- 10 Jan 2024
- 7 Minutes to read
- Print
- DarkLight
- PDF
Version 2023.4
- Updated on 10 Jan 2024
- 7 Minutes to read
- Print
- DarkLight
- PDF
Overview
These release notes are for Nectar Foundation APM. For more information, contact Nectar Support (support@nectarcorp.com).
IMPORTANT
Starting with release 2023.1, Nectar Foundation APM only supports the following Linux distributions: CentOS Stream 8/9 and RHEL 8/9.
Starting with release 2023.4, Nectar Foundation APM is based on OpenJDK 17 and cannot be installed on CentOS 7 and RHEL 7 and earlier.
Starting with release 2023.4, Nectar Perspective is no longer supported. If you presently use this feature, do not upgrade your installation.
Do not upgrade existing RIGs that are monitoring Cisco UCM until a patch for CMP-10928 is released (see Known Issues section for additional information).
Foundation APM
WARNING
The Derby database version was upgraded in r8.3. This makes downgrading impossible. Customers MUST back up the database directory BEFORE upgrading to r8.3 or higher.
It is not possible to use the Remote Software Upgrade on a Linux platform to upgrade from a version prior to r8.6.
Note: Runtime version will be enforced before RIG Client JAR files are downloaded.The beta version of the RIG Client (release 2023.4) requires OpenWebStart v1.8.0 or above, and OpenJDK JRE 17.
Before upgrading to r2023.4, your existing installation must be at r5.6.2.x or later, licensed, and started successfully. If you attempt to upgrade directly to r2023.4, then the installer will display the following message:
Selected installation’s main version is earlier than r5.6.2 required for upgrade.
For the server to start successfully, the port number specified for the serverport property of the server. properties file must not be in use. If the port is already in use, change the port number to an unused port number to correct the issue. The default port number is 80.
Technical Notes
NOTE
Apache Log4j Critical Vulnerabilities (CVE-2021-44228, CVE-2021-45046, CVE-2021-45105, CVE-2021-44832). Foundation APM uses Log4J versions 2.17.1 and 2.12.4 for all components in r2021.3 or higher that contain fixes for all known security vulnerabilities.
JREs used by existing RIGs will be updated as part of the upgrade process. If modifications have been made to the java.security config file, those changes will need to be manually transferred to the updated JRE. TLSv1 and TLSv1.1 are disabled by default by the JRE configuration. To learn how to enable this, go to the Nectar Foundation APM Installation Guide, or to review the instructions go to: https://www.java.com/en/configure_crypto.html.
Upgrade Requirements
It is not possible to downgrade the RIG that has been upgraded to r2023.4 by using an installer.
The database migrations started with r2021.1 and will make it difficult to downgrade to Foundation APM r8.7.1 and below.
We strongly advise customers to back up the RIG database before upgrading to r2023.4 and later.
Cisco UCM VKM
When upgrading RIGs from a release prior to release 8.0 that are monitoring Cisco UCM systems, additional time will be required based on the number of historical call detail records (CDRs) to perform database migration following restart.
If the Cisco UCM VKM module is enabled on a system when upgrading to r2023.4 from a pre-7.x release, the Installer will detect it and display a warning message, informing the user to offboard any existing Cisco UCM systems before proceeding with the upgrade. For more information on offboarding, see Cisco UCM VKM Configuration Guide.
Once the Cisco UCM system(s) has been offboarded, the user can re-run the upgrade process and select the Module Override to complete the upgrade.
Cisco Meeting Server VKM
For licensing, a status is received for each type of license (no-license, activated, or expired). If a no-license case, a WARNING event is generated. However, if the customer does not want to see these no-license events, they can disable the associated poller(s).
Cisco Expressway VKM
When onboarding Cisco Expressway VKM, use the same username and password across all cluster peers.
Microsoft Skype for Business VKM
Customers who upgrade to r2023.4 have the option to continue using the Legacy SfB module. However, to access the new SfB features available since release 8.0, you must:
Offboard the Legacy SfB system.
Enable and onboard the new SfB VKM and system.
Avaya Call Management System (CMS) VKM
As of r8.1, Nectar no longer supports Avaya CMS r16 (and earlier). CMS r16 uses the 256-bit Diffie-Helman encryption algorithm, which is considered a security risk and has been deprecated. It is no longer supported in current SSH-2 implementations.
If you accept this CMS security vulnerability, you can maintain CMS r16 monitoring with Nectar using a Nectar version prior to v8.1.
Avaya System Manager VKM
If you onboard Avaya System Manager with invalid credentials, you must delete the incorrect entry and re-onboard the System Manager. For more information, see Avaya System Manager r7.1 and above.
IMPORTANT
Starting with Nectar r2022.2, Avaya System Manager 6.x is no longer supported. Nectar uses the Avaya WSDL for collections on this platform. System Manager has to be 7.x and above. Session Manager collections are through the System Manager. SNMP V2/V3 is used for platform environments.
