Search <book_title>...

APTARE IT Analytics System Administrator Guide

Last Published: 2021-12-01

Product(s): APTARE IT Analytics (10.5)

Preparing for updates
1. About upgrades and updates
2. Determining the data collector version
3. Data collector updates with an aptare.jar file
4. Manual download of the aptare.jar file
5. Portal updates
Backing up and restoring data
1. Best practices for disaster recovery
2. Oracle database backups
3. File system backups
4. Oracle database: Cold backup
5. Oracle database: Export backups
6. Scheduling the oracle database export
7. Oracle database: On demand backup
8. Restoring the APTARE IT Analytics system
9. Import the oracle database
10. Manual steps for database import / export using data pump
Monitoring APTARE IT Analytics
1. Starting and stopping portal server software
2. Starting and stopping the reporting database
3. Starting and stopping data collectors
4. Monitoring tablespaces
Accessing APTARE reports with the REST API
1. Overview
2. Extracting data from tabular reports (with pagination)
3. Exporting reports
4. Exporting custom dashboards
Defining NetBackup estimated tape capacity
1. NetBackup estimated tape capacity overview
2. Estimated capacity notes
3. Updating the estimated capacity table
4. Listing volume pool IDs and media types
Automating host group management
1. About automating host group management
2. Task overview: managing host groups in bulk
3. Preparing to use PL/SQL utilities
4. General utilities
5. Categorize host operating systems by platform and version
  1. Use Regular Expressions to Override or Modify Default Host OS Categorization
  2. Host OS Categorization Default Settings
  3. Utility to Update Host OS Categorizations
  4. Categorize Host Operating Systems On Demand
6. Identifying a host group ID
7. Move or copy clients
8. Organize clients by attribute
9. Move host group
10. Delete host group
11. Move hosts and remove host groups
12. Organize clients into groups by backup server
13. Merge duplicate backup clients
14. Bulk load utilities
  1. Load host aliases
  2. Load details of new hosts or update existing hosts
  3. Load relationships between hosts and host group
    1. Sample Audit File (output from load_package.loadGroupMemberFile)
15. Veritas NetBackup utilities
16. Automating NetBackup utilities
  1. Example of a Scheduled NetBackup Utility
  2. Scheduling a NetBackup Utility Job to Run Automatically
17. Organize clients into groups by management server
18. Set up an inactive clients group
19. Set up a host group for clients in inactive policies
20. Set up clients by policy
21. Set up clients by policy type
22. IBM Tivoli storage manager utilities
23. Set up clients by policy domain
24. Set up clients by IBM Tivoli storage manager instance
25. Scheduling utilities to run automatically
26. Example--Scheduling Utilities to Run Automatically
27. Sample .sql file (setup_ora_job.sql) to set up an automatic job
Attribute management
1. Attribute bulk load utilities
2. Attribute naming rules
3. Rename attributes before upgrading
4. Load host attributes and values
5. Load attributes and values and assign to hosts
6. Load array attributes and values and assign to arrays
7. Overview of application attributes and values
8. Load application database attributes and values
9. Load MS Exchange organization attributes and values
10. Load LUN attributes and values
11. Load switch attributes and values
Importing generic backup data
1. About generic backup data collection
  1. Considerations
2. Configuring generic backup data collection
3. CSV Format Specification
  1. EXAMPLE: genericBackupJobs.csv
4. Manually loading the CSV file
Backup job overrides
1. Overview
2. Configure a backup job override
Managing host data collection
1. Identifying hosts by WWN to avoid duplicates
2. Setting a host's priority
3. Determining host ranking
4. Loading host and WWN relationships
5. Loading the host HBA port data
6. Create a CSV file
7. Example of a host WWN CSV file
8. Execute the script
System configuration in the portal
1. System configuration in the portal
2. System configuration: functions
3. Navigation overview
4. System configuration parameter descriptions: Additional info
5. Data collection: Capacity chargeback
6. Database administration: database
7. Host discovery: EMC Avamar
  1. Examples
8. Host discovery: Host
9. Custom parameters
10. Adding/editing a custom parameter
11. Portal customizations
12. Configuring global default inventory object selection
13. Restricting user IDs to single sessions
14. Customizing date format in the report scope selector
15. Customizing the maximum number of lines for exported reports
16. Customizing the total label display in tabular reports
17. Customizing the host management page size
18. Customizing the path and directory for File Analytics database
19. Configuring badge expiration
20. Configuring the maximum cache size in memory
21. Configuring the cache time for reports
Performance profile schedule customization
1. Performance profile schedule customization
2. Customize the performance profile schedule
