;
CREATE INDEX "THINKSERVER"."IDX2_TIMEGEN_AGENT_EVENTID_" ON "THINKSERVER"."T4EVENTLOG_TEMP" ("TIMEGENERATED", "AGENT",
"EVENTID") ;
CREATE UNIQUE INDEX "THINKSERVER"."IDX3_SYS_AGENT_TIMEWRIT_ID_" ON "THINKSERVER"."T4EVENTLOG_TEMP" ("SYSTEM", "AGENT", "TIMEWRITTEN", "ID") ;
ALTER TABLE "T4EVENTLOG_TEMP" ADD CONSTRAINT "PK_T4EVENTLOG_TEMP" PRIMARY KEY("ID")
ALTER TABLE T4EVENTLOG DROP PARTITION t4eventlogRest;
ALTER TABLE T4EVENTLOG SET INTERVAL(NUMTOYMINTERVAL(1, 'MONTH'));
© 2013 Tango/04 Computing Group Page 48
Appendix B : Working with DB2/iSeries Databases
Appendix BAppendix B: Working with DB2/iSeries Databases
In order to work with a DB2/iSeries database, you must create tables and their relationships manually.
This cannot be done automatically because there is no possible way to insert or update data to tables
(using committable transactions) if they are not journaled, and we cannot create those journals without
user interaction.
Therefore, consider the following steps for each type of Database:
Step 1. Creating tables
Step 2. Creating and assigning journals
Step 3. Adding constraints
Step 4. Initializing data
B.1 General Events Online Database
B.1.1 Creating Tables - General Events Online DatabaseCREATE TABLE T4EVENTLOG (
ID BIGINT NOT NULL,
SYSTEM VARCHAR(254) NOT NULL,
AGENT VARCHAR(10) NOT NULL,
VERSION BIGINT,
EVENTID BIGINT,
EVENTTYPE INT,
EVENTCATEGORY INT,
SOURCENAME VARCHAR(254),
COMPUTERNAME VARCHAR(254),
USERNAME VARCHAR(254),
DOMAIN VARCHAR(254),
CATEGORY VARCHAR(254),
COMPLETEMSG CLOB,
© 2013 Tango/04 Computing Group Page 49
Appendix B : Working with DB2/iSeries Databases
EVENTLOGTYPE VARCHAR(254),
TIMEGENERATED TIMESTAMP,
TIMEWRITTEN TIMESTAMP,
VARIABLES CLOB,
VAR01 VARCHAR(254),
VAR02 VARCHAR(254),
VAR03 VARCHAR(254),
VAR04 VARCHAR(254),
VAR05 VARCHAR(254),
VAR06 VARCHAR(254),
VAR07 VARCHAR(254),
VAR08 VARCHAR(254),
VAR09 VARCHAR(254),
VAR10 VARCHAR(254),
VAR11 VARCHAR(254),
VAR12 VARCHAR(254),
VAR13 VARCHAR(254),
VAR14 VARCHAR(254),
VAR15 VARCHAR(254),
VAR16 VARCHAR(254),
VAR17 VARCHAR(254),
VAR18 VARCHAR(254),
VAR19 VARCHAR(254),
VAR20 VARCHAR(254),
VAR21 VARCHAR(254),
VAR22 VARCHAR(254),
VAR23 VARCHAR(254),
VAR24 VARCHAR(254),
VAR25 VARCHAR(254),
VAR26 VARCHAR(254),
VAR27 VARCHAR(254),
VAR28 VARCHAR(254),
VAR29 VARCHAR(254),
VAR30 VARCHAR(254),
VAR31 VARCHAR(254),
VAR32 VARCHAR(254),
VAR33 VARCHAR(254),
VAR34 VARCHAR(254),
© 2013 Tango/04 Computing Group Page 50
Appendix B : Working with DB2/iSeries Databases
VAR35 VARCHAR(254),
VAR36 VARCHAR(254),
VAR37 VARCHAR(254),
VAR38 VARCHAR(254),
VAR39 VARCHAR(254),
VAR40 VARCHAR(254),
VAR41 VARCHAR(254),
VAR42 VARCHAR(254),
VAR43 VARCHAR(254),
VAR44 VARCHAR(254),
VAR45 VARCHAR(254),
VAR46 VARCHAR(254),
VAR47 VARCHAR(254),
VAR48 VARCHAR(254),
VAR49 VARCHAR(254),
VAR50 VARCHAR(254),
VAR51 VARCHAR(254),
VAR52 VARCHAR(254),
VAR53 VARCHAR(254),
VAR54 VARCHAR(254),
VAR55 VARCHAR(254),
VAR56 VARCHAR(254),
VAR57 VARCHAR(254),
VAR58 VARCHAR(254),
VAR59 VARCHAR(254),
VAR60 VARCHAR(254),
VAR61 VARCHAR(254),
VAR62 VARCHAR(254),
VAR63 VARCHAR(254),
VAR64 VARCHAR(254),
VAR65 VARCHAR(254),
VAR66 VARCHAR(254),
VAR67 VARCHAR(254),
VAR68 VARCHAR(254),
VAR69 VARCHAR(254),
VAR70 VARCHAR(254),
VAR71 VARCHAR(254),
VAR72 VARCHAR(254),
