batch transcripts

out/1008939378/transcript.txt

@@ -0,0 +1,936 @@
+# Transcript: 1008939378
+# URL: https://vimeo.com/1008939378
+# Duration: 8184s (136.4 min)
+
+[0:07] Well, good morning, everybody, and thank you so much for joining
+[0:11] this morning's Ask Annie session on ST best practices.
+[0:15] Just want to
+[0:18] say a few things before we jump in and before I introduce Annie.
+[0:23] So
+[0:24] as you all know, most of you have attended these many times. This webinar is being recorded, and
+[0:31] I will send out the recording link and the presentation
+[0:34] after the call is completed and and I gather all the information.
+[0:39] Of course, throughout the presentation,
+[0:42] feel free to
+[0:44] put a question, comment in the chat or raise your hand and
+[0:49] raise your question.
+[0:50] Annie is more than happy to answer whatever you need.
+[0:56] One quick thing I wanted to mention is that we have announced our Axe Way Summit for 2025.
+[1:01] Very excited about that. It's gonna be in Austin, Texas this time,
+[1:05] and it's a little earlier this year, so March
+[1:08] 2526.
+[1:10] And so registration for that will begin next week. So please be on the lookout for that invitation,
+[1:17] but at least you can kind of mark your calendars and and be prepared for that. We're very excited as you hopefully have all attended our summits in the past. This is just the North America one. We'll have the ones in Europe announced soon too as well.
+[1:31] But for those of you that have not been fortunate to attend the summits,
+[1:35] great, great session for you to interact with your peers
+[1:39] and,
+[1:40] Axway team,
+[1:42] our solution expo center staff, and and, just two
+[1:46] full days of just great interaction and informative sessions and,
+[1:51] our our executive team in in in attendance. So, anyway, we'd love for you to attend. So please
+[1:58] be on the lookout for that registration.
+[2:02] And if you have any questions on that, feel free to email me,
+[2:05] and I'll be glad to get whatever you need.
+[2:09] Another quick thing I just wanna mention too is that we
+[2:14] have a lot of these customer hosted user group sessions, the in person ones. And
+[2:20] here are just a sample of some of the some of our customers that have have hosted in the past. So we would love to come to you.
+[2:28] And this is an opportunity for you don't get you don't have to travel. You can just have us come to you. We do everything. You just provide the meeting room, and we take it from there. We come in. We'll bring a we'll cater in a light breakfast and a lunch.
+[2:42] And
+[2:42] Annie and our team will be there to present to your team and other customers that
+[2:49] can attend as well
+[2:51] provided, know, you're okay with that. So if you have any questions on that and would like more information or
+[2:59] can pass it along to somebody that might make that decision if it's not yourself,
+[3:03] feel free to email me and let me know because we would love to do that. And it's really a a fun way to interact and get that in person
+[3:12] interaction. So
+[3:15] without oh, and then lastly,
+[3:18] as a reminder, and this will be in the presentation as well, our online collaboration tools are there for you.
+[3:25] So you'll
+[3:26] be able to click on any one of the links to get information on our user groups, our roadmap,
+[3:32] Q and A forms, all of that wonderful information is all right there at your fingertips. So that will be in the presentation I send out.
+[3:39] So if you have any questions, you know, obviously, you can refer back to those.
+[3:44] So without further ado,
+[3:47] here's Annie.
+[3:50] Good morning. Good afternoon,
+[3:52] everyone.
+[3:54] A couple of housekeeping items before we kick it off.
+[3:59] As usual, any question is welcome as long as it's secure transport or something around it.
+[4:05] If you have a note, you want to share your experience, you have follow-up question on someone else's question,
+[4:12] don't just wait in line. Just unmute or chat
+[4:16] so that we can keep the discussion flowing a little bit. Of course, we can return to the question later again,
+[4:22] but don't hesitate
+[4:23] to just unmute yourself and chime in while someone has a question when we're on discussion if you have something on the same topic. If it's a different topic,
+[4:33] then we'll get to it in a little bit.
+[4:35] So the idea of this meeting is to be collaborative.
+[4:39] I can't pronounce that one yet this morning.
+[4:43] So the more I listen hear from you, the better for me, and I really appreciate when people chime in to share their own experience with the topics we're talking about.
+[4:52] With that being said,
+[4:55] if you feel better, more comfortable typing instead of talking, feel free to do that. I'm monitoring the chat. I have a live server as usual. This time, updated to the August release.
+[5:07] And
+[5:09] that's about it on the introduction part, I think.
+[5:13] For the ones that have never been here, I didn't see any names. I don't know. But if there are anyone new, I'm Annie Yotua. I work out from the product team these days,
+[5:22] and I've been an MFT architect for a while. I've been working with ST for nineteen years now.
+[5:29] So I've been allowed.
+[5:31] And with that, who wants to kick it off today?
+[5:39] And that will be probably the most silent part of the conversation until someone decides they have a question
+[5:45] and is not too shy to ask.
+[5:57] Morning, Annie. This is Edie with the Franchise Tax Board. Hey.
+[6:01] I'll kick us off.
+[6:03] So we use
+[6:05] it's a question about
+[6:06] advanced route and
+[6:09] email notifications
+[6:11] Okay. Advanced route. And
+[6:14] then we configure the user bar
+[6:17] for
+[6:18] for this
+[6:20] on the on the settings page.
+[6:23] Now I know I think, like, last year,
+[6:27] the user bar attributes
+[6:29] showed up in the
+[6:33] transfer sites.
+[6:35] Yep. And so I I I just
+[6:39] tested it a couple times, wasn't able to achieve it. But I'm wondering
+[6:44] if we use the user bar
+[6:48] in the transfer site,
+[6:50] will will a notification
+[6:52] be a delivery notification be sent
+[6:56] just for that transfer site?
+[6:59] Does that make sense?
+[7:01] Yeah. It does. And the answer is it will depend on how you write your expressions. So let me just jump on the server very quickly
+[7:10] so you can see what I'm talking about.
