Powertech Compliance Monitor for IBM i

June 2019

Version 3.32

Consolidator

  • A correction has been made to prevent Batch Assessments that use System Groups and Automatic Collected Data from failing.
  • The command CM2CHGLOGF has been added to change the Log File automatic collected data storage table. This allows data to be stored in multiple files.
  • Updates for IBM i 7.4 compatibility:
    • New system values for QSSLCSL and QSSLPCL.
    • New fields have been added for entry types CP, CU, and DS (Service tool).
    • New entry types have been added: M0, M6, M7, M8, M9.

Endpoint

  • User reports have been modified to ensure the correct out queue information is being listed.

March 2019

Version 3.31

Consolidator

Enhancements
  • A process has been added that allows data that was previously marked 'Prevent Delete' to be deleted.
  • The collection aging process has been enhanced to allow for longer retention periods and the ability to not purge Manual Assessments by Age or Count.
Other Updates
  • An issue causing excessive getProfileText() error messages in cm3.log files has been resolved.
  • Change have been introduced to the way some databases are being journaled so they no longer include file open and closes.
  • A syntax error in Automatic Purge of Automatic Data by size has been fixed.
  • Changes have been made to address failed Batch Assessments and incorrect report dates.
  • OutOfMemory Errors when attempting to view Automatic Collection data have been resolved.
  • Changes to Powertech product names have been introduced, including Exit Point Manager for IBM i (formerly "Network Security") and Authority Broker for IBM i (formerly "Authority Broker").
  • The PowerTech directory owner is now set to PLCM2ADM if it is not being shared by Exit Point Manager (Network Security) version 6.
  • Retrieval of Log File data has been changed to reduce the file size.

Endpoint

  • Changes to Powertech product names have been introduced.

November 2018

Version 3.30

Consolidator

New Feature
  • The date and time can now be included as part of the file name generated by the batch assessment process.
Enhancement
  • Java 1.8 is now supported.
Other Updates
  • Filters available on incorrect log file reports has been resolved.
  • Failed Send Message actions (on the Mail Server tab of Consolidator Properties) are now reported correctly.
  • Inability to export reports with names containing Spanish characters has been resolved.
  • Content alignment issues viewing assessments in Chrome and Edge have been resolved.
  • A problem causing the CM2BCHREQ command to lock up when using Position To has been resolved.
  • Duplicate data on Command Assessment reports has been resolved.

June 2018

Version 3.29

Consolidator

New Features
  • Validation has been added to the CM2BCHREQ command.
Enhancements
  • A cleanup process has been added to ensure the correct installation files are being used.
Other Updates
  • A file constraint issue no longer prevents the update process from completing.
  • Compliance Monitor user profile PLCM2ADM is no longer vulnerable to removal. This user profile, installed during product installation, is required for proper functioning of Compliance Monitor.
  • Authority Broker reports no longer incorrectly list U:ER as an Error report. (U:ER is a Swap Reason Report.)
  • Descriptive names in log file data filters have been restored.
  • A problem that caused TLS to stop functioning after an OS upgrade from V7R1 to V7R3 has been resolved.
  • A problem causing an inability to email batch assessments has been resolved.
  • Issues with the CM2BCHREQ command that prevented Batch Assessments from running have been resolved.

Endpoint

  • All objects are now included when multiple directories are requested for the Object Limit report.
  • When selecting both IFS and QSYS objects in the Object Limit report, both are now reported (instead of only one).

January 2018

Version 3.28
Enhancements
  • TLS support has been added. Secured TLS connections can now be used for IBM i communications.
Other Updates
  • The correct version of Java is now used when ending the consolidator.
  • Inability to view a portion of the Consolidator Properties using Internet Explorer 11 has been fixed.
  • The Report Owner in the report information is now displayed correctly.
  • The error "Unable to fetch the report view information" when attempting to create a new report has been resolved.
  • The inability to create an Endpoint due to the usage of an incorrect library has been resolved.
  • Automatic changing of the start time on batch assessments has been corrected.

August 2017

Version 3.27
  • The Java version has been added to the Product Version command (LPRDVRM).
  • Failure to login to the Consolidator using the Green Screen (5250 emulation) has been resolved.

  • Access to the Compliance Monitor technical details web page can now be restricted.