© 2013 Tango/04 Computing Group Page 51
Appendix B : Working with DB2/iSeries Databases
VAR73 VARCHAR(254),
VAR74 VARCHAR(254),
VAR75 VARCHAR(254),
VAR76 VARCHAR(254),
VAR77 VARCHAR(254),
VAR78 VARCHAR(254),
VAR79 VARCHAR(254),
VAR80 VARCHAR(254),
VAR81 VARCHAR(254),
VAR82 VARCHAR(254),
VAR83 VARCHAR(254),
VAR84 VARCHAR(254),
VAR85 VARCHAR(254),
VAR86 VARCHAR(254),
VAR87 VARCHAR(254),
VAR88 VARCHAR(254),
VAR89 VARCHAR(254),
VAR90 VARCHAR(254),
VAR91 VARCHAR(254),
VAR92 VARCHAR(254),
VAR93 VARCHAR(254),
VAR94 VARCHAR(254),
VAR95 VARCHAR(254),
VAR96 VARCHAR(254),
VAR97 VARCHAR(254),
VAR98 VARCHAR(254),
VAR99 VARCHAR(254),
TIMEZONE INT,
VARDEFID INT,
NM_OPERATOR VARCHAR(254),
NM_ACTION VARCHAR(254),
NM_SOURCE_WKS VARCHAR(254),
NM_SOURCE_IP VARCHAR(254),
NM_DESTINATION_WKS VARCHAR(254),
NM_DESTINATION_IP VARCHAR(254),
NM_OBJECT VARCHAR(254),
NM_USER VARCHAR(100),
NM_GROUP_ROLE VARCHAR(254),
© 2013 Tango/04 Computing Group Page 52
Appendix B : Working with DB2/iSeries Databases
NM_APPLICATION VARCHAR(254),
NM_PLATFORM VARCHAR(254),
NM_RESULT VARCHAR(1),
NM_SEVERITY VARCHAR(1),
NM_PROTOCOL VARCHAR(50),
NM_NETSERVICE VARCHAR(50),
NM_COMPANY INT,
NM_PERSON VARCHAR(100),
ENTITYGUID VARCHAR(36) NOT NULL,
PRIORITY INT,
APPLICATION VARCHAR(254),
SUBCATEGORY VARCHAR(254),
ADDINFO_1 VARCHAR(254),
ADDINFO_2 VARCHAR(254),
SIGNATURE VARCHAR(128));
CREATE TABLE T4SEQS (
SEQUENCE VARCHAR(50) NOT NULL,
ID BIGINT
);
CREATE TABLE T4ENTITIES (
ID VARCHAR(36) NOT NULL,
DESCRIPTION VARCHAR(254),
VERSION INT NOT NULL,
CONFIGURATION CLOB NOT NULL
);
CREATE TABLE T4MAINTEN (
VERSION INT NOT NULL,
CONFIGURATION CLOB
);
CREATE TABLE T4ASSERTS (
EVENTLOGID BIGINT NOT NULL,
LOCATION INT NOT NULL,
STATUS INT NOT NULL,
TIMEWRITTEN TIMESTAMP NOT NULL
© 2013 Tango/04 Computing Group Page 53
Appendix B : Working with DB2/iSeries Databases
);
CREATE TABLE T4VARDESC(
VARDEFID INT NOT NULL,
VARNUMBER INT NOT NULL,
VARNAME VARCHAR(254) NOT NULL,
VARIDX VARCHAR(254) NOT NULL,
VARDESC VARCHAR(4000) NOT NULL
);
CREATE TABLE T4COMPS(
ID INT NOT NULL,
NAME VARCHAR(100) NOT NULL,
ADDITIONAL_INFO VARCHAR(254),
SIGNATURE VARCHAR(128)
);
CREATE TABLE T4SETTINGS(
NAME VARCHAR(50) NOT NULL,
VALUE VARCHAR(254)
);
CREATE TABLE T4DESC(
TYPE VARCHAR(10) NOT NULL,
ID INT NOT NULL,
DESCRIPTION VARCHAR(4000) NOT NULL
);
B.1.2 Creating and Assigning Journals - General Events Online DatabaseBe aware that the following commands use default configurations, and should be updated to suit your
needs.
Create Journal Receivers
CRTJRNRCV JRNRCV(T4EVLOGRCV) TEXT('T4EVENTLOG JOURNAL RECEIVER')
CRTJRNRCV JRNRCV(T4DESCRCV) TEXT('T4DESC JOURNAL RECEIVER')
CRTJRNRCV JRNRCV(T4SETRCV) TEXT('T4SETTINGS JOURNAL RECEIVER')
CRTJRNRCV JRNRCV(T4ENTRCV) TEXT('T4ENTITIES JOURNAL RECEIVER')
CRTJRNRCV JRNRCV(T4SEQSRCV) TEXT('T4SEQS JOURNAL RECEIVER')
CRTJRNRCV JRNRCV(T4COMPSRCV) TEXT('T4COMPS JOURNAL RECEIVER')
CRTJRNRCV JRNRCV(T4VARDERCV) TEXT('T4VARDESC JOURNAL RECEIVER')
© 2013 Tango/04 Computing Group Page 54
Appendix B : Working with DB2/iSeries Databases
CRTJRNRCV JRNRCV(T4ASSERCV) TEXT('T4ASSERTS JOURNAL RECEIVER')
CRTJRNRCV JRNRCV(T4MAINTRCV) TEXT(‘T4MAINTEN JOURNAL RECEIVER')
Create Journals
CRTJRN JRN(T4EVLOGJNR) JRNRCV(T4EVLOGRCV) TEXT('T4EVENTLOG JOURNAL')
