Micro Focus SiteScope – Tips and Tricks

Table of Contents

6. Micro Focus SiteScope – Tips and Tricks – June 2021

1. SiteScope 11.92 / 2020.05 / OBM 2020.05 – no SiteScope login window after service restart when OBM is down

SiteScope 2020.05 / 11.92 is integrated with OBM 10.63 for events and topology. They are both available on Windows 2019.

It worked fine with SiS 11.41 / OBM 10.63, works fine again with 11.93 / 2020. But when OBM is down and the SiteScope service is restarted, the SiteScope Welcome screen comes up without the fields to enter the user and password to login. This is the case both for the browsers and SiS Local Client. When OBM is started up (the key is the GW server) the fields for logging in appear.

This has been tested with the OBM running on HTTP or on HTTPS, the SiteScope running on HTTP or on HTTPS, with three different SiteScope servers. They are with OMi 10.63 and SiteScope 11.41 one can see that SiteScope logging “problem while sending data to URL <OMI>….” . When OMI 10.63 is stopped and the SiteScope service is restarted, it is possible to login to SiteScope with OMi being down. So this problem wasn’t around with the OMI 10.63 and SiteScope 11.41.

Solution

What typically can be seen in error.log when SiteScope starts up with OBM (or APM) being down is that after 

  [SiteScope Main] (SiteScopeGroup.java:633) INFO  – Starting topaz manager

SiteScope starts to log errors because it is unable to “talk” to OBM / APM

  [SiteScope Main] (ApacheHttpUtils.java:512) ERROR – problem while sending data to URL: https://<OBM>:443/topaz/topaz_api/tmc_info_query?type=integration_support error:

  java.net.ConnectException: Connection timed out: connect, currentRetry: 0

This goes on until 

  [SiteScope Main] (SiteScopeGroup.java:635) INFO  – Topaz manager started.

In case OBM is not up yet, SiteScope will simply stay in

  INFO  – Starting topaz manager

trying to reach the OBM GW server.

After (by default) 30 minutes the SiteScope monitoring process detects that there was no activity, thus it thinks that SiteScope stops responding, and restarts SiteScope

service: Thu Nov  5 14:47:48 2020   Monitoring process, no progress change was detected

service: Thu Nov  5 14:47:48 2020   Shutdown request process successful

2020-11-05 14:47:58,978 [SiteScope Shutdown Watch] (SiteScopeShutdown.java:51) INFO  – Shutting down SiteScope because SiteScope service is shutting down(requested by the service)…

Then the cycle starts again with

  INFO  – Starting topaz manager

and another restart after 30 minutes, until finally, OBM responds.

Support tested with many different environments and combinations and was NOT able to reproduce the issue, but the issue has been seen with some users in the past. We were unable to analyze further why this happens on SOME environments, but not in others, as it turned out that with SiteScope 11.93 / 2020.10 all works fine again. Even with OBM being down and the SiteScope service being restarted, SiteScope now can “jump” over the non-responding OBM GW server and continue to start up.

2. Is it possible to specify a channel name when connecting to MQ?

Is it possible to specify a channel name when connecting to MQ? Most of our users have this doubt. In our opinion, it’s better to create a dedicated channel for site scope and give permission to the ID being used by it.

Solution

Background issue: Can you check with the Sitescope vendor if it is possible to specify a channel name when connecting to MQ? It’s better to create a dedicated channel for site scope and give permission to the ID being used by it.

Solution Suggested:

microfocus.com > itom > SiteScope: 2019.11 > SiS Local Client

Launch SiteScope UI as a Desktop Application from SiteScope Local Client

The SiteScope Local Client enables you to launch the UI of a target SiteScope server as a desktop application without the need for a browser.

Limitations

The following are some of the limitations of the SiteScope local client for this release:

• You cannot launch multiple instances of SiteScope using a single instance of a local client. However, you can launch multiple instances of SiteScope using multiple instances of local clients.

• SiteScope with smart card authentication is not supported.

• Unified Console for the Chinese and Japanese locale is not supported.

• Report options such as Export in the Monitor, Alert, and Server-centric reports do not work.

• Local client has to be closed and relaunched to continue to work with the SiteScope UI on:

o Loading a new license

o Restarting SiteScope from Infrastructure Preferences

microfocus.com > itom > SiteScope: 2019.11 > Reports

Create SiteScope Reports

SiteScope can collect multiple preselected metrics from a specific server and combine them into a single graph—giving you quick access to key performance monitoring data for any server in your environment. One of the key benefits of server-based reporting is the ability to drill down into reports to troubleshoot server related issues.

