Deletion Logs – What’s Coming In V10

So deletion logs.. currently (without custom code) we cannot tell who deleted a document and what document they deleted in which database.  With v10 deletion logging is now a standard trigger on the database that creates an entry in a delete.log file in the IBM_TECHNICAL_SUPPORT directory detailing every deletion activity.

So how does it work?

Deletion logging is enabled via the compact task on an individual database basis. The option -dl is used when compacting a database along with the fields in that database you want to be part of the log. For example if I wanted to turn it on for my mail file I might do

load compact mail\gdavis.nsf -dl on subject,posteddate,sendto,recipient

Every deletion after that point would then be logged as a single CSV entry in delete.log.  Note there are standard values that are always logged in addition to the custom fields I requested

“20180210T211516,06+01″,
“Mail\gdavis.nsf”,
“80256487:00352154″, “nserver”,”CN=Traveler/O=Turtle”,
“SOFT”, “0001″,”72C0E3F8:44B53FB5DC4EDBF8:A785466D”,
“from”,”””New Relic”  –
 “<marketing@newrelic.com>”, “sendto”,”gabriella@turtle.com”, “deliveredDate”,”02/10/2018 21:05:05”, “posteddate”,”02/10/2018 16:15:18″

There are several interesting aspects to this approach but I see it being particularly powerful for audit purposes, as it shows not only the message but the timestamp of the deletion and who did it.   Note that the server name in the log entry here tells me my Traveler server did the deletion so it was done from my phone, if it had been deleted in the Notes client it would have my name there as the person who did the deletion.

The delete.log itself rolls over each time the server is restarted but obviously depending on the size of your environment and how widely you deploy deletion logging that’s a CSV file you are going to want to have a strategy for.

7 days and counting

 

Java Problems Installing Sametime Community Server

Recently I was asked to install Sametime Community server in a new site.  I’ll be honest, I haven’t done a greenfield site install of Sametime in nearly a year, my work has primarily been upgrading (adding new elements) and maintenance.

As you probably know you can’t just install the Community Server onto Domino,  much of the admin and management features are now controlled solely inside the Sametime System Console running on WebSphere.  When installing WebSphere I installed version 8.5.5 as a base then applied the latest fixpack 12. (now version 13).  The Sametime elements only work with Java SE6 which used to be fine, during the WebSphere install I’d explicitly override its wish to install Java SE8 with a radio button to choose Java SE6, however that option disappeared on fixpack 11 and as of April 2018 Java SE6 is no longer supported even though Sametime still requires it and will continue to do so I suspect well into next year since the next release of a Community server is scheduled for H1 2019 and other elements for H2 2019.

Everything installed fine but then the servers with the applications couldn’t be stopped properly.  I had to uninstall WebSphere and the SSC entirely, then install base 8.5.5 with fixpack 8 (which I had to hand although other early fixpacks may also have worked) that allowed me to choose Java SE6 then install the SSC.  Once it was installed and I tested starting and stopping server elements I went ahead and upgraded the fixpack to 12.  WebSphere will warn you but continue to honour the Java version you originally chose , in this case Java SE 6, and not force an upgrade.

So. Websphere 8.5.5 with FP8 , then FP11.. 12.. 13 whatever you want.  The system requirements still say these are all supported so the loss of the option to choose Java SE 6 during fixpack install is what we are trying to fix.

Adminlicious – My Favourite TCO Features in Domino 10

This is my presentation from Icon UK on Thursday 13th September.  There are lots of TCO features coming in Domino 10 that I’ve been working with and look forward to putting into production.  In this presentation I cover things like cluster symmetry, pre send mail checking, deletion logs and the newrelic statistics reporting.

Say it with me….

28 days until the Domino 10 release.

Ideas, Demos & Your Last Day To Sign Up for Beta 2

So much interesting activity going on around the IBM/HCL products so in case you missed them I thought I could summarise for you.  All are worthy of your time if you care about the future of Domino, Traveler, Verse or Sametime

BETA

Firstly – no time to lose – the registration for Beta 2 of Domino , Notes and Traveler closes TODAY at 12pm EST/5pm GMT.  If you want access to that Beta due this month hopefully then go and sign up here now https://www.ibm.com/blogs/collaboration-solutions/2018/06/11/announcing-ibm-domino-v10-portfolio-beta-program-sign-today/.  Don’t leave it then be disappointed when you don’t get access.

IDEAS

If you have ideas for what you want in Domino, Notes, Traveler, Sametime or anything else – there is a new site (requiring no login) where you can add your ideas and vote on other people’s.  It’s been running for a few weeks and there are some great ideas there already to vote for so it’s a good place to browse during your next coffee break.  Remember the rule – if you don’t ask you don’t get https://domino.ideas.aha.io/ideas

DEMOS

HCL are publishing a series of videos showing how features that are in v10 will behave.  Here are three interesting features announced so far.

Folder Sync v10 #DOMINO10 #DOMINO2025

Next up in “cool admin things coming your way in v10” – folder syncing.  By selecting a folder on a cluster instance you can tell the server to keep that folder in sync across the entire cluster.   The folder can contain database files (NSFs and NTFs) but also NLOs.

Well that’s just dumb Gab.. NLOs are encrypted by the server ID so they can’t be synced across clustermates but a-ha! HCL are way ahead of you.  The NLO sync involves the source server decrypting the NLO before syncing it to the destination where it re-encrypts it before saving.

So no more making sure databases are replicated to every instance in a cluster.  No more creating mass replicas when adding a new server to the cluster or building a new server and no more worrying about missing NLOs if you copy over a DAOS enabled database and not its associated NLO files.

Genius.