  • The ability to change some Consolidator properties via the GUI without restarting the Consolidator has been added.
  • A change has been made to reduce the size of excessively large log files.
  • Changes have been made to the Automatic Purge Process in order to include additional tables.

  • The ability to exclude journal receivers from the PDF cover page has been added.

March 2017

Version 3.26
  • Missing custom logos on the Scorecard reports has been fixed.
  • The Compliance Monitor context sensitive help has been updated to inherit the standard Powertech HTML help architecture.
  • When copying a Log File report and creating a new filter, the criteria fields no longer include fields from other Log File reports.
  • Extra user profile data, such as Object reports for User Libraries, is no longer being collected when not needed.
  • Inability to run a scheduled Batch Assessment the second time in a day has been resolved.

November 2016

Version 3.25
  • The ability to send reports to another server has been added.
  • OutOfMemory errors in batch assessments that use automatic data have been fixed.
  • When deleting endpoints, Compliance Monitor now checks to see if the endpoint is being used in a batch assessment.
  • Setting the default password on an endpoint now works when the QPWDLVL System Value allows passwords with a length of 1-128 characters (value of 2 or greater).

September 2016

Version 3.24
  • Improved Deployment. The Compliance Monitor Consolidator and Endpoint are now delivered with new deployment functionality, including the ability to stage the product installation.
  • Remote Address (IP Address). As of version 3.24, the Remote IP Address has been added to all of the Log file reports in order to identify which IP Address is associated with each journaled event. This is useful when trying to determine the origin of a request.
  • Enhanced Batch Assessment Request Reporting for Authority Broker Event History. The report start and end dates for the Authority Broker Event History can now be overridden. Keywords like *YESTERDAY can now be used instead of specific dates for date ranges. This becomes very useful for automating a consolidated Authority Broker Event History report for the previous day’s data.
  • Orphaned records in the Batch Assessment history will now be purged.
  • Editing a Batch Assessment containing an Authority Broker Event Report no longer causes parameters to be removed in certain scenarios.
  • A parsing error has been corrected, allowing Scheduled Assessments to run properly.
  • The Endpoint Version has been added to the Consolidator.

June 2016

Version 3.23
  • Performance Improvements:
    • The process of starting the Consolidator has been expedited.
    • Unneeded data is now omitted when retrieving data from the endpoint.
    • The batch assessment history no longer contains duplicate messages.
  • Verbiage changes have been made to the License Agreement.
  • A timing issue that allowed duplicate data to be retrieved during automatic collection has been resolved.
  • A timing issue that caused Batch Assessments to periodically send two emails has been resolved.
  • Incorrect required values have been removed from the System Values report.

April 2016

Version 3.22
  • A problem causing assessments to fail with the error "DataRequestor has expired" has been resolved.
  • V7R3 support updates include:
    • Pre-checker updates.
    • Java updates.
    • *NETSECURE, *NETTELSVR, and *NETUDP have been added to the QAUDLVL & QAUDLVL2 system values.
    • QAUTOVRT value *REGFAC has been removed.
    • Log Files:
      • New journal entry fields to T:AD reports have been added.
      • New journal entry fields to T:CP reports have been added.
      • The fields for T:SF reports have been corrected.
      • New journal entry fields to T:SK reports have been added.
      • Problems populating the OS/400 job number field have been corrected.
  • The user is now notified with an error when a Batch Assessment email is not sent due to the mail server not being set up.
  • When switching Automatic Collection from Consolidator to Endpoint, the journal entry types are now kept.
  • When removing the Automatic Data using the Delete Data option, all data is now purged.
  • License agreement verbiage changes have been added.
  • The false error "Unable to retrieve the Robot Schedule job" when using batch assessments has been removed.
  • License error messages now reference HelpSystems rather than PowerTech.

Endpoint

  • A problem causing assessments to fail with the error "DataRequestor has expired" has been resolved.
  • License agreement verbiage changes have been added.
  • License error messages now reference HelpSystems rather than PowerTech.