3. Thresholds using multiple content matches

monitor type = URL sequence capturing 2 variables on the 3rd step {$$3.1} and {$$3.2}in the threshold section, you can only select ‘content match’. How can we assign a threshold value to each of the two variables? I need assistance, if you can provide any.

Solution

Background issue: monitor type = url sequence capturing 2 variables on the 3rd step {$$3.1} and {$$3.2}in the threshold section, you can only select ‘content match’. how can i assign a threshold value to each of the two variables ?

Solution Suggested:

the user wants to use multiple content matches with the URL Sequence monitor but after some tests, this is not possible and confirmed by our Senior engineer.

We suggested to the user to use the Web script monitor as work around or try with the URL Content.

I provided some screenshots from a test in the URL content from our lab in the server .15

As we indicated, like a work around you could use a web script.

You can try to use the : URL Content monitor: microfocus.com > itom > SiteScope: 2020.05 > URL Content Monitor

URL Content Monitor Overview

The URL Content monitor is primarily used to monitor Web pages that are generated dynamically and display statistics about custom applications. By monitoring these pages, these statistics can be retrieved and integrated into the rest of your SiteScope system.

Use the URL Content monitor if you need to verify multiple values (up to 10 variables) from the content of a single URL. Otherwise, the standard URL monitor is normally used. One use for this monitor is to integrate SiteScope with other applications that export numeric data through a Web page. The content values are matched using regular expressions. The monitor includes the matched values as part of the monitor status which are written to the log. If the matched values are numeric data, the results can be plotted in a report.

Match content Expression describing the values to match in the returned page. If the expression is not contained in the page, the monitor displays the message no match on content. A regular expression is used to define the values to match.

Use parentheses to enable the monitor to retrieve these values as counters. By using the labels, these counters can be automatically assigned with a customized name and you can define thresholds for them. You can use up to 10 sets of parentheses.

Example: The expression /Copyright (\d*)-(\d*)/ would match two values, 1996 and 1998, from a page that contained the string Copyright 1996-1998. The returned values (1996 and 1998) could be used when setting Error if or Warning if thresholds.

Match content labels Labels for the matched values found in the content. The matched value labels are used as variables to access retained values from the content match expression for use with the monitor threshold settings. These labels are also displayed as the text labels in graphs generated for the retained values in management reports for this monitor.

Example: Type Copyright_start, Copyright_end to represent the copyright date range used in the Match content field. After the monitor runs, these labels are displayed in the Condition list in Threshold Settings, enabling you to set status threshold settings (Error if, Warning if, and Good if) for the matched value. SiteScope also sends the label name of content matches to Generic Data integrations, Diagnostics integrations, and OM metrics integrations.

Note:

• Separate multiple labels with a comma (,).

• You can set up to 10 labels.

Match content for error Text string to check for in the returned page. If the text is contained in the page, the monitor displays content errors found. HTML tags are part of a text document, so include them if they are part of the text for which you are searching.

Example: < B> Error < /B> Message

You can also perform a regular expression match by enclosing the string in forward slashes, with an i after the trailing slash, to indicate that there is no case sensitive matching. Click the Open Tool button to use the Regular Expression Test tool to check your regular expressions. For details, see Regular Expression Tool.

Example:/href=Doc\d+\#$filename

/ or /href=doc\d+\#$filename

/i

Note: The search is case sensitive.

4. Monitor SiteScope wmi with errors

I need to confirm the condition of a wmi SiteScope monitor; it was claimed that the windows service crashed, but it wasn’t registered in OMi. I can see that an alert was set on the monitor, but there are no records in the log files of events being sent to OMi or messages being sent. SiteScope 11.40 OS: Windows 

Solution

Background issue: Verify why WMI SiteScope monitor was not reported in OMi

Sitescope 11.40

SO: Windows

Solution Suggested:

“Send event” was not selected in the monitor, we found in the audit log that the user modified this value since 2018 we run the command prompt command:

find “IP SERVER ADDRESS” audit.log* > CAMBIOS-14.98.TXT

In the audit log the “send event” change from “selected” to “non-selected” is found in the audit log like:

update: ‘_prioritySelection’ updated from ‘EVENT’ to ‘MEASUREMENT’

5. Solution to help pass variables through Script Alerts

Do you need help passing variables through Script Alerts? This article will provide you all the help you need.