IP Office VKM (r10.1 and above)
Nectar leverages Avaya’s Service Monitoring Web Services API to monitor IP Office r10.1 and above. If you are currently monitoring an IPO r10.1 or above with Nectar r7.3 and prior, you can migrate to Nectar’s new API support by following these steps:
Disable and remove the existing monitoring.
Delete any IP Office traps in the Receiver module.
Disable the previous module and enable the new module using RIG > Module Configuration.
Restart the RIG.
For more information, see Avaya IP Office r10.1 and above Deployment Guide.
Properties File
After upgrading to r2023.4, if you have or plan to manipulate a properties file that uses a file path or directory, then you must verify that you are using the proper backslash (\) or forward slash (/):
Windows:
Use double backslash (\\), for example, <drive>:\\<folder>\\<folder|file>
orUse single forward slash (/), for example, <drive>:/<folder>/<folder|file>
Linux/iOS:
Use single forward slash (/), for example, /<folder>/<folder|file>
General Data Protection Regulation (GDPR)
You must upgrade to ‘Version 7.2 or later’ (CIP, EIP, RIG, Perspective Agent/Controller as well as the Nectar Foundation Client) to enable the new General Data Protection Regulation (GDPR) audit logging. Logging is enabled by default but can be customized to suit your specific auditing needs. The Apps\<partner name>\etc\log4j2.xml file is used to enable that customization after the upgrade to ‘Version 7.2 or later’.
The upgrade to ‘Version 7.2 or later’ will back up your existing log4j2.xml file before installing the new version of that file.
If you have previously customized the log4j2.xml file, you will have to manually migrate those changes to the new log4j2.xml file. Your previous version can be accessed by navigating to Apps\<partner name>\rollback\etc\log4j2.xml AFTER you have upgraded.
New Features, Improvements, and Bug Fixes
New Features
CMP-10764: RIG Server is now compatible with OpenJDK 17. An OpenJDK 17 runtime build by Red Hat is now installed by default on Windows. An OpenJDK 17 runtime provided by the package manager is installed by default on Linux. The existing RIG installations will be upgraded by RIG Installer r2023.4 and above to use OpenJDK 17.
CMP-10967: A RIG Client that is loaded from the RIG by default is now r2023.3 (requires Oracle or OpenJDK JRE 1.8.x or 1.9.x). A beta version of the RIG Client (requires OpenWebStart and OpenJDK 17) has now been added. The beta version of the RIG Client can be launched by following the instructions in the OpenJDK RIG Deployment Guide.
CMP-10903: A new Cisco UCM Syslog pattern UC_CERT-3-CertExpired has now been added to the module.
Improvements
CMP-10783: Some Cisco Syslog events now use both deviceName and subDeviceName as constraints for their acknowledgements.
CMP-10872: The default heap memory for RIG installations is now set to 4GB. This can be modified in the rigWrapper.properties file.
CMP-10875: Avaya Aura Communication Manager module can now be onboarded by specifying either FQDN or IP address of the Main processor.
CMP-10876: Avaya System Manager module can now be onboarded by specifying either FQDN or IP address of the System Manager.
CMP-10901: Increased column width in Syslog Receiver tables to accommodate standard FQDN and directory name length.
CMP-10911: The SIP Entity Link Pollers have been removed from the Avaya Session Manager module; corresponding Agent(s) are available for other poller types.
CMP-10912: The Nectar DXP RIG agent installed by the RIG Installer during new installations and upgrades is now version 1.13.3.
CMP-10921: The RIG Installer will display a version override when upgrading a RIG from r2023.3 or earlier. The message will inform users that it is not possible to downgrade the RIG by using an installer following the upgrade.
Bug Fixes
CMP-10883: Fixed validation of Receiver configuration for Real Time QoS feature.
CMP-10888: Fixed validation of IP Address during onboarding for Avaya System Manager module.
CMP-10892: Fixed the issue with the ESS Control Poller missing from the Dependency Tree.
CMP-10899: Fixed the issue with Perfmon Pollers failing to function on select RIGs.
CMP-10929: Fixed the issue with the Cisco Service status not updating when down in some cases.
CMP-10930: Fixed the issue with the Avaya Media Gateway DSP Ping Pollers failing.
CMP-10951: Fixed the issue with false SMS API Connection Failed alerts for Avaya Aura CM.
CMP-10966: Fixed the issue with SNMP Collection Failed Event not adhering to Event Delay.
Known Issues
CMP-10928: Cisco UCM Services collection is unable to update existing service entries in the database. It continues to add new rows for each service instead of updating them each time this collection is executed. To allow the corresponding Inventory screen to load correctly, it is necessary to clear the CUCM_SERVICES table using the Maritime Terminal command. Consider changing the CRON string for the collection to execute it once a day (0 0 0 ? * *) until the permanent fix for this issue is released.
CMP-10969: Beta RIG Client (OpenJDK 17) - The calendar widget prevents the affected features of RIG Client from loading. This affects Events and Call Details features among others.
CMP-10970: Beta RIG Client (OpenJDK 17) - Maps feature cannot be configured because of an issue in legacy code.
Documentation
The documents below were updated as per the release of 2023.4.