February 2016

Version 3.21

Consolidator fixes:

  • System value QPWDCHGBLK is no longer misspelled on the Edit Security Policy - Base Policy.
  • Missing data caused by running 30 reports in a single batch assessment has been resolved.
  • Assessment reports bundled into a zip file no longer error when trying to FTP to Windows.
  • When system value reports are run in a group with non-system value reports, the report is no longer missing the color, required, and allowed values.
  • Missing data from Authority Broker Event Reports after deleting the assessment has been resolved.
  • Error messages have been improved to facilitate troubleshooting.
  • An error preventing the ability to create a filter for T:ZC Access Type have been resolved.
  • The process of removing reports from a Report Group and deleting Groups has been changed to prevent reports from being orphaned.
  • Licensing improvements have been made for Capped / Shared Pool Processors.
  • CM2POST spool files are now cleaned up after updating, and are not left on the system.
  • System Value QAUTOVRT now allows a value of zero.
  • The Authority Broker Event Report now produces the appropriate data when the journal entry sequence number is greater than 9,999,999,999.
  • Now, when Network Security has written blank journal entries, those entries will not cause an error when viewed in Compliance Monitor.
End Point
  • Automatic collections now pick up Network Security NR (rejects) data.
  • Network Security journal data is now retrieved when using a journal other than QAUDJRN.
  • Licensing improvements have been made for Capped / Shared Pool Processors.

October 2015

Version 3.20
  • An “Unable to retrieve the Collection data” error in the Web UI has been resolved.
  • An error that can cause a missing record when running a batch assessment that contains twenty-seven records has been resolved.
  • The date/time on the assessments are no longer being changed to represent the user's time zone. (They now retain the date/time from the endpoint.)
  • Assessment T:PU reports are no longer missing the fields specific for the PU entry type.
  • Assessment T:PW reports no longer list Profile Text when an Invalid User Profile was used.
  • The System Value Scorecard no longer reports errors when values should be reported as correct.
  • Filter criteria ‘USRPRFTXT equals *NONE’ in User Profile reports no longer errors.
  • Exporting then importing a report now retains the sort order.
  • The Authority Broker External Report no longer errors when system value QTIMSEP is set to 2 for period.
  • Extra hex data at the end of Network Security 7 transaction data is no longer displayed.

August 2015

Version 3.19
  • System values QAUDFRCLVL, QDECFMT, and QMAXACTLVL have been changed to match the IBM i display.
  • System values (including QCHRID, QSTGLOWLMT, QUPSDLYTIM, andQPWDRULES) are no longer shown in error even though they are within the required policy range.
  • Licensing: The correct partition number is now reported when greater than 255.
  • The security policy for ZPCSACCPGM has been changed to allow values *REJECT, *OBJAUT or *REGFAC.
  • The security policy for QHSTLOGSIZ has been changed to allow value *DAILY.
  • ADJUTC has been added to the *DATTIM filter for assessment MISC 7e Date Time Changes.
  • The entry type descriptions have been added to the SV reports for types D, E, F.
  • QUSRLIBL on the System Value Scorecard no longer has a red x when the libraries match the required value.
  • Performance improvements: some aspects of data retrieval have been changed to reduce database access.
  • System value QTIMSEP on the All System Values report no longer shows an error when the values match those required.
  • Changes have been made to the Security Policy edit attributes including fixed descriptions, additional values, and a reduction in the ability to add invalid values.
End Point:
  • System values QAUDFRCLVL, QDECFMT, and QMAXACTLVL have been changed to match the IBM i display.
  • Licensing: The correct partition number is now reported when greater than 255.
  • The process that retrieves system values returns QSYS/QEZMAIN for *ASSIST. This value is now being acknowledged as a valid value in the System Value report.
  • The security policy for QHSTLOGSIZ has been changed to allow value *DAILY.
  • System value QTIMSEP on the All System Values report no longer shows an error when the values match those required.
  • Changes have been made to the Security Policy edit attributes including fixed descriptions, additional values, and a reduction in the ability to add invalid values.

June 2015

Version 3.18
  • Filter details can now be added to cover pages of reports.
  • The automatic data display is now correct on V7R2.
  • Errors causing the profile Scorecard to be empty have been resolved.
  • Automatic Collections sorted by time now check am/pm values.
  • CM2BCHREQ no longer fails when using *YESTERDAY or *LASTWEEK on V7R2.
  • Filters are no longer missing the Filter Criteria (although it has multiple sub filters).
  • Batch Assessment failures resulting in cm3.log error ‘java.lang.NumberFormatException: multiple points’ have been resolved.
  • Update no longer fails although the Product Maintenance Wizard reports it has completed.
  • Performance improvements have been added.
  • Batch Assessment History now contains an entry when writing reports to the IFS.
  • Issues updating system values in the Security Policy have been resolved.
  • Problems preventing assessments from achieving a ready status have been resolved.
  • The broken link to the Compliance Guide in the system submenu has been fixed.