Solution

Background issue: user needs help passing variables through Script Alerts.

Solution Suggested:

Here you will find an example:

• Add “Match value labels:” called: “returnval”

• Use the “Match expression:” à /(.*)/s àif you don’t include the “s” it is not going to work.

• As well the “Timeout(Seconds):” cannot be “-1”, then I change the value to “60” or other different to -1

• In the thresholds we used :

Condition: returnval

Operator: Contains

Value: ‘return val: 1’

Email works:

• You need to use this to get the “status”.

6. Sitescope application down

The SiteScope servers down are in our Disaster Recovery Isolated Zone which is an exact mirror configuration of our regular production network including the IP addresses of the servers. When the DR zone was brought up about 48 hours ago, the Sitescope servers would not authenticate any users (including the Administrator) and perpetually hang on the login phase. 

Further investigation using the Java console revealed that the Root certificates are not being accepted with the following error message:java.security.cert.CertificateException: java.security.cert.CertPathValidatorException: Responder’s certificate is not authorized to sign OCSP responses*** ERROR *** Https installation of BAC with unauthorized (not from trusted authority) certificate (for example QA installation) � it should be installed on the client’s JRE as well – See The Hardening guide for further information. (Since BAC 8.0)*** ERROR ***java.security.cert.CertificateException: java.security.cert.CertPathValidatorException: Responder’s certificate is not authorized to sign OCSP responses*** ERROR *** Https installation of BAC with unauthorized (not from trusted authority) certificate (for example QA installation) it should be installed on the client’s JRE as well – See The Hardening guide for further information.(Since BAC 8.0)We have attempted to re-import the certificates to no avail. Late last night, we re-imported the entire VM’s for Primary/Failover servers and the error is still there. We need help in determining the root cause of this error.

Solution

SiteScope 11.51

Error:

I just checked java.security on the Sitescope server and it looks like the OCSP is disabled. Here is the fragment of the file (all commented out): Properties to configure OCSP for certificate revocation checking Enable OCSP By default, OCSP is not used for certificate revocation checking. This property enables the use of OCSP when set to the value “true”.

NOTE: SocketPermission is required to connect to an OCSP responder.

Location of the OCSP responder, By default, the location of the OCSP responder is determined implicitly by the location of the OCSP responder. The property is used when the Subject name of the OCSP responder’s certificate. By default, the certificate of the OCSP responder is that of the issuer of the OCSP responder when the default does not apply.

Its value is a string ocsp.responderCertSubjectName=”CN=OCSP Responder, O=XYZ Corp”. Issuer name of the OCSP responder’s certificate. By default, the certificate of the OCSP responder is that of the issuer of the OCSP responder when the default does not apply. Its value is a string Serial number of the OCSP responder’s certificate.

By default, the certificate of the OCSP responder is that of the issuer of the OCSP responder when the default does not apply. Its value is a string as revocation information such as CRLs and signed OCSP Responses. as well as revocation information such as CRLs and signed OCSP Responses.

————————————————————————

Solution Suggested:

The issue was: The Server IP was changed and Certificates were not renewed.

Hardening Tool Configuration microfocus.com > itom > SiteScope: 2020.05 > Hardening Tool Config Secure

Hardening Tool Documentation 

microfocus.com > itom > SiteScope: 2020.05 > Run Hardening Tool

1. This subject explains how to use the Hardening Tool and how to open it. You must first complete the steps in this topic before moving on to the other topics in this chapter.

·         Set up the SiteScope LDAP server. See “How to Set Up SiteScope to Use LDAP Authentication” in the SiteScope Help’s Using SiteScope Guide for more information.

·         In SiteScope user management, create a new role for LDAP users.

·         Change the SiteScope administrator login name to the LDAP user’s email address. Do not enter a password.

2.   Stop the SiteScope service:

Windows:

Close the command-line terminal or click CTRL+C if you’re launching SiteScope from go.bat.

If you’re using SiteScope as a service, follow these steps:

·         Look for services in Windows Explorer. The Component Services window appears on the screen.

·         Select Services from the left pane (Local).

·         Select SiteScope from the services list in the center pane.

·         Stop the service in the area to the left of the service list.