+[7:12] K. Hold
+[7:15] on. Too many screens open.
+[7:17] Let me let me know when you see my screen.
+[7:21] I can see it. Okay.
+[7:24] So
+[7:25] when you send the notification,
+[7:27] you are usually saying it, I'll just open a random route,
+[7:31] either on the route or on the template. Oh, sorry. Either on the route or on the package. Right? That's correct. So so are those yours on the route or on the package?
+[7:45] So
+[7:47] what we're what we currently our standard is on the settings page
+[7:51] and then
+[7:54] and then we put it here in the route.
+[7:57] In the route itself. Okay. Let me go into the route. Yeah. Here in the route. Yes.
+[8:02] So Yes. Here so here is what will happen.
+[8:06] If this route executes
+[8:08] or,
+[8:09] you know, either failure, success, or triggering, whatever you had set up,
+[8:14] if you had checked in
+[8:17] and there is a valid mail here, valid email address of some type, either as a variable or hard coded, it will send the mail.
+[8:27] So it doesn't care so if you are using the flow parameter inside inside of a transfer side, it is after it called inside of the step.
+[8:36] We don't know that at this point. So by the time we get into notifications,
+[8:41] at this point, all we care about is this
+[8:44] did the condition for this route run?
+[8:46] Mhmm.
+[8:47] Or is it triggering? Or so is it triggering at the beginning of the route, success failure at the end of the route? But it always tied to the condition.
+[8:55] So if it's always, then the triggering mail will always go as long as the mail is valid.
+[9:00] If it's expression, it will evaluate. But the point is if you get into that route for execution,
+[9:06] regardless if any steps
+[9:09] get run,
+[9:10] you'll still have the triggering one because the route triggered even if not it happened. Right? Right. The success failure will be depending on what happens inside of the route.
+[9:21] But
+[9:22] unless you use the same flow parameter here and it's empty and then there is nowhere to send, so you'll see an error and no mail
+[9:30] Mhmm. Then that's the only case when it won't send based on the variable.
+[9:37] Okay.
+[9:38] If I understood the question and what you're explaining because I I think I know what you're saying, but we cannot type to the type to the sites because the modifications are on the route level one step behind.
+[9:52] Okay. So what I'm hearing so
+[9:55] my use case is
+[9:58] I'm wanting I'm wanting the route to send a
+[10:04] successful notification
+[10:06] based on the the
+[10:10] email address
+[10:11] and the user bar that is in the transfer site that is initiate
+[10:17] that Yeah.
+[10:19] That will not work. Okay. Probably.
+[10:22] And the reason is because
+[10:24] during at this point, at the end, you could have had multiple center partners. So which site is that?
+[10:31] And you can have a site coming from the pool as well. Now I understand the question. You see, you're in the wrong place for that one. Yeah. Okay. Because the site itself is only relevant for the center partner step. And what happens if you have three of them?
+[10:48] Right? Mhmm.
+[10:50] Well, yeah, that's kinda why that's kinda why I was trying to place
+[10:54] the user bar in the app the the email address in the specific
+[11:00] transfer site.
+[11:01] So only the only files that
+[11:04] are delivered using that one transfer site gets the notification.
+[11:09] But if that's not Yeah. Understood. Okay. So in this case, the only thing you can do is to create separate route for each of the sites.
+[11:18] Mhmm. So that and and, you know, now with the new ST that doesn't create a sandbox so if it is just a send to partner and you don't have a transformation before that, this is now not such a problem
+[11:31] because remember, we don't create the sandbox anymore for everything. If you don't have a transformation, if you just have send to partner, there will be no sandbox for this file. So the old performance problem with multiple routes was a problem
+[11:43] is not a problem anymore.
+[11:46] Okay.
+[11:48] As long as you are
+[11:49] it was updated more than a year ago, so I think you're already on the new new ish.
+[11:55] Okay.
+[11:56] But because back in the days, I would never advise you to create multiple routes for each of them because multiple sandboxes.
+[12:03] We talked about that multiple times. Right? But now between the fact that now the steps and
+[12:10] the condition the steps themselves can also be conditional and
+[12:14] the routes are conditional, and now we don't create the sandboxes when they are not needed,
+[12:20] that might be a viable option if all you are doing is sent to partner.
+[12:24] But on the other hand, I can understand that if you have a lot of conditions and I know your setup,
+[12:28] that might not be feasible. At which point,
+[12:33] I would say that your best choice might actually be to go for Sentinel.
+[12:38] And I don't know if you have Sentinel because
+[12:41] unlike the routes, at which point we don't know who is sending, when we send the outbound event to Sentinel, we are inside of the outbound itself. So the transfer site variables actually can be sent to Sentinel
+[12:54] if you set it up.
+[12:57] Okay. So on Sentinel,
+[12:59] let me get I know you don't have it. We're in the process of it. So Hey. Very soon. Yeah. Over
+[13:05] here at the bottom, there is a mapping mapping rule. Rule. And here, you can add the trans the the track the transfer site variable
+[13:13] and send it to a field. You need to find the empty field in Sentinel and so on. If you cannot get that, that get get support or community to help. But the point is that what will happen is that the column will be filled with the email when it exists,
+[13:27] and, otherwise, it will be empty. And you can have a correlation rule on the Sentinel server
+[13:32] that will be sending the mail for this specific file
+[13:36] only if the mail is there for it. So that will achieve exactly what you want and pull it out from SDN. You don't need to redo your routes
+[13:45] because of the conditions you have.
+[13:47] Okay.
+[13:48] Okay. Thank you. We'll explore that when when you can get stood up. Yeah. And and that's one of the things that when people start talking mail notifications,
+[13:56] always get to that because people forget that, especially if you already have said, you know, in the house, and I know not everyone does. But if you have it, it's actually that's a perfect usage for it.
+[14:08] You don't need to cram anything everything into SD. Yes. SD can do some of the heavy lifting, but if your processing will get overly complicated just for mail notifications,
+[14:18] you know what? Find a different way.
