From 7dc799847524bd5352721839b9470369f276fecd Mon Sep 17 00:00:00 2001 From: Conan Scott Date: Tue, 24 Mar 2026 09:57:58 +0000 Subject: [PATCH] Add chapters for session 1038879037 (Haiku) --- chapters/1038879037.json | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) create mode 100644 chapters/1038879037.json diff --git a/chapters/1038879037.json b/chapters/1038879037.json new file mode 100644 index 0000000..709b822 --- /dev/null +++ b/chapters/1038879037.json @@ -0,0 +1,19 @@ +[ + {"timestamp": "0:03", "title": "User group rules of engagement", "summary": "Q&A session format. Raise hand for new questions. Can unmute to add clarifications or environmental context. Chat and voice both monitored. Session is being recorded and available afterwards."}, + {"timestamp": "1:51", "title": "MariaDB to PostgreSQL migration", "summary": "Starting September 2024 release, MariaDB is replaced with PostgreSQL across all deployments. Database remains embedded; schema may change at any time so avoid direct database manipulation. HEIDI SQL can connect to verify database contents for diagnostic purposes only."}, + {"timestamp": "5:28", "title": "EBIX protocol support", "summary": "SecureTransport does not natively support EBIX protocol as server or client. For EBIX client connections, use separate product: Financial Secure Client (formerly eBix Client). No native implementation planned. For server role, not possible at all. Post feature request to ideas portal if needed for specific use cases."}, + {"timestamp": "8:18", "title": "Test connection feature for protocols", "summary": "Test connection/disconnection utility only available for SFTP protocol currently. Not available for S3, SMB, or other cloud protocols due to technological gaps in underlying SDK implementations. These are pluggable transfer sites; implementing feature requires SDK changes first. Community vote on feature requests helps prioritize development."}, + {"timestamp": "11:49", "title": "File transfer licensing definitions", "summary": "File transfer counted when file leaves SecureTransport via any transfer site. Delivery to user account folder does not count—transfer counted at outbound only. Multiple downloads of same file each count as separate transfers. Resubmitted files count as new transfers. Failed transfers do not count; only successful outbound transfers."}, + {"timestamp": "15:34", "title": "Tracking file transfers with License Report", "summary": "Setup > Server License provides automated file transfer count generator with configurable time ranges (e.g., last 30 days). For license counting: run report with all protocols selected, then remove 'Advanced Routing' category (published-to-account transfers). Filter to: outbound, files only, successful only."}, + {"timestamp": "20:23", "title": "Correlating inbound and outbound transfers", "summary": "Core ID links inbound to outbound transfers in tracking table, but not straightforward for all scenarios. Multiple Core IDs may exist (e.g., unzip operations split files). Publish-to-account requires second transaction with different ID. Sentinel provides additional correlation IDs. Recommend: run a sample transfer, open tracking table entry, examine all available IDs to determine which works for correlation."}, + {"timestamp": "22:01", "title": "File tracking limitations with STFS", "summary": "SecureTransport does not track files in database after delivery. If STFS folder is deleted, file origin information is lost. On download, system checks locally but does not query database for file provenance. File tracking correlation requires careful monitoring and should not rely on automatic database reconciliation after folder modifications."}, + {"timestamp": "23:32", "title": "Edge database configuration for CPU operations", "summary": "In CPU cluster implementations, convert edges from auto-sync to independent database mode. Disable replication in edge database configuration, point each edge to its own local database, remove cluster node references. Only needed during failover; replication can remain disabled after upgrade or be reconnected later without functional impact."}, + {"timestamp": "25:42", "title": "Edge database clustering UI configuration", "summary": "Edge cluster setup in database configuration page requires: disable replication, set local database connections (not primary node), remove access policies limiting visibility, dismantle cluster references. Behavior mirrors old server-file approach but now done via UI. Support has documented procedure; open case if needed."}, + {"timestamp": "30:45", "title": "Syslog forwarding and Log4j flat file output", "summary": "SecureTransport does not use syslog; uses Log4j for server logs. Admin guide section 'Redirect Log4j output from database' explains configuration. Server logs can be written to flat files and database simultaneously via Log4j appenders. Do not use shared storage for flat files—use local disk only. Audit log and file tracking cannot be redirected."}, + {"timestamp": "32:41", "title": "Server logs and database fallback files", "summary": "All ST application logs written to 'server log' in database. Flat file equivalents stored in $ST_HOME/var/logs. Database fallback file captures buffered logs when database is busy or unavailable; always kept locally. Do not remove flat files; system continuously writes to them."}, + {"timestamp": "34:53", "title": "Documentation feedback and support process", "summary": "Documentation feedback button in live docs goes directly to documentation team (not for support requests). Open support ticket for help; post in community for peer assistance. Provide specific context: which doc section, steps already tried, exact failure point."}, + {"timestamp": "41:05", "title": "User account lifecycle management approaches", "summary": "Multiple patterns supported: local accounts (manual lifecycle), SSO/LDAP/SAML/OAuth (lifecycle managed externally), or account templates (no local account needed, auto-deny when SSO disabled). Account maintenance application auto-disables or deletes inactive accounts. APIs available for custom lifecycle automation."}, + {"timestamp": "42:33", "title": "Account maintenance and inactive user cleanup", "summary": "Account maintenance application monitors last login date and can auto-delete or disable accounts after N days inactivity. Activity measured by login attempts only. For SSO-authenticated accounts: after external auth stops, account is inaccessible but must be manually cleaned or auto-deleted via maintenance rules."}, + {"timestamp": "49:07", "title": "Account and transfer site architecture", "summary": "ST accounts needed for all inbound protocol access (HTTP, SFTP, SSH, AS2, FTP, etc.). Transfer sites configured within accounts for outbound connections. Template mapping allows SSO users without local accounts. Admin accounts separate from user accounts; same user credentials work across all enabled protocols unless restricted by login policy."}, + {"timestamp": "50:48", "title": "Protocol access and login policies", "summary": "Single account credentials work across all enabled protocols unless login policy restricts. Can enforce protocol-specific auth (e.g., SSH requires key, not password). Edge servers do not carry accounts; they stream authentication to central server. Public HTTP and private SFTP access use same account unless login policy differentiates."} +]