CRTJRN JRN(T4DESCJNR) JRNRCV(T4DESCRCV) TEXT('T4DESC JOURNAL')
CRTJRN JRN(T4SETJNR) JRNRCV(T4SETRCV) TEXT('T4SETTINGS JOURNAL')
CRTJRN JRN(T4ENTJNR) JRNRCV(T4ENTRCV) TEXT('T4ENTITIES JOURNAL')
CRTJRN JRN(T4SEQSJNR) JRNRCV(T4SEQSRCV) TEXT('T4SEQS JOURNAL')
CRTJRN JRN(T4COMPSJNR) JRNRCV(T4COMPSRCV) TEXT('T4COMPS JOURNAL')
CRTJRN JRN(T4VARDEJNR) JRNRCV(T4VARDERCV) TEXT('T4VARDESC JOURNAL')
CRTJRN JRN(T4ASSEJNR) JRNRCV(T4ASSERCV) TEXT('T4ASSERTS JOURNAL')
CRTJRN JRN(T4MAINTJNR) JRNRCV(T4MAINTRCV) TEXT(‘T4MAINTEN JOURNAL')
Start Journals
STRJRNPF FILE(LIBRARY/T4EVENTLOG) JRN(T4EVLOGJNR)
STRJRNPF FILE(LIBRARY/T4DESC) JRN(T4DESCJNR)
STRJRNPF FILE(LIBRARY/T4SETTINGS) JRN(T4SETJNR)
STRJRNPF FILE(LIBRARY/T4ENTITIES) JRN(T4ENTJNR)
STRJRNPF FILE(LIBRARY/T4SEQS) JRN(T4SEQSJNR)
STRJRNPF FILE(LIBRARY/T4COMPS) JRN(T4COMPSJNR)
STRJRNPF FILE(LIBRARY/T4VARDESC) JRN(T4VARDEJNR)
STRJRNPF FILE(LIBRARY/T4ASSERTS) JRN(T4ASSEJNR)
STRJRNPF FILE(LIBRARY/T4MAINTEN) JRN(T4MAINTJNR)
B.1.3 Adding Constraints - General Events Online DatabaseCREATE INDEX IDX1_AGENT_TIMEWRITTEN
ON T4EVENTLOG (AGENT ASC, TIMEWRITTEN ASC);
CREATE INDEX IDX2_TIMEGEN_AGENT_EVENTID
ON T4EVENTLOG (TIMEGENERATED ASC, AGENT ASC, EVENTID ASC);
CREATE UNIQUE INDEX IDX3_SYSTEM_AGENT_TIMEWRIT_ID
ON T4EVENTLOG (SYSTEM ASC, AGENT ASC, TIMEWRITTEN ASC, ID ASC);
CREATE INDEX IDX4_VARIDX
ON T4VARDESC (VARIDX);
ALTER TABLE T4EVENTLOG ADD CONSTRAINT PK_T4EVENTLOG
PRIMARY KEY (ID);
ALTER TABLE T4DESC ADD CONSTRAINT PK_T4DESC
PRIMARY KEY (TYPE, ID);
© 2013 Tango/04 Computing Group Page 55
Appendix B : Working with DB2/iSeries Databases
ALTER TABLE T4SETTINGS ADD CONSTRAINT PK_T4SETTINGS
PRIMARY KEY (NAME);
ALTER TABLE T4ENTITIES ADD CONSTRAINT PK_T4ENTITIES
PRIMARY KEY (ID);
ALTER TABLE T4SEQS ADD CONSTRAINT PK_T4SEQS
PRIMARY KEY (SEQUENCE);
ALTER TABLE T4COMPS ADD CONSTRAINT PK_T4COMPS
PRIMARY KEY (ID);
ALTER TABLE T4VARDESC ADD CONSTRAINT PK_T4VARDESC PRIMARY KEY (VARDEFID, VARNUMBER);
B.1.4 Initializing Data - General Events Online DatabaseINSERT INTO T4MAINTEN (VERSION) VALUES(‐1);
INSERT INTO T4SEQS VALUES ('T04EVENTLOGID', 0);
INSERT INTO T4SEQS VALUES ('VARDEFID', 0);
INSERT INTO T4SETTINGS VALUES ('SCHEMA_VERSION', '1');
INSERT INTO T4ENTITIES VALUES('46803c90‐b49c‐11dd‐ad8b‐0800200c9a66', 'T04 Default Entity', 1, '8F3A50CEA79538867375DDEC5EA635F0DA0CA7CB5D6CC932F449EC67198F6DF83C1CA345C87C79ACC4822CB120A4BFD02CD29E64A2FEA2CBD8045A491B4150FAE5760FB338D9836BAFF58CAB5611F9A1B8A8A36028FA767B317EC071C7384523E59716C782FE9056E2EC23C8F7162985D74F118E2213200CF4ECE5EAABB1745F1102DB4AC5FF3CCA472D8CE7808EFF1669F3C00B3E1D6C7645FBCDD7283798459BEDE4E73037A6FAF69A41F8A616100CF8C8177582225C020AE6F372D5598D451CF6A0C919C91C0746E4C5CD69E9FE3245148E1E29AB6ED732771F2DE516C1D290EC9BA89164B5F082D21598E8D788F5764CE30C3F475F44EEF6EB07F2B6A6
24');
B.2 Historical Database (for maintenance)
B.2.1 Creating Tables - Historical DatabaseCREATE TABLE T4EVENTLOG (
ID BIGINT NOT NULL,
SYSTEM VARCHAR(254) NOT NULL,
AGENT VARCHAR(10) NOT NULL,
VERSION BIGINT,
EVENTID BIGINT,
Warning
These journal receivers can take up a lot of disk space depending on the specified threshold.
The VISUAL Message Center solution does not include provision to remove or clean up the
journals.