+[14:21] Right? So Right. So for your use case where you have a conditional
+[14:26] step yes. And I know that you're routing based on names. Right? You're still doing that.
+[14:32] Routing
+[14:34] Files based on file names.
+[14:37] Not not in every case. Okay.
+[14:40] So
+[14:41] So so so take this in that that in a way that in some cases, might be able to redo the route a little bit, you know, those separate routes. But if you need to create three, five, seven, ten routes, it doesn't make sense. So explore the other option.
+[14:56] Right.
+[14:57] Okay. Okay. Thank you.
+[15:00] Absolutely.
+[15:01] An another
+[15:03] so and I was thinking now if there is another way to do it, but the problem still remains that we cannot get to the site from anywhere else. Because you can do a set flow parameter, but we have no way to reach out for the site because we don't know who the site is yet at this point.
+[15:19] So
+[15:21] okay.
+[15:23] Okay.
+[15:25] Who is next?
+[15:30] Well, I can I I can go next?
+[15:33] Sure. I'm Venila. I'm I'm
+[15:37] using Axway gateway at the moment, and we are in the process of migrating gateway to secure transport. So we are not active users of secure transport yet. But we yeah. I'm having couple of questions
+[15:49] regarding like,
+[15:53] we are going to use transition portal to do the migration from gateway to
+[16:00] secure transport,
+[16:02] but we want to have all the configuration
+[16:06] models
+[16:06] and decision rules on the
+[16:10] flow manager instead of secure transport.
+[16:13] So I just I
+[16:16] just want to understand
+[16:18] if that's possible or if there is
+[16:21] any
+[16:22] other way to do that.
+[16:25] Yeah. Yeah. Yeah. Yeah. That's a very loaded question. First of all, welcome to SecureTransport.
+[16:30] We're fun people.
+[16:32] Thank you. So
+[16:35] here is a couple of things I need to mention here.
+[16:39] So Flow Manager,
+[16:42] if you want all the possible combinations in Flow Manager, that is kinda sort of possible
+[16:48] Uh-huh. Because
+[16:50] it is a little restrictive on what it can do with ST.
+[16:54] So
+[16:55] talk to the,
+[16:57] PSO team you're working with. They should be able to provide you a list of what is available.
+[17:02] On the secure transport server itself, it's a little bit a different story. So ST is more of a tool than a server. That's how I try try to explain to people. There is so many combinations
+[17:13] of possibilities
+[17:14] of what can be done that there is absolutely no way someone to provide you all possible patterns.
+[17:21] Mhmm.
+[17:22] So in something as simple as PGP decryption only, I probably can do 300 ways to do it,
+[17:29] you know, with different options.
+[17:31] So it's it's broad,
+[17:34] and it has a lot of ways to configure things so that they are usable for the user. So it's more like a toolkit
+[17:42] that you just assemble together.
+[17:45] And some of the easy cases, obviously, are pretty straightforward to set, but there is so many check boxes all over the place that the more steps you need into a process,
+[17:55] the more it branches.
+[17:59] So for example, there are no, models or decision rules,
+[18:03] defined in SecureTransport. We cannot define those in SecureTransport.
+[18:06] Am I right?
+[18:08] You can
+[18:09] on individual
+[18:11] route base. So when you're building a route for what to happen with a specific file, specific group of files, and so on, you build the decision tree for that specific model.
+[18:22] But you can build
+[18:23] a enormous
+[18:25] number of models.
+[18:26] So we don't restrict you what you can build. Flow manager restricts a little bit because it's a separate UI, a separate API that uses the APIs of ST. It actually restricts
+[18:37] some of the possibilities,
+[18:39] so the precision trees there are smaller.
+[18:42] But the the whole so so the two things important for ST because you're a new user. One of them is that we are not a listening service. Instead, we're event based,
+[18:53] which means that when the file arrives,
+[18:55] we're not just leaving it somewhere and us listening if there is a file, but our protocols communicate to our transaction manager, which is the business server, basically, and tell it, here is the file for you. Go do something with it. At which point, the transaction manager go against the configuration,
+[19:14] finds, oh, this is in this folder from this account.
+[19:18] This means that this is the rule set to follow. It's called the subscription.
+[19:22] Inside of the subscription is the route. And the route is actually the business rule, like, which says, for this file,
+[19:29] if it is a ZIP file, unzip it and then send it to someone.
+[19:33] Or for this file, always send it to someone. Or it can be overly complicated with a lot of ifs and, you know, like a flow chart.
+[19:42] Okay. So we can still define a route here
+[19:45] as in Yes. A gateway. We call it decision
+[19:48] model.
+[19:49] This
+[19:50] Yes. Like that.
+[19:51] And
+[19:52] what about the existing
+[19:54] flows we have currently in gateway?
+[19:58] How can you map those existing flows
+[20:02] to the
+[20:04] secure transport?
+[20:05] Is there
+[20:06] uh-huh. Go ahead. Sorry. So
+[20:10] because there is no decision rules here, so we can't map it
+[20:15] one on one. So how can we handle this situation?
+[20:20] Are you working with our services team on that, or are you trying on your own?
+[20:25] No. We are working with Eric Tom Thomas, if you know him. Yeah. He's the best on this one. So so, basically, the whole point of the transition portal
+[20:35] is that it will data mine through the decision trees in gateway
+[20:40] and present them in a way that is
+[20:43] closer to how flow manager requires them because a transition portal uses flow manager to goes into ST. It's just how they designed it.
+[20:51] So from your perspective, what will happen is that the transition portal will consume your decision trees
+[20:58] and will data mine them to figure out what exactly you're doing inside of them. It will extract the relevant information and do a translation transition, that's why it's called transition portal,
+[21:09] into
+[21:10] what will be routes in ST.
+[21:13] Okay. Okay. Some of that will be automatic. Some of that Eric will do on his own. That that's why I asked you if you're working with someone because,
+[21:22] technically speaking, probably someone can do it on their own.
+[21:26] Mhmm. But in my experience, it's a lot better if you get our our services team to lend you a hand because it's not one on one relationship.