January 2015

Version 3.17
  • User profile text can now be included in many of Compliance Monitor’s reports. On the (T:PW) User/Password Failures report, and the MISC 7a - Failed Login Attempts report, the “Profile Text” field has been added as a selected field next to the Profile. “JE User Text” is an available field on the other Log File Report Definitions.
  • Automatic Collections and Manual Assessments now have a longer maximum data retention period.
  • The Assessment name is no longer used as part of the Internal Scheduler, eliminating the possibility for duplicate reports when changing the Assessment name.
  • New parameters “Include switches based on“ and “Omit activity outside the date/time range” have been added to the Authority Broker Event Report.
  • The System Value Scorecard for QSSLPCL allows for multiple values.
  • Remote IP Address has been added to the Log File Job Changes Report.
  • The LPRDVRM command now shows the correct Partition number.
  • Confusing spool files (e.g. CM2POST, VCMOBJAJOB, and CM2POST03) are now removed after the installation/update process.
  • The Authority Broker Begin Swap report is no longer truncating text.
  • Clickjacking prevention has been added.
  • The list of journal receivers on report cover pages is now limited to the assessment time frame.
End Point
  • License agreement verbiage has been changed.
  • The LPRDVRM command now shows the correct Partition number.
  • An issue causing a missing library in reports when two have been selected in the Report Definition has been resolved.

August 2014

Version 3.16
  • Errors resulting from inconsistent case sensitivity in Filters that use LIKE have been resolved.
  • Columns of the (T:KF) Key Ring File Changes report no longer include entries with unreadable characters.
  • CM2BCHREQ now edits to verify the date entered is correct (assessment id & time frame) and returns or logs the assessment that was requested.
  • Job Description Assessments no longer have duplicate data.
  • Errors in log file header information Remote Address (Rmt Addr) and Remote Port (Rmt Port) have been resolved.
  • The 'Where Run' column of the T:CD Audited Command report now displays the correct value (instead of *YES/*NO).
  • The process of checking for the PLCMMON job on the endpoint has been changed, improving the performance of assessments.
  • The cm3.log has been improved with additional logging, more variables in the logs, and now includes the IBM i job information when getting a connection.
End Point
  • Errors resulting in blank Network Security and Authority Broker reports have been resolved.
  • All entry types are now retrieved when running reports using Auto Collection.

May 2014

Version 3.15
  • The Finish button is no longer greyed out occasionally while creating or editing a new Profile Scorecard. “Port 8009 is in use” errors have been addressed.
  • The final column is no longer repeated when a column is deleted from a report.
  • Additional information in the cm3.log has been added to help troubleshoot the error "Error encountered attempting to start Endpoint monitor for system ..."
  • Updates for V7R2 support.
  • The delete process for deleting automatic collections data now removes the last assessment timestamp.
  • Automatic data collection no longer misses data when the time zone is earlier than the consolidators.
  • Report preferences now display correctly on reports exported to PDF.
  • Selecting 'OK' on Collection Properties no longer results in a NullPointerException on occasion.
  • PDF export now fully honors the selected page size.
End Point
  • Product Install and Update Reports no longer have the wrong system date when run from the PMW.
  • Updates for V7R2 support.
  • Automatic data collection no longer misses data when the time zone is earlier than the consolidators.

January 2014

Version 3.14
  • This version performs a General cleanup of scorecard code.
  • Log statements that pertain to license check internals are now commented out.
  • Unsightly field wrapping in PDFs has been improved. Cell padding can now be set manually. The property is PDF_CELL_PADDING; a value of 12 is recommended.
  • The flooding of the QZRCSRVS job log with CPF5C61 messages has been stopped.
  • The owner of the PowerTech IFS directory is now QDFTOWN.
  • Selecting a filter outside the checkbox no longer deselects previously selected filters.
  • The issue whereby a filter does not display the value field (it is blank) has been resolved.
  • The update process that was removing SSL settings and customer Logo has been resolved.
  • Formatting of timestamp and date fields in the .xlsx export can now be controlled.
  • Performance for multiple endpoints has been improved.
  • Events that hang the batch report (whereby no collection is shown and the cm3.log shows a data truncation error) have been resolved.
  • The SQL0199 error “Keyword NOT not expected” has been resolved.
  • The PowerTech Maintenance Wizard - Restart & Load Another System option is now working.
  • Failed assessments reported in the collection properties as an “Error forwarding Data Request to T3 system…” will now result in a second attempt to contact the Data Queue.
  • The issue has been resolved whereby the batch history of the assessment is expanded, the application attempts to open the history, but then goes back to the history screen not expanded.
  • The issue whereby running an assessment off the Endpoint yields information, but running the same report off of automatic assessments does not (yields 0 results), has been resolved.

