Release Notes 4.3

What’s New

Print dashboards

Since this version the current dashboard view can be printed. Analysis results can thus also serve as a source of information outside the application. The print layout is implemented as map.apps template. This means that the print preview can be optimized by means of the still functional selectors until the desired result is available. The Questions Dashboards have been optimized for DIN A4 format printing, and we recommend the creation of dedicated print dashboards for specially formatted output.

map.apps 4 support

map.apps 4 is based on the new Esri JavaScript API 4. Since this version, basic support has been provided for activity recording in Analytics, especially for activities oriented to the cards. The next version of map.apps (presumably version 4.2.1) will be able to capture map.apps 4 card events. The differentiation of 3D/2D map views can be queried in the events.

View of EventStreams (experimental)

The graphical representation of a large number of events on a dashboard provides a new way of accessing information about the order in which the logged events occur. The EventStream can help to investigate the acceptance of workflows of apps optimized for a specific purpose. This feature is initially available in an experimental state, based on your experiences and wishes, further changes should be realized. Using EventStreams in a specific context may require an extended configuration of the product. Please contact us to discuss possible support services.

New and improved widgets

The date widget now allows you to specify concrete date values in order to optimize the query day to meet your analysis requirements. In conjunction with the new histogram widget, new insights into the collected data are possible. The histogram widget allows the aggregation of values to a certain time unit (e.g. number of app starts of a year aggregated on a monthly basis). This allows statements to be made about the temporal course of the recorded data.

Expectations for monitoring

Expectations define user-defined expectations for the server response of a monitoring job. This means that individual and very specific checks, tailored to your own service landscape, can be configured quickly and easily.

Notifications to Microsoft Teams

Microsoft Teams has been added as a further notification channel for monitoring.

Introduction of an integrated authentication mode (since Monitoring 4.3.3)

The monitoring component now dispenses with the packaged delivery of the so-called "embedded" security.manager and instead provides an integrated authentication option for customers who have not licensed security.manager. The integrated authentication is a lightweight alternative and provides a default user ("monitor") for use. Please contact con terra Support for alternatives, if desired.

Integration with security.manager is done manually after installation, similar to the other products.

Apache Tomcat 9.0 Support (since Monitoring 4.3.3)

The current release now supports Apache Tomcat 9.0 in addition to Apache Tomcat 8.5, officially ending support for Apache Tomcat 7.

OpenJDK/OpenJRE 8 Support (since Monitoring 4.3.3)

The current release now supports OpenJDK/OpenJRE 8 in addition to Oracle JDK/JRE 8.

Update Notes

If you skip several versions during the update, please also follow all update notes of the intervening versions.

This section lists all changes to be considered when performing updates.

Adjusting the database tables

By extending the monitoring by service expectations, two new tables have to be created for existing installations. Please note the SQL update scripts that are located in the folder update of the SQL directory of the installation package for monitoring.

More strict SSL connection validation (since Monitoring 4.3.3)

With version 4.3.3 there is by default a more strict validation of HTTP SSL connections in place (sue to security reasons). service.monitor will deny connections to those servers which provide an untrusted, invalid or self-signed certificate. service.monitor will also send a notification once a certificate is not valid. This is also true for those (valid) certificates which are not included in the Java Virtual Machine’s keystore of your Servlet Container. Please see the documentation for importing these.

This behavior can be overridden by configuration options. See chapters Common configuration options and SSL configuration options of the installation guide.

Configuration changes

Manual adjustment of the mail subject

Using the configuration values mail.subject.de and mail.subject.en, prefixes can now be defined in the application.properties file, which precede the usual mail subject.

Deprecated Features

The following features are regarded as deprecated and may be removed in future:

General

  • Support for Microsoft SQL Server 2008 and 2008 R2

  • Support for monitoring Esri ArcSDE Application Server instances due to Esri’s roadmap on Java SDE API.

  • Support for Standard sdi-Style in service.monitor Monitoring. This style will be replaced fully by everlasting-Style

  • Support for Standard inspire-Style in service.monitor Monitoring.

  • Apache Tomcat 7.0 / 8.0 (will be replaced by support for Apache Tomcat 8.5 and 9)

Known Limitations

Analytics

The following list contains issues and notes known at the date of release of version 4.3 of service.monitor Analytics

Issue Component Description

[SRVMON-391]

User Interface - UI behaves slowly when using Internet Explorer 9 / 10

Due to slow javascript processing the user interface behaves slowly when using the product with Internet Explorer 9 or Internet Explorer 10.