+[21:35] The two products have a very different way of thinking about users and transfers and things.
+[21:41] Mhmm. So transitioning
+[21:43] is sometimes a little weird.
+[21:46] But
+[21:48] you're not going to lose what you have at the moment. That's why you're going to transition portal. And
+[21:53] most of some of percentages,
+[21:55] I don't know what depending on in some customers, 90% of the flows of the decision trees translate into into routes cleanly. In some cases, it's 50%.
+[22:06] You know? It really depends on what exactly you are doing.
+[22:09] But that's not something that you need to figure on your own. One thing you need to find out on your own, though, is how to build new decision trees
+[22:18] going forward
+[22:19] in the new thinking.
+[22:21] Because
+[22:22] when you change products between even though it's actually in tax way
+[22:26] Mhmm. Both products came from different
+[22:29] purchases,
+[22:30] different companies that actually bought through the years. So the technology inside of them is different. The logic is different.
+[22:38] Okay. So it it's a little bit of a
+[22:41] you know, I
+[22:43] it's a it's it's a big change. So if you and the team that will be working with ST haven't enrolled into training yet, it I would strongly recommend it, the admin class.
+[22:55] Where where where can we enroll?
+[22:58] So it is on the university page, university.xue.com.
+[23:03] There are some free modules you can go through for the very basic stuff, but there is also paid training that the team can enroll into and so on, you know, if the company has budget.
+[23:13] But especially for the basic stuff, we do have a lot of free videos.
+[23:17] So log in on university.xway.com
+[23:21] Uh-huh. With your xway credentials,
+[23:24] and just look at what is available for secure transport,
+[23:27] and it will give you some idea. It it I am pretty what we have for free for sure is how to set up your first transfers, explaining all the different objects and things like that. That should be very useful for someone just coming into the product.
+[23:40] Okay. Yeah. And and
+[23:43] use Eric.
+[23:44] That's the other thing, you know, because you use so once you look through those, you have questions, but that's why you have services as well. So I'm pretty sure he won't mind answering a couple of questions to get you on the right track. So
+[23:58] and you wanted to ask another question. Sorry.
+[24:01] Yeah. I I know many,
+[24:04] yeah, many of the users has already been migrated to secure transport.
+[24:08] And I would like to understand from your experience,
+[24:13] how can we approach this whole migration
+[24:16] of
+[24:17] flows from gateway to ST?
+[24:20] Because
+[24:21] is it, like, a two year, three year process, or is
+[24:26] there any other way to do, like, a big bang
+[24:30] thingy? So how was it when you are seeing
+[24:35] with other clients?
+[24:36] It it really depends on the complexity of your gateway. That's, again,
+[24:42] gateway,
+[24:43] even though it is it was a little bit more structured than ST, it still had a lot of options. So in some cases, I've seen people using only two or three decision trees,
+[24:53] you know,
+[24:54] same types of them. So it can be a big bank on everything.
+[24:58] But if you have a lot of diverse things and you need to move fast, sometimes it makes sense to actually isolate some cases and move slowly through time. So we've seen it any each way. We've had people that have five partners on gateway. You have people with 5,000
+[25:12] partners.
+[25:13] You know? Yes. So Yeah. It's
+[25:16] it's one of those things that I cannot put a number on it or a plan on it without seeing it.
+[25:23] Eric will be in a lot better position to actually tell you what
+[25:27] he sees after he sees the data.
+[25:30] What I would say is that the chances of that being a
+[25:34] bank approach tomorrow,
+[25:36] you know, big bank tomorrow is slim to none.
+[25:40] But will it be two years? Hopefully not. I don't know how big your installation is.
+[25:45] So quite big.
+[25:47] Yeah. Yeah. And More than
+[25:49] yeah. 10,000 flows.
+[25:51] Yeah. Actually, 10. Well,
+[25:54] I would say a year, but or more, but who knows? Eric can do magic sometimes. It depends, you know, if you have 10,000 flows, but 9,300
+[26:03] of them are basically the same flow with different endpoints.
+[26:07] Yep. You know? That that's a different conversation from 10,000 flows where everyone had been doing whatever they wanted to do. And that's one conversation I usually want like to have with customers that are just starting on a product.
+[26:20] Think about standards in the new server.
+[26:23] Think about what you want to allow and what you don't want to allow just because the server can do it. Can you support 10,000
+[26:30] very different flows
+[26:31] with your support team? Probably not. So you might want even though the server can do it, you might want to ask yourself, do I want to allow them to do that? Or do you want to lock them into specific use cases
+[26:43] and then just
+[26:45] move them
+[26:47] you know, do exceptions and documentation on specific case or something like that?
+[26:52] Okay. Yep. Yep. Back to what I see. When you have a server as a tool with a lot of options, now you have the problem,
+[27:00] I can, should I? And who are you going to support all of that?
+[27:05] So Yep.
+[27:07] Clear. Thank you, Yona.
+[27:09] Absolutely.
+[27:12] And
+[27:13] other from that, I don't know if you saw, but we they did they did a virtual user group about the transition portal and moving from gateway to secure transport a few months ago, but it was in French.
+[27:25] I don't know how much French you speak.
+[27:28] No. I I speak I don't speak French. So Yeah. Me neither,
+[27:33] unfortunately. But
+[27:34] I I actually took a so it is in the community portal under user groups. And even though it's in French, I actually looked at their slides.
+[27:42] A lot of the slides are actually in English.
+[27:45] Even if you don't
+[27:47] Mhmm. Yes.
+[27:49] If Lucy can find it, if not, I'll find it later.
+[27:52] If the user Lucy, if you can look at the user group list. If not, we'll send it in the mail after that.
+[27:58] Yes.
+[28:00] It's
+[28:02] you don't need to listen to it. But as I said, a lot of the slides, especially towards the end with the more technical stuff of how king these kinks are happening are in English.
+[28:11] Okay. Okay. So even if you look through the PowerPoint, that might be useful.