© 2013 Tango/04 Computing Group Page 56
Appendix B : Working with DB2/iSeries Databases
EVENTTYPE INT,
EVENTCATEGORY INT,
SOURCENAME VARCHAR(254),
COMPUTERNAME VARCHAR(254),
USERNAME VARCHAR(254),
DOMAIN VARCHAR(254),
CATEGORY VARCHAR(254),
COMPLETEMSG CLOB,
EVENTLOGTYPE VARCHAR(254),
TIMEGENERATED VARCHAR,
TIMEWRITTEN VARCHAR,
VARIABLES CLOB,
VAR01 VARCHAR(254),
VAR02 VARCHAR(254),
VAR03 VARCHAR(254),
VAR04 VARCHAR(254),
VAR05 VARCHAR(254),
VAR06 VARCHAR(254),
VAR07 VARCHAR(254),
VAR08 VARCHAR(254),
VAR09 VARCHAR(254),
VAR10 VARCHAR(254),
VAR11 VARCHAR(254),
VAR12 VARCHAR(254),
VAR13 VARCHAR(254),
VAR14 VARCHAR(254),
VAR15 VARCHAR(254),
VAR16 VARCHAR(254),
VAR17 VARCHAR(254),
VAR18 VARCHAR(254),
VAR19 VARCHAR(254),
VAR20 VARCHAR(254),
VAR21 VARCHAR(254),
VAR22 VARCHAR(254),
VAR23 VARCHAR(254),
VAR24 VARCHAR(254),
VAR25 VARCHAR(254),
VAR26 VARCHAR(254),
© 2013 Tango/04 Computing Group Page 57
Appendix B : Working with DB2/iSeries Databases
VAR27 VARCHAR(254),
VAR28 VARCHAR(254),
VAR29 VARCHAR(254),
VAR30 VARCHAR(254),
VAR31 VARCHAR(254),
VAR32 VARCHAR(254),
VAR33 VARCHAR(254),
VAR34 VARCHAR(254),
VAR35 VARCHAR(254),
VAR36 VARCHAR(254),
VAR37 VARCHAR(254),
VAR38 VARCHAR(254),
VAR39 VARCHAR(254),
VAR40 VARCHAR(254),
VAR41 VARCHAR(254),
VAR42 VARCHAR(254),
VAR43 VARCHAR(254),
VAR44 VARCHAR(254),
VAR45 VARCHAR(254),
VAR46 VARCHAR(254),
VAR47 VARCHAR(254),
VAR48 VARCHAR(254),
VAR49 VARCHAR(254),
VAR50 VARCHAR(254),
VAR51 VARCHAR(254),
VAR52 VARCHAR(254),
VAR53 VARCHAR(254),
VAR54 VARCHAR(254),
VAR55 VARCHAR(254),
VAR56 VARCHAR(254),
VAR57 VARCHAR(254),
VAR58 VARCHAR(254),
VAR59 VARCHAR(254),
VAR60 VARCHAR(254),
VAR61 VARCHAR(254),
VAR62 VARCHAR(254),
VAR63 VARCHAR(254),
VAR64 VARCHAR(254),
© 2013 Tango/04 Computing Group Page 58
Appendix B : Working with DB2/iSeries Databases
VAR65 VARCHAR(254),
VAR66 VARCHAR(254),
VAR67 VARCHAR(254),
VAR68 VARCHAR(254),
VAR69 VARCHAR(254),
VAR70 VARCHAR(254),
VAR71 VARCHAR(254),
VAR72 VARCHAR(254),
VAR73 VARCHAR(254),
VAR74 VARCHAR(254),
VAR75 VARCHAR(254),
VAR76 VARCHAR(254),
VAR77 VARCHAR(254),
VAR78 VARCHAR(254),
VAR79 VARCHAR(254),
VAR80 VARCHAR(254),
VAR81 VARCHAR(254),
VAR82 VARCHAR(254),
VAR83 VARCHAR(254),
VAR84 VARCHAR(254),
VAR85 VARCHAR(254),
VAR86 VARCHAR(254),
VAR87 VARCHAR(254),
VAR88 VARCHAR(254),
VAR89 VARCHAR(254),
VAR90 VARCHAR(254),
VAR91 VARCHAR(254),
VAR92 VARCHAR(254),
VAR93 VARCHAR(254),
VAR94 VARCHAR(254),
VAR95 VARCHAR(254),
VAR96 VARCHAR(254),
VAR97 VARCHAR(254),
VAR98 VARCHAR(254),
VAR99 VARCHAR(254),
TIMEZONE INT,
VARDEFID INT,
NM_OPERATOR VARCHAR(254),
© 2013 Tango/04 Computing Group Page 59
Appendix B : Working with DB2/iSeries Databases
NM_ACTION VARCHAR(254),
NM_SOURCE_WKS VARCHAR(254),
NM_SOURCE_IP VARCHAR(254),
NM_DESTINATION_WKS VARCHAR(254),
NM_DESTINATION_IP VARCHAR(254),
NM_OBJECT VARCHAR(254),
NM_USER VARCHAR(100),
NM_GROUP_ROLE VARCHAR(254),
NM_APPLICATION VARCHAR(254),
NM_PLATFORM VARCHAR(254),
NM_RESULT VARCHAR(1),
NM_SEVERITY VARCHAR(1),
NM_PROTOCOL VARCHAR(50),
NM_NETSERVICE VARCHAR(50),
NM_COMPANY INT,
NM_PERSON VARCHAR(100),
ENTITYGUID VARCHAR(36) NOT NULL,
PRIORITY INT,
APPLICATION VARCHAR(254),
SUBCATEGORY VARCHAR(254),
ADDINFO_1 VARCHAR(254),
ADDINFO_2 VARCHAR(254),
SIGNATURE VARCHAR(128));
CREATE TABLE T4VARDESC(
VARDEFID INT NOT NULL,
VARNUMBER INT NOT NULL,
VARNAME VARCHAR(254) NOT NULL,
VARIDX VARCHAR(254) NOT NULL,
VARDESC VARCHAR(4000) NOT NULL
);
CREATE TABLE T4ERASEDEV (
ID BIGINT NOT NULL,
TIMEWRITTEN TIMESTAMP NOT NULL,
USERNAME VARCHAR(254),
ORIGINALSIGNATURE VARCHAR(128),
SIGNATURE VARCHAR(128) NOT NULL);
© 2013 Tango/04 Computing Group Page 60
Appendix B : Working with DB2/iSeries Databases
CREATE TABLE T4COMPS(
ID INT NOT NULL,
NAME VARCHAR(100) NOT NULL,
ADDITIONAL_INFO VARCHAR(254),
SIGNATURE VARCHAR(128)
);
CREATE TABLE T4DESC(
TYPE VARCHAR(10) NOT NULL,
ID INT NOT NULL,
DESCRIPTION VARCHAR(4000) NOT NULL
);
B.2.2 Creating and Assigning Journals - Historical DatabaseBe aware that the following commands use default configurations, and should be updated to suit your
needs.