For an optimal user experience we recommend to use the most current version of Google Chrome / Chromium.

[SRVMON-527]

Dashboard Printing using Firefox browser omits some widgets

When printing dashboards using Firefox browser certain widgets are not being printed in the effective output although they are visible in print preview.

We recommend to use Chrome browser for printing as it provides the best output. Alternatively - when being fixed to Firefox browser - we recommended to create additional dashboards with less widgets for printing purposes. May be linked to https://bugzilla.mozilla.org/show_bug.cgi?id=1309046

[SRVMON-531]

Histograms do not show all values of a time period if the number of aggregated hits at the margins is 0.

In certain cases, the histograms display fewer bars than the selected time period would indicate if the aggregation values at the (time) edges of the query are 0.

[SRVMON-542]

Upload of Analytics-Bundles fails for map.apps version <= 3.7

Workaround: Unpack the bundle jar file and rezip it with a normal zip tool. Then, upload the newly created file.

Monitoring

Provisioning of means to monitor INSPIRE Quality of Service requirements (SRVMON-88)

INSPIRE’s Quality of Service requirements have evolved during the past few years and now make some more flexible assumptions on how request shall be sent to the instance under monitoring and how the response of those instances shall be interpreted correctly. For INSPIRE View Services the GetMap request shall make use of varying BoundingBoxes and a blank response image cannot be considered as valid if features are present in the requested area.

However, service.monitor currently is not able to perform those variable and aggregated checks mentioned above. We recommend you to make use of the job configuration options to mimic the desired behavior in a similar way. I.e. when you are going to test the Performance of an INSPIRE View Service create a service endpoint with two jobs, one caring for GetCapabilities operation and the other for GetMap operation. Via the job execution interval you can try to weigh the number of requests performing a GetCapabilities and the number of requests performing a GetMap. For enabling this please see the Annex (Flexible configuring INSPIRE services) of the installation documentation.

Potential incompatibility due to modifications in single sign-on mechanism

Because of a change to the Single Sign-On mechanism in security.manager, this version cannot be used as a central authentication point for software integrating an older version of the security.manager libraries.

This also affects the following products of sdi.suite:

smart.finder SDI

all versions prior to and including 3.3.0-9

service.monitor

all versions prior to and including 3.2.0-3

map.apps

all versions prior to and including 2.1.3

This version of security.manager can still co-exists with other versions of the above product as long as this version of security.manager does not act as the central authentication service.

Solutions

Install most recent version of smart.finder SDI or service.monitor, respectively.

or

Contact con terra support and ask for a patch, allowing the affected products to work with this version of security.manager. This requires an update of a 3rd party library in that product.

Changelog

Analytics

4.3.1

Bug & Improvement

[SRVMON-553]

Event capturing of omnisearch selected items fails for map.apps 4 app

[SRVMON-554]

Default User Id anonymization in logstash configuration to enable for "security by default" from GDPR

[SRVMON-577]

Provide logstash output definition that splits events to different indices according to their type

[SRVMON-578]

Provide sample logstash pipelines for maintenance tasks

[SRVMON-580]

Add configuration property for SSLTrustAnyServer (Analytics)

[SRVMON-579]

Integrate Analytics Elasticsearch Proxy Servlet Usage with Analytics Event Capturing

[SRVMON-556]

Support integration of map.apps 4.3/4.4 w/ Analytics

[SRVMON-557]

Support integration of security.manager 4.10.1 w/ Analytics

[SRVMON-561]

Provide Integration files for security.manager 4.11, 4.12, 4.13, & 4.14 and 4.14.1

[SRVMON-562]

Provide Integration files for map.apps 4.4.2/4.5.0/4.6

4.3.0

Story

[SRVMON-337]

Introduce new Widget Type: Histogram (Dashboard: Events zeitlich aggregieren)

[SRVMON-485]

Provide date widget for selecting start and end data on analysis dashboard

[SRVMON-503]

Support map.apps 4 Event System

[SRVMON-516]

Allow current dashboard state to be printed

[SRVMON-517]

[Pioneer] Visually analyze User’s Event Stream

[SRVMON-524]