+[28:16] Yeah.
+[28:17] And give you some You would help me, though. Yeah. And give you some help in yeah.
+[28:22] Uh-huh. Okay. Sorry. Sorry for interrupting you. Sorry. No. No. I I do the same. So I apologize.
+[28:29] I was just going to say it will give you some talking points with Eric as well.
+[28:33] Yep. We are having the workshop on October 3
+[28:37] together with Eric.
+[28:39] So
+[28:41] we are mostly going to discuss
+[28:43] the various possibilities.
+[28:45] And is it possible to do a kind of
+[28:49] hands on on the test environment to see
+[28:52] if transition portal works for us in real time, or it is it is not
+[28:58] possible to do it in a day?
+[29:02] That will be a question for Eric. Depend I don't know how it is set up, how they set up that, all that. It's operational.
+[29:11] And that's the kind of questions you can ask him.
+[29:15] Okay. I I suspect even before October.
+[29:18] I suspect if you can if you send him a mail now, probably he'll respond or something like that.
+[29:22] Yes. Okay. Thank you, Orna. Maybe if you can send me the slide deck for the transition portal, it would be helpful.
+[29:30] Yes. As I said, we'll try we'll get it either in the mail
+[29:34] as the follow-up. So after this meeting, Lucy will send the mail with the recording from this one, and we'll include the link to to the other one so you can grab it unless we manage to do it during the meeting depending on who's you and what. So okay? Okay. Okay. Thank you.
+[29:51] Absolutely.
+[29:52] Okay. Who is next?
+[29:58] Silent group.
+[30:00] If you haven't looked at the August release, do you know what we got back?
+[30:06] Bulk re yeah.
+[30:08] Bulk resubmit,
+[30:10] now on the UI.
+[30:12] So if you update to August, you can resubmit
+[30:17] more than one transfer at the same time from the UI.
+[30:22] I know a few people have been asking through the years. Didn't I just make someone's day?
+[30:28] Oh, come on. You're not an easy crowd today.
+[30:33] Okay. Who is next?
+[30:36] Hello, Juana. That's a good news, to be honest. I I was just in another meeting, so I I wouldn't suspect and
+[30:43] that was the news. That's someone will like that.
+[30:48] So And we
+[30:50] did we did we do too. We we talked about that and kinda celebrated
+[30:55] amongst
+[30:55] our team.
+[30:57] Good.
+[30:58] The only the only restriction is it need they need to be visible on the screen to be resubmitted together. So you'll need to get them on the same screen,
+[31:06] which natively restricts it to about a 100, so but which is okay.
+[31:10] But, yeah, nice news.
+[31:13] The other big news on this release is about ZGO and the fact that we actually now support MS SQL
+[31:20] for zero downtime
+[31:23] on the beta there or not beta anymore.
+[31:27] And for the ones using folder monitor, we did some performance changes, but they're only on the initial load up. So it loads a little faster on startup.
+[31:40] The other thing, by the way, especially for people with repository encryption,
+[31:45] and please read your readmis and so on, but just highlight again,
+[31:49] is that if you're using repository encryption,
+[31:53] as you know,
+[31:55] the loading of the list of few files for a user when the list was longer was taking a little or takes a little longer because we need to recalculate
+[32:04] sizes properly.
+[32:06] There there is an improvement for that now.
+[32:09] So there is a new parameter that can be set. So if you use repository encryption that you have big directories
+[32:15] with long with a lot of files, look at the new parameter
+[32:19] that can be set to get your your users file to files to load up to fifty first percent faster.
+[32:29] And that these are the busy the big things. Of course, the other thing is that we actually have the the ability to store
+[32:37] the secret file of ST inside a of a vault tunnel.
+[32:41] This is part of our zero
+[32:44] zero
+[32:45] zero trust initiative.
+[32:47] So long term, we want to be to make it available
+[32:51] for you to store all of the private details in a vault somewhere and not inside of the software.
+[32:58] And the step one or step x or whatever you want to call it, the secret file now can be externalized.
+[33:04] It doesn't need to sit on the server itself.
+[33:09] And for the ones that are too new to know what the secret file is, these days we call it the tag file.
+[33:15] This is the file that you exchange between the cluster nodes, then this is the file that we use as a secret
+[33:21] key to encrypt anything in the database or on the file system anytime we need to encrypt, not for repository encryption, but for the operational.
+[33:31] And this is the highlights of the new release that came out a few weeks ago.
+[33:37] So
+[33:38] okay.
+[33:40] Any other questions?
+[33:44] Or what do you want me to show you? I have a live server.
+[33:51] You and I there's no other question.
+[33:55] I have been wondering if
+[33:57] well, when we set up a new connection with the new partner
+[34:01] Mhmm. Especially when we are talking about basic transfers,
+[34:06] the one with the basic protocol,
+[34:08] sometimes
+[34:09] we want to activate the verbose mode. Meanwhile,
+[34:13] the only
+[34:14] way I do it is that I go to the log four g parameters and activate the verbose, but that will activate
+[34:21] the verbose for
+[34:23] all the accounts, I would say,
+[34:26] that uses this protocol.
+[34:28] And I is there any way
+[34:32] to
+[34:33] have access to the Verbos logs
+[34:36] without affecting
+[34:38] the global, let's say, configuration?
+[34:42] I I
+[34:43] understand the question, but,
+[34:45] no. We don't have a control for that. So it's all or nothing. Either you enable it for everyone,
+[34:53] and it's on the protocol level or on the team level or the package level or no one at all. You cannot just say, I want it for this transfer. Now
+[35:02] there is one thing that you have for the transfer. As long as at least the connection succeeds and you get the the file as long as you have a tracking table entry,
+[35:13] the protocol level commands will be in the tracking table.
+[35:18] So
+[35:19] I usually use that for troubleshooting.
+[35:21] But what you're asking for is a little more than that, and we don't have that. So you might want to open an idea, actually.
+[35:30] I would say go and open an idea into the ideas portal about that. I see. Yeah.