Create Journal Receivers
CRTJRNRCV JRNRCV(T4HEVLOGRC) TEXT('T4EVENTLOG JOURNAL RECEIVER')
CRTJRNRCV JRNRCV(T4HDESCRC) TEXT('T4DESC JOURNAL RECEIVER')
CRTJRNRCV JRNRCV(T4HCOMPSRC) TEXT('T4COMPS JOURNAL RECEIVER')
CRTJRNRCV JRNRCV(T4HVARDERC) TEXT('T4VARDESC JOURNAL RECEIVER')
CRTJRNRCV JRNRCV(T4HEREVRC) TEXT('T4VARDESC JOURNAL RECEIVER')
Create Journals
CRTJRN JRN(T4HEVLOGJN) JRNRCV(T4HEVLOGRC) TEXT('T4EVENTLOG JOURNAL')
CRTJRN JRN(T4HDESCJN) JRNRCV(T4HDESCRC) TEXT('T4DESC JOURNAL')
CRTJRN JRN(T4HCOMPSJN) JRNRCV(T4HCOMPSRC) TEXT('T4COMPS JOURNAL')
CRTJRN JRN(T4HVARDEJN) JRNRCV(T4HVARDERC) TEXT('T4VARDESC JOURNAL')
CRTJRN JRN(T4HEREVJN) JRNRCV(T4HEREVRC) TEXT('T4ERASEDEV JOURNAL')
Start Journals
STRJRNPF FILE(LIBRARY/T4EVENTLOG) JRN(T4HEVLOGJN)
STRJRNPF FILE(LIBRARY/T4DESC) JRN(T4HDESCJN)
STRJRNPF FILE(LIBRARY/T4COMPS) JRN(T4HCOMPSJN)
STRJRNPF FILE(LIBRARY/T4VARDESC) JRN(T4HVARDEJN)
STRJRNPF FILE(LIBRARY/T4ERASEDEV) JRN(T4HEREVJN)
B.2.3 Adding Constraints - Historical DatabaseCREATE INDEX IDX1_AGENT_TIMEWRITTEN
ON T4EVENTLOG (AGENT ASC, TIMEWRITTEN ASC);
© 2013 Tango/04 Computing Group Page 61
Appendix B : Working with DB2/iSeries Databases
CREATE INDEX IDX2_TIMEGEN_AGENT_EVENTID
ON T4EVENTLOG (TIMEGENERATED ASC, AGENT ASC, EVENTID ASC);
CREATE UNIQUE INDEX IDX3_SYSTEM_AGENT_TIMEWRIT_ID
ON T4EVENTLOG (SYSTEM ASC, AGENT ASC, TIMEWRITTEN ASC, ID ASC);
CREATE INDEX IDX4_VARIDX
ON T4VARDESC (VARIDX);
ALTER TABLE T4EVENTLOG ADD CONSTRAINT PK_T4EVENTLOG PRIMARY KEY (ID);
ALTER TABLE T4DESC ADD CONSTRAINT PK_T4DESC PRIMARY KEY (TYPE, ID);
ALTER TABLE T4COMPS ADD CONSTRAINT PK_T4COMPS PRIMARY KEY (ID);
ALTER TABLE T4ERASEDEV ADD CONSTRAINT PK_T4ERASEDEV PRIMARY KEY (ID);
ALTER TABLE T4VARDESC ADD CONSTRAINT PK_T4VARDESC PRIMARY KEY (VARDEFID,
VARNUMBER);
B.3 Archived Database (for Maintenance)
B.3.1 Creating Tables - Archived DatabaseCREATE TABLE T4EVENTLOG (
ID BIGINT NOT NULL,
SYSTEM VARCHAR(254) NOT NULL,
AGENT VARCHAR(10) NOT NULL,
VERSION BIGINT,
EVENTID BIGINT,
EVENTTYPE INT,
EVENTCATEGORY INT,
SOURCENAME VARCHAR(254),
COMPUTERNAME VARCHAR(254),
USERNAME VARCHAR(254),
DOMAIN VARCHAR(254),
CATEGORY VARCHAR(254),
COMPLETEMSG CLOB,
EVENTLOGTYPE VARCHAR(254),
TIMEGENERATED TIMESTAMP,
TIMEWRITTEN TIMESTAMP,
VARIABLES CLOB,
VAR01 VARCHAR(254),
© 2013 Tango/04 Computing Group Page 62
Appendix B : Working with DB2/iSeries Databases
VAR02 VARCHAR(254),
VAR03 VARCHAR(254),
VAR04 VARCHAR(254),
VAR05 VARCHAR(254),
VAR06 VARCHAR(254),
VAR07 VARCHAR(254),
VAR08 VARCHAR(254),
VAR09 VARCHAR(254),
VAR10 VARCHAR(254),
VAR11 VARCHAR(254),
VAR12 VARCHAR(254),
VAR13 VARCHAR(254),
VAR14 VARCHAR(254),
VAR15 VARCHAR(254),
VAR16 VARCHAR(254),
VAR17 VARCHAR(254),
VAR18 VARCHAR(254),
VAR19 VARCHAR(254),
VAR20 VARCHAR(254),
VAR21 VARCHAR(254),
VAR22 VARCHAR(254),
VAR23 VARCHAR(254),
VAR24 VARCHAR(254),
VAR25 VARCHAR(254),
VAR26 VARCHAR(254),
VAR27 VARCHAR(254),
VAR28 VARCHAR(254),
VAR29 VARCHAR(254),
VAR30 VARCHAR(254),
VAR31 VARCHAR(254),
VAR32 VARCHAR(254),
VAR33 VARCHAR(254),
VAR34 VARCHAR(254),
VAR35 VARCHAR(254),
VAR36 VARCHAR(254),
VAR37 VARCHAR(254),
VAR38 VARCHAR(254),
VAR39 VARCHAR(254),
© 2013 Tango/04 Computing Group Page 63
Appendix B : Working with DB2/iSeries Databases
VAR40 VARCHAR(254),
VAR41 VARCHAR(254),
VAR42 VARCHAR(254),
VAR43 VARCHAR(254),
VAR44 VARCHAR(254),
VAR45 VARCHAR(254),
VAR46 VARCHAR(254),
VAR47 VARCHAR(254),
VAR48 VARCHAR(254),
VAR49 VARCHAR(254),
VAR50 VARCHAR(254),
VAR51 VARCHAR(254),
VAR52 VARCHAR(254),
VAR53 VARCHAR(254),
VAR54 VARCHAR(254),
VAR55 VARCHAR(254),
VAR56 VARCHAR(254),
VAR57 VARCHAR(254),
VAR58 VARCHAR(254),
VAR59 VARCHAR(254),
VAR60 VARCHAR(254),
VAR61 VARCHAR(254),
VAR62 VARCHAR(254),
VAR63 VARCHAR(254),
VAR64 VARCHAR(254),
VAR65 VARCHAR(254),
VAR66 VARCHAR(254),
VAR67 VARCHAR(254),
VAR68 VARCHAR(254),
VAR69 VARCHAR(254),
VAR70 VARCHAR(254),