Integrate relative and absolute time selector to a single ui element

Bug & Improvement

[SRVMON-461]

OmniSearchDetector fails to evaluate selected term on SmartSearch results

[SRVMON-462]

OmniSearch Detection fails for Esri World Geocoding Service

[SRVMON-471]

Usage Events aren’t any longer persisted w/ map.apps 4 due to wrong content type definition

[SRVMON-479]

MapExtent numbers are not always logged as floating data type

[SRVMON-489]

Integration files for some sec.man versions are missing dependencies (4.4)

[SRVMON-529]

Ordering of Analytics Dashboards in User Interface is not derived from ordering of dashboards in manifest.json

[SRVMON-534]

Ordering of Events in Stream view is wrong

[SRVMON-538]

X-Forwarded-For Header cannot be read correctly if IP value contains port number

[SRVMON-418]

Change Access Protocol from 'node' to 'http' when Logstash sends events to Elasticsearch

[SRVMON-465]

Defaulting ElasticSearch to run only two shards per Index

[SRVMON-467]

Defaulting Logstash to create new indexes on a monthly basis only

[SRVMON-481]

Allow to anonymize user id in Logstash Pipeline

[SRVMON-484]

Support CORS Filter on Filter Chain

[SRVMON-488]

Provide Integration files for map.apps 3.8/3.9/4.1/4.2 and security.manager 4.8/4.9/4.9.1

[SRVMON-519]

Extend server side logging to collect request params for all kind of requests

[SRVMON-539]

Extract BBOX parameters from security.manager secured requests

[SRVMON-544]

Provide Integration files for map.apps 4.2.2 and security.manager 4.10.0

Monitoring

4.3.3

Bug & Improvement

[SRVMON-568]

Support PostgreSQL 10

[SRVMON-559]

Sample Request creation fails for ArcGIS Token secured services

[SRVMON-567]

[Expectations] Evaluation of Expectations never happens for WAS, WSS, OGC and PDP services

[SRVMON-576]

Input form element "query line" does not appear when selecting a POST sample request

[SRVMON-560]

Support ArcGIS Server Token Authentication when monitoring services

[SRVMON-565]

Improve input validation support

[SRVMON-566]

HTML escape all characters while rendering html output

[SRVMON-552]

Add configuration property for SSLTrustAnyServer

[SRVMON-574]

Replace embedded security.manager with more simple INTEGRATED authentication mode

[PLATFORM-141]

Support service.monitor to run in Tomcat 9

[PLATFORM-326]

Support OpenJDK/OpenJRE 8

4.3.2

Bug & Improvement

[SRVMON-546]

Job query by user and group uses AND rather than OR

[SRVMON-547]

Checking for blacklisted service may raise a service exception for certain addresses

[SRVMON-548]

History diagram does only display 10 recent requests due to wrong usage of histogram data interface

[SRVMON-551]

Apply security.manager fix to service.monitor (SECMAN-2018-01 - Security Issue)

[SRVMON-549]

Allow service URLs to be harvested from map.apps 4 Apps

4.3.1

Bug & Improvement

[SRVMON-543]

Update dependencies pointing to n52[2.4.4] and ct-commons[1.4.4]

4.3.0

Story

[SRVMON-94]

Allow definition of service response expectations

[SRVMON-483]

Support message notification via Microsoft Teams

Bug & Improvement

[SRVMON-464]

Some db queries on MS SQL Server fail for job when monitoring state is NULL

[SRVMON-474]

RangeFilter was introduced for hostgroup and service type links without possibility to page through results

[SRVMON-475]

Hibernate Session Metrics Logging is much too chatty

[SRVMON-486]

Publishing monitoring service from smart.finder SDI fails for INSPIRE services

[SRVMON-512]

ArcGIS Geoprocessing Services (SOAP) don’t fail when behind security.manager

[SRVMON-513]

NPE during creation of E-Mail (when Rule is null)

[SRVMON-530]

Regular Expression for address validation does not support any mail address

[SRVMON-472]

Show owner (and group) of monitoring/notification templates in user interface when owning administrative role

[SRVMON-473]

Show available groups and or owners in user interface and allow for filtering those

[SRVMON-487]

Allow specifying a URL or query path extension for http/POST monitoring requests

[SRVMON-511]

Allow prefix for mail subject to be configured in application.properties

[SRVMON-520]

provide information about next notification date on job status page