Linux:

Run the command line:

cd /opt/HP/SiteScope/

./stop

Do not run the Hardening Tool when SiteScope is running.

3.   Run the following command to start the tool:

Windows:

cd <SiteScope_home_directory>\tools\SiteScopeHardeningTool

runSSLConfiguration.bat

Linux:

cd /opt/HP/SiteScope/tools/SiteScopeHardeningTool

./runSSLConfiguration.sh

The Hardening Tool is launched.

4.   When the tool prompts you, choose “SiteScope hardening configuration.” The existing SiteScope configuration is backed up automatically.

5.   Enter a backup description when prompted to make it easier to identify the backup in the future if you need to restore it. See How to Use the Hardening Tool to Restore a Backed Up Configuration for instructions on how to restore a backed-up configuration.

The Tomcat configuration server.xml file in the /opt/HP/SiteScope/Tomcat/conf directory is overwritten when using the Hardening Tool, and any modifications made to that file before running the tool are deleted. After executing the tool, you must reapply these changes to this file to restore them.

6.   Choose one or more of the tasks from the tool’s list. See the other sections in this chapter for more information on how to use the Hardening Tool to execute setup tasks.

Note that changes to the configuration only take effect once you quit the Hardening Tool.

Restoring Backend Config

microfocus.com > itom > SiteScope: 2020.05 > Hardening Tool Restore Config

The existing SiteScope configuration is immediately backed up when you run the Hardening Tool. To restore a backed-up configuration, utilize the Hardening Tool as follows:

Step 1: Use the Hardening Tool to finish the job. See How to Use the Hardening Tool for more information.

Step 2: Choose “Restore SiteScope configuration from backup” from the drop-down menu.

Follow the tool’s instructions.

·         The time and date of the backup are included in the backup name.

·         Only after you exit the Hardening Tool do your changes take effect.

Client Certificate Authentication

microfocus.com > itom > SiteScope: 2020.05 > Config Authentication

You can set up SiteScope and the SiteScope public API client to require client certificate authentication if you’ve configured SiteScope to work over TLS (see Configure SiteScope to Require a Secure Connection). The Hardening Tool is used to do this. For more information, read How to Configure SiteScope Using the Hardening Tool and SiteScope Public API Client Certificate Authentication.

7. Old BSM Servers details under infra setting after connecting to new BSM servers

We had issues where we are able to still see the old BSM Servers details under Setup and Maintenance > Infrastructure Settings –platform administration even after connecting to new BSM Servers.

Highlighted are actual BSM gateway servers that should only be visible, as we have taken this DB backup from the current prod BSM and connected to it, we did try DB Swap where we have run some queries.

And also verified the setting parameters table where I could not find any Old BSM Servers there. But the same old servers are still showing up in BSM infrastructure settings here, how can I clear these old BSM servers.

Solution

Background issue: users had an issue where they are able to still see the old BSM Servers details under Setup and Maintenance > Infrastructure Settings – platform administration even after connecting to new BSM Servers.

And also verified the setting_parameters table where I could not find any Old BSM Servers there.

But the same old servers are still showing up in BSM infrastructure settings here. How can I clear this old BSM server? Please guide us.

APM:9.50

Problem: You require to migrate and remove old hosts

Environment: HA

—————————————–

Solution Suggested:

REMOVE HOSTs:

Tables from DataBase were backed up.

1) For previous versions with Sonic Bus it is required that you STOP the DPSs and Gateways in this way:

• STOP Gateways first

• Then STOP DPS 2, then DPS1

• Go to the “Schema” DataBase

• Remove the desire host : xxxxxxxx with H_ID : XXX

• Run the select query in the “Schema” DataBase to confirm all the information from the server to be removed in the Schema DataBase:

Select * from HOSTS (Find the ID for the host you want to remove)

Select from HOSTS_HOST_TYPES_PROP where HHTP_HOST2HOSTTYPES_ID in (Select hht_id from HOSTS_HOST_TYPES where HHT_HOST_ID =)

Select from HOSTS_HOST_TYPES where HHT_HOST_ID =

Select FROM HOST SESSIONS where HS_HOSTID=

Select from hosts where h_id =

Select * from HOSTS (Find the ID for the host you want to remove)

……………………………………………………………………………………………….

Then we require to complete the host removal using the “delete” command instead of the select:

……………………………………………………………………………………………….

