Documentation Changes

The following documentation updates have been made since the last release of this documentation:

Release Notes

The following documentation updates have been made since the last release of this documentation:

• Upgrading through Subscription—This existing topic changed to add information specific to CA Enterprise Log Manager r12.1 SP1. Use Subscription to obtain this service pack, and to upgrade CA Enterprise Log Manager for FIPS support.
• New and Changed Features in r12.1 SP1—This chapter describes the FIPS-compatibility for CA Enterprise Log Manager, the encryption used, limitations, and the configuration changes needed to access the user interface from both Microsoft Internet Explorer and Mozilla Firefox. Also includes topic on using the ISO image for new deployments and for adding a new CA Enterprise Log Manager server to an existing deployment.
• Change in CA EEM Server System Time Creates Certificate Mismatch Error—This existing topic changed to reflect the new .cer certificate filename extension.
• Power Setting Prerequisites for Certain HP and IBM Computers—This new topic describes prerequisite changes to default power settings on HP Proliant DL 380G5 Series servers and IBM X3650 Series servers.
• The following Known Issues were removed as they were either fixed or no longer apply in this update:
  • Agents With Custom Certificates Fail
  • Secondary Syslog Dispatcher Fails Under Load
  • Events from Same Host May Display with Different Destination Hostnames
  • Limitation on PDF Report Specifications
  • Cannot Log in to CA Enterprise Log Manager after Upgrade
  • Direct Update to r12.1 M10 Causes Incorrect Sensor Version Display
  • Error "Audit Policy Manager Not Installed" is Incorrect
  • Upgrade to CA Audit Required for Interoperation with CA Enterprise Log Manager

Implementation Guide

The following documentation updates have been made since the last release of this documentation:

• Installation Considerations for a System with SAN Drives—This new section addresses alternative approaches for preventing the installation of CA Enterprise Log Manager on a SAN drive, which results in an unsuccessful installation.
• Default Port Assignments—A description of port 53, the well-known tcp/udp port for Domain Name Server (DNS), was added to this existing topic.
• Configuring Non-Interactive Authentication for Auto Archiving—This section was expanded to address the typical scenario of multiple collection servers archiving to a single reporting server. For the scenario with one collection server, one reporting server, and one remote storage server, examples show the relationship between non-interactive authentication and the corresponding auto archiving settings.
• How Subscription Works with No Online Proxy—This existing topic was updated to address a new FTP site containing a tar file for each CA Enterprise Log Manager release and service pack. You can download the tar file and untar it on an offline subscription proxy.
• Subscription Deployment Flowchart—This new topic was added to provide a cross reference to information on getting updates in an offline environment and invoking on-demand updates.
• The CA IT PAM Considerations appendix—This appendix previously referenced installation paths that are not applicable to all scenarios; this was corrected. Various topics in this section changed to reflect that sharing a CA EEM server between CA Enterprise Log Manager and CA IT PAM is not suppoted in FIPS mode.
• Upgrading Existing CA Enterprise Log Manager Servers and Agents—This new section describes the process for upgrading both servers and agents for FIPS support, turning on FIPS mode, and verifying the FIPS mode for agents using the agent dashboard.
• Adding New CA Enterprise Log Manager Servers to an Existing FIPS Mode Federation—This new section describes the processes you use to add new servers to an existing federation that is running in FIPS mode with both local and remote CA EEM servers.
• Implementing Custom Certificates—This existing topic changed to reflect the new .cer certificate filename extension.
• Add the Trusted Root Certificate to the Management CA Enterprise Log Manager Server—This existing topic changed to reflect the new .cer certificate filename extension.
• Add the Trusted Root Certificate to All Other CA Enterprise Log Manager Servers—This existing topic changed to reflect the new .cer certificate filename extension.
• Add the Certificate Common Name to an Access Policy—This existing topic changed to reflect the new .cer certificate filename extension.
• Deploy the New Certificates—This existing topic changed to reflect the new .cer certificate filename extension.
• Agents and the Agent Certificate—This existing topic changed to reflect the new .cer certificate filename extension.
• Restore a CA EEM Server for Use with CA Enterprise Log Manager—This existing topic changed to reflect the new .cer certificate filename extension.
• Back up a CA Enterprise Log Manager Server—This existing topic changed to reflect the new .cer certificate filename extension.
• Integrating with CA Audit r8 SP2—The topics in this section were removed as CAELM4Audit is not supported with r12.1 SP1 and above.

Agent Installation Guide

The following documentation updates have been made since the last release of this documentation:

• About Agents and Log Collection—This new topic replaces the topic, About Agents, to address the context of the agents role in log collection.
• Download Agent Binaries (for Windows)—This existing topic was updated with the path to which agent binaries are downloaded.
• How to Install Silently (for Windows)—This existing topic was updated to include information on Windows-specific requirements for creating connectors and to mention that exporting Connectors.xml enables connector templates to be silently installed.
• View Agent Status Details—This new topic addresses installation validation and applies to agents in all operating environments.
• Install the Agent (for Windows)--This existing topic was changed to reflect the new installation prompt for starting an agent in FIPS mode.
• Install the Agent (for Linux)--This existing topic was changed to reflect the new installation prompt for starting an agent in FIPS mode.

