TrueSight Server Automation 21.02
TrueSight Server Automation 21.02
TrueSight Server Automation, one of BMC's digital enterprise automation solutions, allows you to quickly and securely provision, configure, patch, and maintain physical, virtual, and cloud servers.
This section provides information about what is new or changed in TrueSight Server Automation, including urgent issues, documentation updates, feature packs, and fix packs.
Date | Title | Summary |
---|---|---|
June 14, 2021 | Alerts users of TrueSight Server Automation 21.02.x to a critical issue that occurs with the blicli Delete cleanupObsoleteFilesFromFileServer command. | |
December 19, 2021 | Mitigation for the Apache Log4j vulnerabilities CVE-2021-44228 and CVE-2021-45046 | |
June 16, 2021 | Alerts users of TrueSight Server Automation 21.02.01 to a critical issue that occurs with the JobRunEvent data during database cleanup on Microsoft SQL Server databases. | |
May 27, 2021 | Enhancements and updates available in this release | |
May 01, 2021 | Alerts the users of TrueSight Server Automation that they must perform certain actions when upgrading to version 21.02. | |
March 12, 2021 | Lists the enhancements added in TrueSight Server Automation version 21.02. |
Related topics
TrueSight Server Automation 21.02 offers the following key features and enhancements:
Smart Agent enhancements
The Smart Agent feature of the RSCD Agent now supports the following capabilities:
- Auto update of server properties - Monitors the server properties and shares the updated property values with the Application Server. For details, see Auto-update-of-server-properties.
- Auto configuration - Monitors and updates the agent configurations on target servers using Agent Configuration Policies. For details, see Agent-Configuration-Policies.
Patching enhancements
This release offers the following patching enhancements:
- Downloading and applying patches on Oracle Linux Unbreakable Linux Network (ULN) systems is now supported. For more information, see Getting-started-with-Oracle-Linux-ULN-patch-analysis.
- The partner.manifest file now includes the dynamic URLs used by Ivanti technologies to download patches on Windows systems. For details, see Global-Configuration-parameter-list.
- Retrieval and configuration of the custom XML file for AIX is now consistent with the other supported platforms. For details, see Global-Configuration-parameter-list.
- The Warning Targets node is added to the Patch analysis results view. For details, see Viewing-Patching-Job-results.
- The REST API support is now available for patching jobs on CentOS and OL ULN systems. For details, see REST-API-endpoints.
Compliance content enhancements
This release includes the following compliance content enhancements:
- A new DISA STIG for RHEL 8 compliance content template is added. For information about downloading and updating the template, see DISA-Red-Hat-Enterprise-Linux-8.
- Updates to the following templates:
- CIS for Oracle Linux 7 is updated to version 3.0.0. For details, see CIS-Oracle-Linux-7.
- CIS for RHEL 7 is updated to version 3.0.1. For details, see CIS-Red-Hat-Enterprise-Linux-7.
- CIS for Windows 2016 is updated to version 1.2.0. For details, see CIS-Windows-Server-2016.
REST API enhancements
This release offers new REST APIs for:
- Compliance and batch jobs
- Execution tasks
- Displaying database statistics and configuration details on the Operations dashboard
- Connecting TrueSight Automation Console to TrueSight Server Automation
For details, see REST-API-endpoints.
Deploy job enhancements
For advanced deploy jobs, you can now define a timeout for the staging phase of a job before the job is canceled. For more information, see Defining-timeouts-for-jobs.
Operations dashboard enhancements
You can now view the database cleanup statistics and related configuration details on the Operations dashboard. For more information, see Operations-dashboard.
Database enhancements
This release includes the following database enhancements:
- You can now schedule weekly cleanup jobs to remove additional data that is not cleaned up by daily cleanup jobs. For details, see Scheduling-the-automatic-data-cleanup.
- TrueSight Server Automation now supports table partitioning on SQL Server 2014, Enterprise Edition or later versions. For details, see Table-partitioning.
BLCLI enhancements
This release includes new BLCLI commands to create and update web repositories and update enumeration values of the ProperyClass name space. For more information, see BLCLI-commands-added-updated-or-removed-in-recent-versions.
Security enhancement
For authentication between RSCD Agents and clients such as Application Server, NSH, or repeater, the following hash algorithms are now supported in addition to SHA1: SHA224, SHA256, SHA384, and SHA512
For information about using these algorithms, see these topics:
- Provisioning-agents-and-repeaters-with-a-fingerprint-of-the-Application-Server-self-signed-certificate-Windows
- Provisioning-agents-and-repeaters-with-a-fingerprint-of-the-Application-Server-self-signed-certificate-UNIX
- Provisioning-agents-with-a-fingerprint-of-the-repeater-s-self-signed-certificate
Updates in the TLS parameters
After you upgrade to version 21.02, the values of the EnabledRSCDProtocols and EnabledTlsContextProtocol properties need to be updated to avoid communication failures between the TrueSight Server Automation components, as follows:
- After you upgrade TrueSight Server Automation from a version earlier than 8.9.02, update the appserver-options.properties file to change the TLS protocol setting for the EnabledRSCDProtocols property to TLSv1,TLSv1.2 and restart the Application Server.
- After you upgrade to version 21.02, the value of the EnabledTlsContextProtocol property is set to TLS, which means both TLSv1 and TLSv1.2 are supported. However, if none of the agents are using TLSv1, we recommend you to change the property value to TLSv1.2 from TLS.If TLSv1.2 is not supported in your environment, set property value to TLSv1. To avoid any communication failure, update the java.security file.
Make sure that these TLS properties are updated for all the deployment types. For more information about these properties and how to configure them, see Configuring-the-TLS-protocol.
Updates in the access permissions on objects and folders
In previous releases, a folder or an object could be accessed even if its parent folders or objects did not have access permissions. Starting from this release, to make the RBAC mechanism more robust, a folder or an object can be accessed only if its parent folders or objects have access permissions up to the top of the hierarchy.
After you upgrade to version 21.02, if you encounter any permissions-related issues, update permissions on the parent folders or objects to access their child folders or objects.