VAR71 VARCHAR(254),
VAR72 VARCHAR(254),
VAR73 VARCHAR(254),
VAR74 VARCHAR(254),
VAR75 VARCHAR(254),
VAR76 VARCHAR(254),
VAR77 VARCHAR(254),
© 2013 Tango/04 Computing Group Page 64
Appendix B : Working with DB2/iSeries Databases
VAR78 VARCHAR(254),
VAR79 VARCHAR(254),
VAR80 VARCHAR(254),
VAR81 VARCHAR(254),
VAR82 VARCHAR(254),
VAR83 VARCHAR(254),
VAR84 VARCHAR(254),
VAR85 VARCHAR(254),
VAR86 VARCHAR(254),
VAR87 VARCHAR(254),
VAR88 VARCHAR(254),
VAR89 VARCHAR(254),
VAR90 VARCHAR(254),
VAR91 VARCHAR(254),
VAR92 VARCHAR(254),
VAR93 VARCHAR(254),
VAR94 VARCHAR(254),
VAR95 VARCHAR(254),
VAR96 VARCHAR(254),
VAR97 VARCHAR(254),
VAR98 VARCHAR(254),
VAR99 VARCHAR(254),
TIMEZONE INT,
VARDEFID INT,
NM_OPERATOR VARCHAR(254),
NM_ACTION VARCHAR(254),
NM_SOURCE_WKS VARCHAR(254),
NM_SOURCE_IP VARCHAR(254),
NM_DESTINATION_WKS VARCHAR(254),
NM_DESTINATION_IP VARCHAR(254),
NM_OBJECT VARCHAR(254),
NM_USER VARCHAR(100),
NM_GROUP_ROLE VARCHAR(254),
NM_APPLICATION VARCHAR(254),
NM_PLATFORM VARCHAR(254),
NM_RESULT VARCHAR(1),
NM_SEVERITY VARCHAR(1),
NM_PROTOCOL VARCHAR(50),
© 2013 Tango/04 Computing Group Page 65
Appendix B : Working with DB2/iSeries Databases
NM_NETSERVICE VARCHAR(50),
NM_COMPANY INT,
NM_PERSON VARCHAR(100),
ENTITYGUID VARCHAR(36) NOT NULL,
PRIORITY INT,
APPLICATION VARCHAR(254),
SUBCATEGORY VARCHAR(254),
ADDINFO_1 VARCHAR(254),
ADDINFO_2 VARCHAR(254),
SIGNATURE VARCHAR(128));
CREATE TABLE T4VARDESC(
VARDEFID INT NOT NULL,
VARNUMBER INT NOT NULL,
VARNAME VARCHAR(254) NOT NULL,
VARIDX VARCHAR(254) NOT NULL,
VARDESC VARCHAR(4000) NOT NULL
);
CREATE TABLE T4COMPS(
ID INT NOT NULL,
NAME VARCHAR(100) NOT NULL,
ADDITIONAL_INFO VARCHAR(254),
SIGNATURE VARCHAR(128)
);
CREATE TABLE T4DESC(
TYPE VARCHAR(10) NOT NULL,
ID INT NOT NULL,
DESCRIPTION VARCHAR(4000) NOT NULL
);
B.3.2 Creating and Assigning Journals - Archived DatabaseBe aware that the following commands use default configurations, and should be updated to suit your
needs.
Create Journal Receivers
CRTJRNRCV JRNRCV(T4AEVLOGRC) TEXT('T4EVENTLOG JOURNAL RECEIVER')
CRTJRNRCV JRNRCV(T4ADESCRC) TEXT('T4DESC JOURNAL RECEIVER')
© 2013 Tango/04 Computing Group Page 66
Appendix B : Working with DB2/iSeries Databases
CRTJRNRCV JRNRCV(T4ACOMPSRC) TEXT('T4COMPS JOURNAL RECEIVER')
CRTJRNRCV JRNRCV(T4AVARDERC) TEXT('T4VARDESC JOURNAL RECEIVER')
Create Journals
CRTJRN JRN(T4AEVLOGJN) JRNRCV(T4AEVLOGRC) TEXT('T4EVENTLOG JOURNAL')
CRTJRN JRN(T4ADESCJN) JRNRCV(T4ADESCRC) TEXT('T4DESC JOURNAL')
CRTJRN JRN(T4ACOMPSJN) JRNRCV(T4ACOMPSRC) TEXT('T4COMPS JOURNAL')
CRTJRN JRN(T4AVARDEJN) JRNRCV(T4AVARDERC) TEXT('T4VARDESC JOURNAL')
Start Journals
STRJRNPF FILE(LIBRARY/T4EVENTLOG) JRN(T4AEVLOGJN)
STRJRNPF FILE(LIBRARY/T4DESC) JRN(T4ADESCJN)
STRJRNPF FILE(LIBRARY/T4COMPS) JRN(T4ACOMPSJN)
STRJRNPF FILE(LIBRARY/T4VARDESC) JRN(T4AVARDEJN)
B.3.3 Adding Constraints - Archived DatabaseCREATE INDEX IDX1_AGENT_TIMEWRITTEN
ON T4EVENTLOG (AGENT ASC, TIMEWRITTEN ASC);
CREATE INDEX IDX2_TIMEGEN_AGENT_EVENTID
ON T4EVENTLOG (TIMEGENERATED ASC, AGENT ASC, EVENTID ASC);
CREATE UNIQUE INDEX IDX3_SYSTEM_AGENT_TIMEWRIT_ID
ON T4EVENTLOG (SYSTEM ASC, AGENT ASC, TIMEWRITTEN ASC, ID ASC);
CREATE INDEX IDX4_VARIDX
ON T4VARDESC (VARIDX);
ALTER TABLE T4DESC ADD CONSTRAINT PK_T4DESC PRIMARY KEY (TYPE, ID);
ALTER TABLE T4COMPS ADD CONSTRAINT PK_T4COMPS PRIMARY KEY (ID);
ALTER TABLE T4VARDESC ADD CONSTRAINT PK_T4VARDESC PRIMARY KEY (VARDEFID,
VARNUMBER);
ALTER TABLE T4EVENTLOG ADD CONSTRAINT PK_T4EVENTLOG PRIMARY KEY (ID, SYSTEM, AGENT);
© 2013 Tango/04 Computing Group Page 67
Appendix C : Use of 32-Bit ODBC Drivers for a 64-Bit Windows System
Appendix CAppendix C: Use of 32-Bit ODBC Drivers for a 64-Bit Windows
System
For Database Settings Administrator to be able to use the ODBC drivers on a 64-bit machine, it is
necessary to run a command to use 32-bit drivers.