Configuring AD/LDAP
1. About user authentication
2. AD/LDAP Configuration Properties
3. AD/LDAP Configuration for authentication and authorization
4. Support LDAP over SSL
  1. Sample portal.properties configurations for AD/LDAP
5. Creating portal super users
6. Active directory tools
7. Using LDP to find the base DN
8. Using LDP to search active directory
Configuring single sign-on (SSO) using security assertion markup language (SAML)
1. Overview
2. Single sign-on (SSO) prerequisites
3. Setting up the external Identity Provider (IDP) server
  1. Users and groups in the external LDAP directory
  2. Registering with the IDP server
4. Activating single Sign-on (SSO) in the portal
5. SSO troubleshooting and maintenance
Changing Oracle database user passwords
1. Changing Oracle database user passwords
2. Database connection properties
3. Modifying the Oracle database user passwords
4. Configuring Oracle passwords in system configuration files
5. Determining if Oracle is using the default login password
Integrating with CyberArk
1. Introduction
2. CyberArk setup prerequisites
3. Setting up the portal to integrate with CyberArk
Tuning APTARE IT Analytics
1. Before you begin tuning
2. Tuning the portal database
3. Performance recommendations
4. Reclaiming free space from Oracle
5. Portal / Data receiver Java memory settings
Working with log files
1. About debugging APTARE IT Analytics
2. Turn on debugging
3. Database logging
4. Portal and data collector log files - reduce logging
  1. Portal Log Files
  2. Data Collector Log Files
5. Database SCON logging - reduce logging
6. Refreshing the database SCON log
7. Logging user activity in audit.log
8. Logging only what a user deletes
9. Logging all user activity
10. Data collector log files
11. Data collector log file organization
12. Data collector log file naming conventions
13. General data collector log files
14. Find the event / meta collector ID
15. Portal log files
  1. Managing Apache Log Files
16. Database log files
17. Installation / Upgrade log files
Defining report metrics
1. Changing backup success percentage
2. Changing job status
SNMP trap alerting
1. Overview
2. SNMP configurations
3. Standard OIDs
4. Data in an alerting trap
  1. Example of a Job Summary Alerting Trap
SSL certificate configuration
1. SSL certificate configuration
2. SSL implementation overview
3. Obtain an SSL certificate
4. Update the web server configuration to enable SSL
5. Configure virtual hosts for portal and / or data collection SSL
6. Enable / Disable SSL for a Data Collector
7. Enable / Disable SSL for emailed reports
8. Test and troubleshoot SSL configurations
9. Create a self-signed SSL certificate
10. Configure the Data Collector to trust the certificate
11. Keystore file locations on the Data Collector server
12. Import a certificate into the Data Collector Java keystore
13. Keystore on the portal server
14. Add a virtual interface to a Linux server
15. Add a virtual / secondary IP address on Windows
Portal properties: Format and portal customizations
1. Introduction
2. Configuring global default inventory object selection
3. Restricting user IDs to single sessions
4. Customizing date format in the report scope selector
5. Customizing the maximum number of lines for exported reports
6. Customizing the total label display in tabular reports
7. Customizing the host management page size
8. Customizing the path and directory for file analytics database
9. Configuring badge expiration
10. Configuring the maximum cache size in memory
11. Configuring the cache time for reports
12. Configuring LDAP to use active directory (AD) for user group privileges
Advanced configuration for NetBackup discovery
1. Discovery module overview
2. Activate a Discovery license
3. Modify Discovery system parameters
4. About SNMP probes
5. Why enable SNMP?
6. Enabling SNMP for Windows (NT/2000/XP)
7. Enabling SNMP for Red Hat Linux
8. Enabling SNMP for HP-UX
9. Example--Installing Net-SNMP
10. Troubleshooting Net-SNMP installations
Data retention periods for SDK database objects
1. Data retention periods for SDK database objects
2. Find the domain ID and database table names
3. Retention period update for SDK user-defined objects example
4. SDK user-defined database objects
5. Capacity: default retention for basic database tables
6. Capacity: default retention for EMC Symmetrix enhanced performance
7. Capacity: Default retention for EMC XtremIO
8. Capacity: Default retention for Dell EMC Elastic Cloud Storage (ECS)
9. Capacity: Default retention for Windows file server
10. Capacity: Default retention for Pure Storage FlashArray
11. Cloud: Default retention for Amazon Web Services (AWS)
12. Cloud: Default retention for Microsoft Azure
13. Cloud: Default retention for OpenStack Ceilometer
14. Configure multi-tenancy data purging retention periods
  1. Retention Period Update for Multi-Tenancy Environments Example
Troubleshooting
1. Troubleshooting user login problems
2. Forgotten password procedure
3. Login issues
4. Connectivity issues
5. Data Collector and database issues