Select * from HOSTS (Find the ID for the host you want to remove) à not for this

delete from HOSTS_HOST_TYPES_PROP where HHTP_HOST2HOSTTYPES_ID in (Select hht_id from HOSTS_HOST_TYPES where HHT_HOST_ID =)

delete from HOSTS_HOST_TYPES where HHT_HOST_ID =

delete FROM HOST SESSIONS where HS_HOSTID=

delete from hosts where h_id =

• Then put up and run the gateways and DPS, run the Config wizard tool to check, and all was confirmed was ok and the host was removed properly.

• Check if Host was successfully removed, check the BSM platform à BSM UI > Setup and Maintenance > Foundations > Platform Administration

8. Can SiteScope URL Monitor process JSON format?

If you want to know whether SiteScope URL monitors handle web pages that return data in JSON format ?

Solution

The answer is yes.

The SiteScope URL monitor can handle and process Web pages that return JSON format. SiteScope retrieves the data similar to Google Chrome or Firefox Browser.

For example:

if you use the following test URL 

  echo.jsontest.com > key > value > one > two

you receive:

{

   “one”: “two”,

   “key”: “value”

}

Content matching etc. can be performed on the JSON code being returned.

Note: 

​Internet Explorer (IE) doesn’t handle JSON format correctly, as it tries to convert the response into XML/HTML, which fails.

9. Supported OS vulnerability issues for RUM

There is currently implementation of RUM 9.51 with a RUM a Probe that is installed on an RHEL 7.5, and there are various vulnerabilities linked with this version of Linux in the vulnerability analysis carried out for security, but evaluating the support material in. According to the Micro Focus page, RUM Probe supports RHEL 7.5 as the maximum operating system version. What can I do in this instance to upload the OS version without losing RUM support?

Solution

Background issue: user has a RUM 9.51 implementation that has a RUM with a Probe installed in RHEL 7.5, vulnerabilities associated with Linux, according to the document the maximum OS version supported by RUM Probe is RHEL 7.5.

the user wants to know how to upgrade the OS to a greater version and doesn’t lose RUM support.

Solution Suggested:

After talking with a Senior engineer, we confirmed that we can not use a different version than one documented/certified for RUM RHEL, for this case maximum version is 7.5 for RHEL. 

10. SiteScope – what are the specific permissions to be assigned at the WMI namespace root\CIMV2

 

What are the specific permissions to be assigned at the WMI namespace root\CIMV2 in Sitescope?

With regards to their documentation (microfocus.com > itom > SiteScope: 2019.05 > WMI Service Win Monitoring)

Configure the WMI service on the remote server:

The following are requirements for using SiteScope to collect performance measurements on a remote machine using WMI:

– The WMI service must be running on the remote machine.

– The user entered on the WMI remote server must have permission to read statistics remotely from WMI namespace root\CIMV2.

==> What are the specific permissions to be assigned at the WMI namespace root\CIMV2?

– The monitoring user must be added to the Performance Monitor Users group on the target server, and have DCOM remote launch and activation permissions.

Solution

Prerequisites:

SiteScope must be installed on a Windows machine.

Configure the WMI service on the remote server:

The following are requirements for using SiteScope to collect performance measurements on a remote machine using WMI:

a. The WMI service must be running on the remote machine. For details, refer to the Windows Management Instrumentation documentation.

b. The user entered on the WMI remote server must have permissions to read statistics remotely from WMI namespace root\CIMV2.

c. The monitoring user must be added to the Performance Monitor Users group on the target server, and have DCOM remote launch and activation permissions.

microfocus.com > itom > SiteScope: 2020.05 > Config Monitor Remote Win

Additionally, in order to test proper connection, we may check over the test utility. Windows tool “wbemtest” helps us to test the WMI connectivity between two servers on the same subnet.

Step 1: Go to Start > Run > write wbemtest and hit Ok:

Step 2: Click on the CONNECT button then in the NAMESPACE field at the top type the IP Address of the host you are testing “\\x.x.x.x\namespace” (if the namespace is already there leave it, and put the IP in front of it like the picture below:

Step 3: Then put in your Credentials for the host you are connecting to.

Step 4: Click on the CONNECT button.

Step 5: Once connected you will see all the IWbemServices buttons available

Step 6: Click on the Query button and type the following:  select * from win32_useraccount and verify the results.