To use 32-bit ODBC drivers on a 64-bit machine:
Step 1. Run the following executable command to use 32-bit drivers:
C:\WINDOWS\SysWOW64\odbcad32.exe
Step 2. In the ODBC Data Source Administrator click Add to create the DSN with 32-bit drivers
that the Database Settings Administrator will use.
Figure 29 – ODBC Data Source Administrator
Step 3. Open the Database Settings Administrator and add the DSN created in the previous
step, manually.
Enter the DSN name, User and Password details in the fields provided.
Note
It is not possible to locate the 32-bit DSN created in the previous step by clicking the Browse
button.
© 2013 Tango/04 Computing Group Page 68
Appendix C : Use of 32-Bit ODBC Drivers for a 64-Bit Windows System
Figure 30 – Enter the DSN, User, and Password details manually, do not click the Browse button
© 2013 Tango/04 Computing Group Page 69
Appendix D : Tamper Proof Technology
Appendix DAppendix D: Tamper Proof Technology
This section explains Tango/04’s tamper proof technology. This cutting edge technology is used by
Tango/04 products to guarantee customers that events under analysis will not be modified by
unauthorized users.
There are three processes that combine to create the tamper proof technology:
• Signing
• Archiving
• Assessment
D.1 Signing ProcessThere are three different tamper proof signing configurations:
• No sign at all
• Soft Sign configuration
• Hard sign configuration
Soft sign and hard sign are quite similar, but hard sign is the strongest and most secure of the two
configurations.
D.1.1 Soft Sign ProcessWhen a soft sign process takes place, every event is processed in the following way:
Step 1. The events raw data is combined, and altered according to Tango/04’s internal
algorithm. This logic is hidden inside Tango/04 programs and libraries.
Step 2. The result is used as input for a SHA-256 secure hash sign generation.
Step 3. The event, with its unique sign is stored in the database.
This process is described below, and it is guaranteed that two different events will never have the same
sign.
© 2013 Tango/04 Computing Group Page 70
Appendix D : Tamper Proof Technology
Figure 31 – Soft Sign process workflow
D.1.2 Hard Sign ProcessWhen a hard sign process takes place, every event is processed in the following way.
Step 1. The events raw data is combined, and altered according to Tango/04’s internal
algorithm. This logic is hidden inside Tango/04 programs and libraries.
Step 2. The result is encrypted using an AES algorithm, one of the most secure encryption
algorithms available. The key pair used by AES is generated automatically per
installation when the hard mode is enabled via Database Settings Administrator; this
key pair is guaranteed to be unique among different installations. This ensures that
even if you have exactly the same event in two different installations the sign will be
unique for each of them.
Step 3. The result is used as input for a SHA-256 secure hash sign generation.
Step 4. The event and its unique sign are stored in the database.
This process is described below, and it is guaranteed that two different events will never have the same
sign.
Figure 32 – Hard Sign process workflow
D.2 Archiving ProcessThe archiving process is a crucial part of the solution, the tamper solution is ready to detect whether the
event was modified manually or if an event was deleted intentionally.
The only way to archive old events from real-time databases to historical databases is by using the
Tango/04’s maintenance processes.
This process will ensure that any event moved from a real-time database to an historical database or
deleted from historical databases (according to the configured retentions policies) will not be highlighted
as an intentionally deleted event. This is achieved by saving a signed log for each deleted event, keep in
mind that this is not a backup for the event, it only contains the unique key of the event (ID), and a few
more internal fields.
Warning
An erased event will not be able to be recovered.
Important
The maintenance process allows the user to move events from an historical database to an
archiving database instead of just deleting it. This last database is not controlled by tamper
proof technology.
© 2013 Tango/04 Computing Group Page 71
Appendix D : Tamper Proof Technology
The process is described below:
Figure 33 – Archiving process workflow
D.3 Assessment ProcessThe assessment process is achieved by configuring ThinkServer’s Events Integrity ThinAgent; you will
have to configure a monitor to assess a pair of real-time and historical databases. The Events Integrity
ThinAgent is available in a fully functional Events Signature solution of VISUAL Message Center. The
ThinAgent employs a T4EventLog database schema, which includes new tables required to support
event signatures and related configurations.
The monitor functionality is quite simple, monitors will read real-time events, and their encrypted
metadata, and will reproduce the same steps shown in Figure 31 on page 71 and Figure 32 on page 71
depending on the sign configuration, and then compare the calculated sign with the saved signs, alerting
the user when they are different.
It is important to know that, the sign level can be increased by the final user for a given real-time
database. Based on this it is possible to have: events that are not signed; events that are signed at soft
level; and events that are signed at hard level. The monitor has the ability to detect this and calculate the
correspondent sign in each case.
If an event is deleted intentionally, the monitor will create an alert saying that the event was missed, and
this happens because, as we mentioned before, every event deleted by the maintenance process has a
signed trace.
The process is described below:
Tip
To check if you are working with a solution that supports event signatures, verify that the
T4BdDll.dll is version 3.0.0.1 or higher. The T4BdDll.dll file is located by default in:
C:\Program Files\Tango04\Maintenance. However, the T4BdDll.dll file should also
be located in the ThinkServer installation folder or the System32 folder (SysWOW64 on x64
Windows versions) to ensure the check runs properly.