Setting up the portal to integrate with CyberArk

Setting up the Portal to work with CyberArk requires a properties file with specific values and executing a script to enable the feature. Most values required in the properties file are derived from entries in the CyberArk application. There are two steps to setup the portal; Setting up properties and running the utility.

Set Up the Properties File on the APTARE IT Analytics Portal

Create a properties file in the tmp directory. For example:
/tmp/dbvaultconnection.properties or C:\tmp\dbvaultconnection.properties

Configure the properties file with the following information:

Field Name	Value
vault_vendor_name	CyberArk Note: Use only CyberArk as a value in this field.
host	IP Address or hostname of the machine where Agentless AAM(Central Credential Provider) web service is running.
port	port # of Agentless AAM(Central Credential Provider) web service.
https	Set this value to true if Agentless AAM(Central Credential Provider) is running as https service otherwise false
schedule_frequency	The value of this field is in hours. Defines the frequency that APTARE IT Analytics will poll CyberArk for password updates. This field is optional. The default is every hour.
app_id	Name/ID of the application as defined in CyberArk. For example: APTARE IT Analytics.
user_safe_id	Name of the CyberArk Safe, where 'Portal' user account password is stored.
user_password_folder_name	Name of the CyberArk folder, where the 'Portal' user account password is stored. This field is optional.
user_password_object	Name of the 'Portal' user account password object in CyberArk
For each user account repeat the following. This sample describes the aptare_ro user.
ro_safe_id	Name of the CyberArk Safe, where 'aptare_ro' user account password is stored.
ro_password_folder_name	Name of the CyberArk folder where the 'aptare_ro' user account password is stored. This field is optional.
ro_password_object	Name of the 'aptare_ro' user account password object in CyberArk

Properties File Example

Sample of dbvaultconnection.properties  
containing 'portal' user account configured:

vault_vendor_name=CyberArk
host=10.x.x.x
port=443
https=true
schedule_frequency=2
app_id=testappid

user_safe_id=safe1
user_password_object=portal_account


Sample of dbvaultconnection.properties"  containing all 
the users account configured:

vault_vendor_name=CyberArk
host=10.x.x.x
port=443
https=true
schedule_frequency=2
app_id=testappid

user_safe_id=safe1
user_password_object=portal_account

ro_safe_id=safe2
ro_password_object=ro_account

Run the Utility to enable the CyberArk Integration.

Navigate to the OS-specific utility on the Portal.

<APTARE_HOME>/utils/configure-db-vault-connection-info.sh

<APTARE_HOME/utils/configure-db-vault-connection-info.bat

Execute the utility as a root/tomcat user.
On Linux:
<APTARE_HOME>/utils/configure-db-vault-connection-info.sh /tmp/dbvaultconnection.properties
On Windows
<APTARE_HOME>/utils/configure-db-vault-connection-info.bat
/tmp/dbvaultconnection.properties
The utility validates the connection parameter by invoking the REST API for each user configured in the properties file. If the validation is successful, the properties file is copied to the <HOME>/datarcvrconf/passwordvault/ folder. If the validation fails, a message is displayed and the CyberArk integration is not enabled.
If required, navigate to the log file to troubleshoot further:
```
<APTARE_HOME>\logs\passwordVaultValidator.log
```