+[35:36] What you want is to say enable the bug for this transfer specifically,
+[35:41] which we don't have control
+[35:43] for.
+[35:44] We just don't
+[35:45] our debug is only based on the Log four j stuff.
+[35:48] And in Log four j, obviously, you cannot do it that way. In order to allow it on specific transfer user
+[35:54] subscription,
+[35:56] we'll need the control to be built, and we don't have one.
+[36:00] Okay. I see. But because just there is some cases where
+[36:04] Mhmm. There is no logs when there are some sort of certain
+[36:08] type of errors.
+[36:10] Yeah. Sometimes even if we receive the connection, they just
+[36:14] that there is an IP connection but no logs and then drops
+[36:18] without reason.
+[36:19] And and I just last question is that, can we
+[36:24] benefit from Sentinel
+[36:26] on this case? I see that in Sentinel, I mean, you can get
+[36:30] more Not not not no. It's actually less for that. So
+[36:35] all that ST sends to Sentinel is the tracking locks the tracking tape. So we send the events,
+[36:43] but not all the information from them. So all you know, these additional locks, the protocol commands that are in the tracking table of ST, those don't don't go to Sentinel at all. So Sentinel will
+[36:56] never have more information about the failure than ST.
+[37:00] Can
+[37:01] be useful for things what we talked about earlier, mail notifications that cannot be set up cleanly
+[37:06] or for
+[37:08] connecting the dots between inbound and outbound, things like that.
+[37:12] But when we're talking troubleshooting and error messages, ST does not send locks unlike CFT.
+[37:17] CFT sends both the locks and the tracking information to Sentinel,
+[37:22] but ST only sends tracking information without locks. So we will send just
+[37:28] when there is a failure, we'll send just a single message that says
+[37:32] transfer failed, you know, whatever the last message is. Yes. Connection refused, connection closed, something like that. But we are not going to send all of the previous information or any debug clock or anything like that. And it's more of a the reason is more operational than anything. The sheer number of transfers, if we try to send everything to Sentinel, kill everything.
+[37:54] So I see. Yeah. I do agree.
+[37:57] But we are looking into options to allow more things to go to Sentinel, and, again,
+[38:02] open the idea to allow the book mode to be enabled for specific transfers
+[38:08] account, whatever you need in this case.
+[38:11] Okay. I will open a I'm
+[38:13] will open that from the idea for sure. Okay. Yes. Because
+[38:18] as we say as Lucy mentioned earlier and as we had said on earlier calls,
+[38:23] our product manager needs to know what customers need, and that's the fastest way to give them an idea. Will it happen? I cannot promise.
+[38:33] I I I I find it a great idea,
+[38:36] but I don't know if we have the bandwidth for it, if the technology will allow it to build it easily
+[38:42] because, you know
+[38:43] I see. Okay.
+[38:45] This is the kind of stuff yeah. Go ahead. Sorry.
+[38:48] No. Sorry. I I I dropped a bit. But, yeah, I I see. It's like the zero downtime
+[38:53] idea.
+[38:54] That's when it's good.
+[38:56] So
+[38:57] Yeah. Yeah. So maybe it's gonna go this way. Yeah. But part of the pro part of the challenge with something like that, building it for transfer, is that usually if you want something like that, it needs to be in the
+[39:09] during the design phase of the product, and it had never been there.
+[39:14] So they'll need to refactor a lot of things to enable it. But who knows? They might have some ideas how to do it. So ask.
+[39:21] Okay.
+[39:22] Thank you very much.
+[39:24] Absolutely.
+[39:25] Okay.
+[39:26] Who is that next?
+[39:36] No questions?
+[39:40] You don't have any questions, I will show you some things if you haven't looked them.
+[39:45] Because for a change, I have a fully updated server.
+[39:48] Speaking of updates, I do have a quick question. I saw in the that a warning
+[39:53] that with the I guess, the September version here in a couple weeks, it'll include the database upgrade for, like, our edges
+[40:01] into, like, Postgres instead of Maria.
+[40:04] Do you have any
+[40:06] suggestions or warnings or best practices or anything that we should take heed before we would deploy?
+[40:14] Well,
+[40:15] make your database as small as possible, aka don't leave three weeks of locks inside of it. So slowly lower the number of days you are keeping and
+[40:25] let ST clean more than usual
+[40:28] because the smaller the database, the faster we'll update. That's one thing. You know? Less
+[40:33] less things to move, faster goes faster.
+[40:36] The biggest the biggest difference for anyone will be that the PostgreSQL model is not just a change in the database, we're but changing the model.
+[40:45] At the moment
+[40:47] and if you're
+[40:48] so at the moment, every server or every edge that is using MariaDB
+[40:53] is talking to its own database, and then on the application level, we're replicating the databases so we have copies of the databases. Right? But it's on the application level.
+[41:03] With the postgre,
+[41:04] we're changing that to a database level, and the secondaries don't work out from their own database. They connect to the primary database,
+[41:14] which means that we need different kinds of connections. So when you go to the September release, if we release that in September, that's the expectation.
+[41:22] But, again, it haven't been committed yet. They're still working. If there are problems, it might be delayed a month. I don't think so, but things happen.
+[41:30] But
+[41:31] before you update,
+[41:32] make sure to read the release notes and to ensure that the ports are open between the two servers, two edges, whatever you're setting up. This applies to the edges only if they are set up to synchronize between each other. And now there is a better reason to do it than in the old system
+[41:50] because of the single database.
+[41:52] The the update in the new new model is now on the database level between the two Postgres servers.
+[42:01] So that's a difference.
+[42:03] Sorry. Okay.
+[42:05] Other from that, it should be almost invisible
+[42:09] for most customers,
+[42:11] short of you doing if you haven't done anything stupid on your edges or servers, and I'll call it stupid because, you know, if you're not supposed to do it, it's stupid.
+[42:20] But as long as you had followed our rules and had left your MariaDB on its own and you haven't tried to
+[42:27] play DBA on it,
+[42:30] you should not even notice the change besides the fact that it will take a little longer to update, and then at the end, there will be a different service running.