The following documentation updates have been made since the last release of this documentation:

• Installing Agents on Solaris Systems
• Installing Agents on HP-UX Systems
• Installing Agents on AIX Systems

Each of these new chapters describes the end-to-end process of agent deployment, including planning steps, deploying the first agent, preparing for widespread deployment, deploying the remaining agents, and preparing new agents for use. It also addresses maintenance tasks including troubleshooting installation issues, changing the user account the agent service runs under, and uninstalling the agent.

Administration Guide

Updates have been made to the following areas since the last release of this documentation: agent status, certificate files, SNMP traps, non-interactive authentication, backup/restore commands, and subscription updates.

Affected topics include the following:

• Agent status changes:
  • View Agent Dashboard—This existing topic changed to include the new FIPS and non-FIPS mode.
  • View and Control Agent or Connector Status—This existing topic changed to include the new FIPS and non-FIPS mode.
• Certificate changes:
  • Implementing Custom Certificates—This existing topic changed to reflect the new .cer certificate filename extension.
  • Add the Trusted Root Certificate to the Management CA Enterprise Log Manager Server—This existing topic changed to reflect the new .cer certificate filename extension.
  • Add the Trusted Root Certificate to All Other CA Enterprise Log Manager Servers—This existing topic changed to reflect the new .cer certificate filename extension.
  • Add the Certificate Common Name to an Access Policy—This existing topic changed to reflect the new .cer certificate filename extension.
  • Deploy the New Certificates—This existing topic changed to reflect the new .cer certificate filename extension.
• SNMP trap changes:
  • The CA-ELM.MIB File—This existing topic was changed to distinguish between the default elmTrap ID, 1.3.6.1.4.1.791.9845.3.1 that is defined in CA-ELM.MIB used by CA Spectrum and user-defined elmTrap IDs (1.3.6.1.4.1.791.9845.3.2-999) that are defined in custom MIBs used by CA NSM.
  • Custom MIBs—This existing topic was amended to address how to indicate that fields sent by the trap include calculated fields.
  • Boilerplate Text for Custom MIBs—This new topic was created in response to a customer request.
  • Example: Create Custom MIB 33 for the Average CPU Load Trend Query—This new topic demonstrates how to use the boilerplate to create a custom MIB for an alert based on a specified query.
  • Example: Custom MIB 33—This new topic shows the result of the performing the example procedure.
  • Example: MIB Tree for Custom MIB 33—This new topic shows the components of a custom MIB graphically.
  • MIB Usage Considerations—This existing topic was updated to explain how alerts based on queries that return the same fields can use the same custom MIB.
  • Process of Working with SNMP Traps—This existing topic now includes the step to configure CA Spectrum to receive SNMPv3 traps.
  • Preparing CA NSM to Receive SNMP Traps from Alerts—This existing topic was amended to include creating and importing custom MIBs.
  • Send SNMPv3 Traps to CA NSM—This existing topic was amended for step 8 that describes the relationship between the custom trap ID and the custom MIB.
• Non-interactive authentication changes:
  • Example: Configure Authentication from a Storage Server to a Restore Point—This new section addresses the simple scenario of adding a new public key to the destination server.
  • Example: Configure Authentication from a Storage Server to a Reporting Server—This new section addresses the scenario that requires updating an existing key.
  • About Log Storage—This existing topic now specifies non-interactive authentication as the prerequisite for using restore-ca-elm.sh.
• LMArchive and restore-ca-elm.sh correction:
  • Restore-Script for Restoring Archived Databases—This existing topic was revised to indicate that each databases file to restore should be listed as [set the File Name variable].db.cerod rather than [set the File Name variable].db.
  • Identify Databases Not Backed Up—This existing topic now specifies [set the File Name variable].db.cerod rather than [set the File Name variable].db.
  • Record the Backups—This existing topic now specifies [set the File Name variable].db.cerod rather than [set the File Name variable].db.
  • Prepare to Restore Archived Databases—This existing topic now specifies [set the File Name variable].db.cerod rather than [set the File Name variable].db.
  • Restore Manually Archived Files—This existing topic now specifies [set the File Name variable].db.cerod rather than [set the File Name variable].db.
  • Query the Archive Catalog—This existing topic now includes an example of query results.
• Offline subscription updates:
  • Implementing an Offline Subscription Update—This new subscription section provides a link to the new FTP site that contains subscription packages for releases, service packs, and monthly updates.
  • Download an Offline Subscription Package—This new topic replaces Retrieve Subscription Updates Manually.
  • Apply the Offline Update—This new topic replaces Copy Updates to an Offline Proxy.
• On-demand subscription updates:
  • About On-Demand Updates—This existing topic was updated to address the prerequisite of updating the content proxy before performing Update Now on any other target. This requirement applies when selected modules include the content modules, Reports or Integrations.
  • On-Demand Updates Flowchart—This new topics provides procedural information graphically for ease of use.
  • How On-Demand Updates Work—This existing topic was updated to include the prerequisite.
  • Start an On-Demand Update—This existing topic was updated to include the prerequisite.

API Programming Guide

The following documentation updates have been made since the last release of this documentation:

getGlobalSettings - This existing topic contains a code example that changed to reflect the addition of a new key file tag pair, and the certificate filename extension.