November 2013

Version 3.13
  • Stalled assessments and associated problems printing reports have been resolved.
  • Failed batch reports with error message ‘Unable to generate report’ have been fixed.
  • Batch assessment report e-mails are no longer duplicated under certain conditions.
  • Batch reports over automatic assessment collections, and non-automatic assessments, now honor the requested time zone selection.
  • Processing of Network Security journal entries has been improved.
  • Cm3.log logging has been changed to wrap and keep five log files.
  • Run messages are now restricted to one thousand, preventing failed batch assessments.
  • The scorecard interpretation of filters with NOT used as a connective has been fixed.
  • The 'cannot export a system value side-by-side report to pdf’ problem has been fixed.
  • An incorrect error message in the Pre-Checker has been corrected. (A field used to verify the type of installation is now populated.)
  • Values used to calculate the Compliance Ratings for different Scorecards are now the same.

September 2013

Version 3.12
  • Compliance Monitor now has the ability to store license keys for multiple systems.

May 2013

Version 3.10
  • Add PTFs to the pre-checker
  • Honor grid table selection in export
  • Better handle OutOfMemory error conditions
  • Attempt to prevent duplicate collection request keys, and improve logging if it does happen
  • Better handle time zone differences for log file reports
  • Allow field-to-field filter criteria for two different data types
  • Eliminate non-displayable characters in the Run Date field
  • Suppress updates to Robot Schedule jobs when no changes are made
  • Add warning to Run Time/Days if changing these values for batch reports scheduled in Robot Schedule
  • Create custom reports to retain available fields, not just selected fields.

February 2013

Version 3.08
  • Changed startup to RGZPFM for CMGRID.
  • Remove CM libraries from the library list once no longer needed.
End Point
  • ​Fixed object ownership of Endpoint Local Filter (ELF) objects.
  • Added the ability to use the Endpoint Local Filter on JE header fields
  • Renamed ZLIB *SRVPGM to avoid name conflict
UI
  • Allow a user to set a filter based on a field vs a value comparison.
  • Changed the product to help propagate authority from the setting in the batch report setup to the collection run via batch reporting.
  • Update message in email “There were no reports generated” to “There were no table reports generated”.
  • Allow users to remove group authority by unchecking group ‘use’ and group ‘change’ checkboxes on group authority for batch report setup.

January 2013

Version 3.07

New Features:

  • Fixed filter errors caused by CM 3.x syntax for children of 'Not' nodes.
  • To avoid the LOB Data pointer issue, code was added to check If BYPASS_NATIVE_DRIVER property present and set to YES, then try to not use the native driver. Note that this requires that the DB_USER and DB_PASSWORD properties are also set. The intent is to force the jdbc driver to be used.
  • Cleaned up CMGRID following Batch reporting.
  • Used the Http Session implementation in the WUI-Consolidator event listener thread to avoid permission problems when fetching the list of collections and so that batch report generation appears "the same" as a regular web browser user
  • Changed the category of "Feature 'nodes' not found" message from ERROR to DEBUG
  • Fixed export of selected rows of log file reports (where those selected rows are not on the first page).
  • Fixed intermittent install issue 'Error loading jvm.dll' with the Sun recommended fix.

Fixes:

  • Added a select (single-click) listener to the report-tree so that the UI works on tablets.
  • Added security checks to every publicly facing method in the ConsolidatorRPC and ReportRPC implementations.
  • Added an extra layer of security checking on Selected Assessments/Collections when displaying report information
End Point
  • Fixed the error in the CM0101SP stored procedure that was occurring on some DBCS systems.

Back to Product Index

 

Copyright © HelpSystems, LLC.
All trademarks and registered trademarks are the property of their respective owners.
Last Published: 201912051020