+[42:38] It should be almost invisible.
+[42:40] So if you remember when we changed from MySQL to Maria way back when, it should be very similar. But again, the change of the model is what will catch most people unawares because of the port change and how it works.
+[42:55] Okay. Sounds good. Currently, for our back ends, we have a four node cluster using an external Oracle database.
+[43:03] And our cluster is not particularly
+[43:05] busy,
+[43:06] so I suspect that we don't really need four nodes.
+[43:10] So we had even talked about the idea
+[43:13] that should we go back to
+[43:15] a standard cluster with three nodes running this new database?
+[43:20] No.
+[43:21] No? Okay.
+[43:23] And the reason is pretty straightforward.
+[43:25] So
+[43:26] the
+[43:27] will it work? So
+[43:29] if you move to standard cluster with three nodes, first of all, three nodes standard cluster, alter new model is always more unstable than a two node one
+[43:39] just because you have a single database running on the same node where the
+[43:45] primary data bay primary TM is also running,
+[43:48] and you cannot move that. So you have the two big engines, the database and the primary database, the one running schedulers, folder monitors, you know, the big jobs running on the same physical server.
+[44:01] That's what you are going away from with enterprise cluster. You split those two.
+[44:07] With the old model or the new model of standard cluster, those two stay together. So you have the primary database,
+[44:14] and it's actually the new model will be even worse than the old model for that because not only now you have the database and the primary server itself on the same box, but you have all the secondary servers talking to the same database. So this database will be a lot busier.
+[44:28] So even though we'll support t node clusters,
+[44:31] the recommendation will stay as it had always been.
+[44:35] As if you need to add a third node, this should be a prelude to moving to enterprise cluster.
+[44:41] Okay.
+[44:42] Good. Thanks. Which doesn't mean that there aren't cases where people might want to downgrade, but especially because you're coming down from four.
+[44:50] You if you go to a three node, you have probably
+[44:54] server and a half to work with compared to what you have now.
+[44:58] So it will be, like, one third of what you have now or thereabouts,
+[45:02] which
+[45:03] I honestly
+[45:05] if you already have the external database
+[45:07] and unless you have really budgetary restrictions and they really want to, you know, misbehave,
+[45:14] I the enterprise cluster is still the way to go. Plus this way, you'll have ZDU,
+[45:19] you'll have all of the new things. All all the new toys coming are only full with enterprise cluster anyway.
+[45:26] So
+[45:28] Okay. Sounds good. We'll stay put. Yeah. I and and I really, really don't like to put the date. So even if you have very little load, what happened during peak time? Because that's what will kill your cluster.
+[45:41] Right?
+[45:42] It's
+[45:43] having the database and the primary on the same note is just for small environments. That that's that's
+[45:48] what it is.
+[45:51] Yep. Yeah. Not a problem. Yeah. The the load wasn't really the reasoning. It was, you know, lack of confidence in the Oracle DBAs
+[45:58] and trying to remove another dependency that can break and,
+[46:02] you know, network between
+[46:04] secure transport and that Oracle and firewalls and, you know, all that other nonsense that can go wrong. So that was why we were contemplating it, but it it sounds like we're better off just, you know, staying where we are.
+[46:16] And, again, you might want to start doing pros and cons.
+[46:21] It's not just about licensing licensing or or anything like that. And I understand that you have other operational
+[46:27] issues and, you know, wanderings.
+[46:29] Maybe you can look into changing from Oracle to Postgre or something like that. Are you thinking about going to the cloud at some point?
+[46:36] Yeah. But, you know, cost is always the concern there.
+[46:40] Yes.
+[46:41] So
+[46:42] here is the the another point to put on the table. If you're thinking about cloud in the cloud, enterprise cluster is a lot better than standard
+[46:51] because we and we do support the RDSs and
+[46:55] hosted solutions.
+[46:56] But, also,
+[46:57] you know that our cloud edition aka containers is coming downstream next year. It's already in beta.
+[47:04] So
+[47:05] this will only be available with an enterprise cluster license
+[47:10] or enterprise pack as we call it.
+[47:13] Gotcha. Okay. And
+[47:15] anyone that thinks about going to containers at any time will need to switch to external database anyway because containers will never ever
+[47:23] carry their own database. It you know, containers and database inside of them just doesn't jibe.
+[47:30] So there is that.
+[47:34] K. Sounds good. Thank you. Absolutely.
+[47:39] And,
+[47:40] Mark, just make sure that when you're updating that and you know that, but I'll still say that make sure that your edges and server stay on the same streaming level.
+[47:50] So same patch, same update,
+[47:52] especially when you change the database
+[47:54] because
+[47:55] I a lot of people the reason I am mentioning it because I got at least two mails this week asking me
+[48:01] if in September they can update the enterprise clusters but leave the edges on the old model, and unfortunately, the answer is no.
+[48:09] If you go to September, you'll need to go both ways. So
+[48:13] okay.
+[48:14] Okay. Thanks.
+[48:16] Okay.
+[48:17] What else do we have?
+[48:29] Okay. While people are being shy, had you looked at our
+[48:34] better
+[48:35] route packages,
+[48:37] and had you played with those?
+[48:42] And
+[48:43] if you haven't,
+[48:45] let me open one that is a little bit more
+[48:49] interesting.
+[48:54] So one of the nice things we added finally is that
+[48:58] we tell you how many routes are using it.
+[49:04] Man, that one is not interesting.
+[49:06] I don't have any interesting ones.
+[49:08] But if you haven't been looking into the better route packages, they go against the same database as the standard ones. What can be not everything can be done through them yet, but some things can, and we are actively soliciting
+[49:22] feedback
+[49:24] for the beta
+[49:26] and for what you're seeing and if you are liking what you're seeing when you're building new packages and so on and so forth,
+[49:34] and if you think that things need to go in a different direction.
+[49:37] The idea of this new UI is to be more intuitive,
+[49:42] less
+[49:43] likely for you to forget for half of the pieces it need to start over.