© 2013 Tango/04 Computing Group Page 72
Appendix D : Tamper Proof Technology
Figure 34 – Assessment process workflow
© 2013 Tango/04 Computing Group Page 73
Appendix E : Backup and Restore
© 2013 Tango/04 Computing Group Page 74
Appendix EAppendix E: Backup and Restore
To do a full manual backup:
Step 1. Database Settings Administrator configuration
• Copy the AccessServer.xml file located in:
C:\Program Files\Tango04\DbSetAdmin\config
• Copy the dataSources.xml file located in:
C:\Program Files\Tango04\DbSetAdmin\dataSources
To do a manual restore:
Step 1. Database Settings Administrator configuration
If your AccessServer instalation is from a previous implementation, you must do the
following actions:
• Replace the AccessServer.xml file in:
C:\Program Files\Tango04\DbSetAdmin\config
• Delete the Initial.config file in:
C:\Program Files\Tango04\DbSetAdmin
• Replace the dataSources.xml file in:
C:\Program Files\Tango04\DbSetAdmin\dataSources
Appendix F : Contacting Tango/04
Appendix FAppendix F: Contacting Tango/04
North America
Tango/04 North America
PO BOX 3301
NH 03458 Peterborough USA
Phone: 1-800-304-6872 / 603-924-7391
Fax: 858-428-2864
www.tango04.com
EMEA
Tango/04 Computing Group S.L.
Avda. Meridiana 358, 5 A-B
08027 Barcelona Spain
Phone: +34 93 274 0051
Fax: +34 93 345 1329
www.tango04.com
Italy
Tango/04 Italy
Viale Garibaldi 51/53
13100 Vercelli Italy
Phone: +39 0161 56922
Fax: +39 0161 259277
www.tango04.it
Sales Office in France
Tango/04 France
La Grande Arche
Paroi Nord 15ème étage
92044 Paris La Défense France
Phone: +33 01 40 90 34 49
Fax: +33 01 40 90 31 01
www.tango04.fr
Sales Office in Switzerland
Tango/04 Switzerland
18, Avenue Louis Casaï
CH-1209 Genève
Switzerland
Phone: +41 (0)22 747 7866
Fax: +41 (0)22 747 7999
www.tango04.fr
Latin American Headquarters
Barcelona/04 Computing Group SRL (Argentina)
Avda. Federico Lacroze 2252, Piso 6
1426 Buenos Aires Capital Federal
Argentina
Phone: +54 11 4774-0112
Fax: +54 11 4773-9163
www.barcelona04.com
© 2013 Tango/04 Computing Group Page 75
Sales Office in Peru
Barcelona/04 PERÚ
Centro Empresarial Real
Av. Víctor A. Belaúnde 147, Vía Principal 140 Edificio Real Seis, Piso 6
L 27 Lima
Perú
Phone: +51 1 211-2690
Fax: +51 1 211-2526
www.barcelona04.com
Sales Office in Chile
Barcelona/04 Chile
Nueva de Lyon 096 Oficina 702,
Providencia
Santiago
Chile
Phone: +56 2 234-0898
Fax: +56 2 2340865
www.barcelona04.com
© 2013 Tango/04 Computing Group Page 76
About Tango/04 Computing Group
Tango/04 Computing Group is one of the leading developers of systems management and automation
software. Tango/04 software helps companies maintain the operating health of all their business
processes, improve service levels, increase productivity, and reduce costs through intelligent
management of their IT infrastructure.
Founded in 1991 in Barcelona, Spain, Tango/04 is an IBM Business Partner and a key member of IBM's
Autonomic Computing initiative. Tango/04 has more than a thousand customers who are served by over
35 authorized Business Partners around the world.
Alliances
Awards
Partnerships IBM Business Partner
IBM Autonomic Computing Business Partner
IBM PartnerWorld for Developers Advanced Membership
IBM ISV Advantage Agreement
IBM Early code release
IBM Direct Technical Liaison
Microsoft Developer Network
Microsoft Early Code Release
© 2013 Tango/04 Computing Group Page 77
Legal Notice
The information in this document was created using certain specific equipment and environments, and it is limited in
application to those specific hardware and software products and version and releases levels.
Any references in this document regarding Tango/04 Computing Group products, software or services do not mean
that Tango/04 Computing Group intends to make these available in all countries in which Tango/04 Computing Group
operates. Any reference to a Tango/04 Computing Group product, software, or service may be used. Any functionally
equivalent product that does not infringe any of Tango/04 Computing Group's intellectual property rights may be used
instead of the Tango/04 Computing Group product, software or service
Tango/04 Computing Group may have patents or pending patent applications covering subject matter in this
document. The furnishing of this document does not give you any license to these patents.
The information contained in this document has not been submitted to any formal Tango/04 Computing Group test
and is distributed AS IS. The use of this information or the implementation of any of these techniques is a customer
responsibility, and depends on the customer's ability to evaluate and integrate them into the customer's operational
environment. Despite the fact that Tango/04 Computing Group could have reviewed each item for accurateness in a
specific situation, there is no guarantee that the same or similar results will be obtained somewhere else. Customers
attempting to adapt these techniques to their own environments do so at their own risk. Tango/04 Computing Group
shall not be liable for any damages arising out of your use of the techniques depicted on this document, even if they
have been advised of the possibility of such damages. This document could contain technical inaccuracies or
typographical errors.
Any pointers in this publication to external web sites are provided for your convenience only and do not, in any
manner, serve as an endorsement of these web sites.
The following terms are trademarks of the International Business Machines Corporation in the United States and/or
other countries: iSeries, iSeriese, iSeries, i5, DB2, e (logo)®Server IBM ®, Operating System/400, OS/400, i5/OS.
Microsoft, SQL Server, Windows, Windows NT, Windows XP and the Windows logo are trademarks of Microsoft
Corporation in the United States and/or other countries. Java and all Java-based trademarks and logos are
trademarks or registered trademarks of Sun Microsystems, Inc. in the United States and/or other countries. UNIX is a
registered trademark in the United States and other countries licensed exclusively through The Open Group. Oracle
is a registered trade mark of Oracle Corporation.
Other company, product, and service names may be trademarks or service marks of other companies.
© 2013 Tango/04 Computing Group Page 78