Apache Tomcat JNDI features used in DI <Pri:1>
With the release of a POC for the Apache Log4j2 CV can we confirm Data Insight is or is not affected? NIST- https://nvd.nist.gov/vuln/detail/CVE-2021-44228 Mitre - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228,== What effect will setting 'MsgNoLookups' or disabling 'trustURLCodebase' have on DI's operations and logging? ref: https://www.oracle.com/java/technologies/javase/8u121-relnotes.html Thank you PixSolved2.3KViews0likes5CommentsInteroperability of Veritas Data Insight and Symantec's Data Loss Prevention configuration tips
The configuration of the Veritas Data Insight (DI) with (DLP) Data Loss Prevention by Symantec bi-directional interconnect requires configuration on both sides of the connection and each application has specific requirements. DI must have the access and permissions with a role to interact with the Reporting API and Web API of DLP to pull sensitive file information DLP must save the certificate for SSL comms to DI to retrieve the attributes via a configured Lookup request. Both applications require users configured in the other application for access.1.7KViews2likes0CommentsHow do I rebuild a whole device's hash?
I am failing to retrieve volumes on a SVM ERROR: V-378-1339-4104: #{7340} [set_data_vserv_hash: 2232] Failed to get volumes info for VServer ERROR: V-378-1339-4077: #{7340} [process_vservers: 3091] Failed to add VServer to allowed hash. WARNING: V-378-1318-2118: #{5232} [get_cmod_shares: 4029] NetAPP ONTAP API Err Errstr: No records found for vserver How do I get the classes to run via the command line to rebuild the hash? ________________________________________________________________________________________ Is it possible to utilize the binaries on the command line to reset the hash on the suspect SVM filer? The only ones I am aware of are --rehash which will rehash all indexes and of course --dirhash Build directory hash (use with caution) --filehash Build file hash (use with caution) but these are not at the device scope. But since it is a device I would not know which index to aim at. CLi discovery fails netapp_util.exe -i 3 –v <name> 2022-06-09 14:59:06 INFO: V-378-1318-1000: #{15148} [__initlog: 386] Logging Initialized successfully 2022-06-09 14:59:06 ERROR: V-378-1318-1055: #{15148} [main: 1259] Error in parsing cmdline args 2022-06-09 14:59:06 INFO: V-378-1318-1058: #{15148} [main: 1273] netapp_util exit code: 1 ref: -i <discovery option> {-v <vserver name>}: Get list of CMod Shares and NFS exports for all VServers or for a specific VServer if -v is provided. Discovery options: 1: Full discovery for both CIFS shares and NFS exports. 2: Test discovery for both CIFS shares and NFS exports. 3: Full discovery for CIFS shares alone. 4: Test discovery for CIFS shares alone. 5: Full discovery for NFS exports alone. 6: Test discovery for NFS exports alone. Any other value results in full discovery of both CIFS & NFS. Appears to be no option on the new service. The knowledgebase returns do not show any value to me in this regard. The Data Insight Hash Utility Tool is to encrypt or decrypt the passwords. not what I am looking for. Article - High sustained latency after ONTAP upgrade to 9.7 P14 and above due to FPolicy EAGAIN (veritas.com) talks about the buffer size we were told to disable in favor of the fix. We have upgraded to fix version PixSolved1.7KViews0likes3CommentsDELL/EMC Isilon CEE time slice with Data Insight 6.1.X
Do any of the experts in this forum know if the suggested mechanism of utilizing multiple CEE servers form an Isilon array to increase throughput and performance would have a detriment on the Data Insight time slicing of events? I understand that configuring multiple CEE servers for an array would result in round-robin transmission of events from the array, but what I am wondering is if all of the CEE servers had the same DI Collector endpoint configured if there would be any issue at the endpoint (SymantecDataconnector) putting them in time slice order and capturing them to the correct MSU by path? Would there be any detriment to the DI application to be aware of? thank you PixSolved1.5KViews0likes2Commentsmass delete of "windows File server agent"
Is there a tool or a script to be able to delete unreachable winnas that no longer have a filer associated with it? There is a a mass deletion of shares in the console but nothing for servers (product servers) or filers. The tool available in the knowledgebase is also designed for shares. I am looking for a method to remove winnas servers being decommissioned in the upgrade to a new windows version leaving me with thousands of clicks to walk through the old unreachable servers individually. I could not find anything publicly available. Thanks PixSolved1.3KViews0likes1CommentOpenSSL vulnerability <Security>
Can we claim Data Insight is not affected by these known issues? CVE-2021-3449: Crash can be provoked when connecting to a vulnerable server. CVE-2021-3450: Vulnerable client can be tricked into accepting a bogus TLS certificate. What, if any, affect will these exploits have on DI? thank you PixSolved1.3KViews0likes2CommentsCVE-2023-38545/6 security vulnerability.
In trying to assess implications of the CURL hack upon Data Insight I see the \DataInsight\perl\site\lib\HTTP\Any\Curl.pm perl module lists libcurl 7.21.6 or newer. While that is a very old version and specifically the CVEs call out Affected Versions Affected versions: libcurl 7.69.0 to and including 8.3.0 Not affected versions: libcurl < 7.69.0 and >= 8.4.0 (where a patch has been identified) we are left to wonder as to ramifications of system software changes upon the Application. Our organization will be patching for the various applications utilizing http calls over Socks5 (mentioned as a proxy in the script) and I will need to know a few facts to enter discussions with our security team. Is DI affected by the vulnerability? Will DI be aversely affected by patching to the latest library version? Has Veritas released any statement on the vulnerability and its products? Thank you PixSolved1.3KViews0likes2CommentsData Insight compatibility with NetApp
The NetApp fixes expected to conform to the Veritas changes in v6.3.1 HF1 are not expected until the patch version 14. In the meantime we anticipate upgrade to P12 for v9.8 Ontapi. Are there any issues anticipated with this version? Has Veritas Quality Assurance (QA) confirmed the 9.8P12 version for Ontapi will not cause DI any issues? I would like to confirm that our Storage Admins can proceed with this NetApp recommendation risk free. Thanks PixSolved1.3KViews0likes1CommentI do not see mention of the NFSv4 for Data Insight in the documentation or knowledgebase.
The documents released for the 6.1 version up to 6.1.6 of DI have no mention of 'NFSv4', 'NFS4' and in the SCL only NFS3 version seems supported. Are there plans to update to the latest version available in the coming 6.2 release? The known issues with the older version need be avoided. We would also like to utilize the enhancements of increased performance, File locking, the Delete bits, and benefits of security, mixed mode operations, while removing user group limitations. Thank you Pix1KViews0likes1Comment