+[49:47] You know, raise your hand if you've never done that.
+[49:50] And
+[49:53] and that's about it
+[49:57] on this one. So
+[50:02] questions? What do you want me to show you, or are we having a short summer meeting again? Well, not summer, but still kinda summer.
+[50:17] No. I have anything?
+[50:30] Joanna?
+[50:31] Yeah. Can I, yeah, I can ask? I was looking for this
+[50:36] learning path or some video or course about transition portal, but I could not really find anything in the university
+[50:43] Yeah. Page. Yeah. So you the transition portal doesn't have anything in university.
+[50:49] It's on the community page. Let me find that while
+[50:52] everyone is asking for questions. On university, look for secure transportings.
+[50:57] Uh-huh. And I'll get you the one for the transition portal in the chat in a second.
+[51:02] Okay.
+[51:11] Give me a second.
+[51:13] Yeah.
+[51:16] And and this transition portal
+[51:19] package is available for
+[51:22] for anyone? If I if I can go to the Hawxway
+[51:26] portal,
+[51:27] then
+[51:28] can I download
+[51:30] the package for transition portal, or is it not publicly available?
+[51:35] It's it's available
+[51:37] if you have entitlement
+[51:39] for it. I'm not sure if
+[51:42] everyone that has x s b has it automatically
+[51:45] or
+[51:45] how you can get it. That that's a question for Eric and because he has your
+[51:52] The conversation.
+[51:53] Yeah.
+[51:54] Yeah. Because it it's one of our restricted availability
+[51:57] products because it's not something that is very easy for someone that doesn't understand XAV and SQ to work with.
+[52:04] It's really a product to assist. So if you look at the chat window,
+[52:08] I posted the link. This is the XAVI Gateway to secure transport migration
+[52:14] user group that they did, and there is a PDF
+[52:18] in there.
+[52:19] This PDF is basically the PowerPoint.
+[52:22] And as I said, some of the stuff is in French, but a lot of the technical details are in English.
+[52:28] Okay.
+[52:30] So
+[52:30] pretty it should be pretty strict. And even the French is not that bad French wise. It's like a 100 pages. And
+[52:38] even the the stuff in French, you know, there is Google translate and so on. But Yeah. Yeah. Okay. But also if you start looking
+[52:47] and and one of the things it it also contains the presentation of how our services team runs a project with the portal.
+[52:55] Uh-huh. So it's exactly what you will see.
+[52:59] Okay.
+[53:00] So I understood that the transition portal is not available for everyone.
+[53:05] And because I've seen that in the documentation,
+[53:09] that we that the steps for installation
+[53:12] of,
+[53:13] for the installation of transition portal. But when I go to the downloads,
+[53:18] I could not find that. But I now know the reason because
+[53:22] Yes. So, basically, the way download our downloads page works is that when sales
+[53:28] or support or someone marks your account as you are entitled to this product, you will start seeing the new build from it.
+[53:35] And I'm not sure if you
+[53:38] will get entitled to it or will be hosting it. I just don't know what the current plan is for your account.
+[53:45] Okay. So Yeah. You you can ask your account executive or Pink Eric and see if he knows
+[53:51] if you as
+[53:53] I said, it's on customer per customer base. But for
+[53:58] anything
+[53:59] in in Axway,
+[54:01] when you go to your downloads, only the you will see only the products that you have entitlement
+[54:06] to. Okay. Yeah. Clear. That's just how it works. When I go, I can see everything because I work for us. Right? You know? Okay. But if I log in but but if a customer
+[54:17] logs in, what you see is what you get. So and that's important to know because if you are entitled to a product but you don't see it, you need to talk to support because they need to flip the the
+[54:28] the flag, basically. That's all it does.
+[54:31] Okay. Yeah. Clear. Thank you, Anna. And I just looked through the PDF a little quick quick here after I send the link. About 90% of this thing is in English, including the whole description of how a project works. So Okay. Okay. You should be just fine.
+[54:47] Oh, yeah. Thank you. They have a few things in French at the beginning. I believe when they talked,
+[54:52] the actual recording will be in French. So if you want that, you call you can send them out to community or to Lucy, and they can send you the recording, but it will be in French. So that doesn't help much.
+[55:03] But at least the PowerPoint is pretty straightforward,
+[55:07] and it's actually a pretty well built one, and it's mostly in English. So you should be fine.
+[55:12] Okay. Okay. And again, you can use that as a base to actually talk to
+[55:18] Eric about
+[55:20] I think, like, nice
+[55:21] pictures and how decision rules changes to advance routing and things like that, exactly what you're asking about. And then there is a whole set of slides at the bottom about the transition portal itself.
+[55:32] Yep. Yep. And flow manager and whatnot. And they switch between English and French in slides occasionally.
+[55:38] So
+[55:39] Yeah. Yeah. Thank you so much, Joanna. Absolutely. And good luck.
+[55:45] Thank you. And when is the next user group meeting,
+[55:49] or is it every
+[55:50] So okay.
+[55:52] So
+[55:53] ask Annie this one, which is for secure transport is every month.
+[55:57] I'm doing monthly. So
+[55:59] the next one is I so if you go to the user group screen on
+[56:04] and I'll let me put just put that. If you go to the user group screen
+[56:09] Mhmm.
+[56:10] And this is this one. You can see all of the user groups that had been scheduled for the different products.
+[56:17] Okay. And keep in mind that some of them are in France, some of them in in person. If they're in person, if you register,
+[56:23] you are welcome, but you need to travel. So
+[56:26] I don't see the October
+[56:28] ones already. The Askani is for October,
+[56:31] although we have the dates, so they'll probably show up later this week or next week maybe.
+[56:36] Mhmm.
+[56:37] But Ask Annie is monthly.
+[56:41] Okay.
+[56:42] And, occasionally, we will do other user groups which are based on topics.
+[56:47] And then at the very bottom of the screen, if you click to click
+[56:51] to manage file transfer,
+[56:52] which leads you to this one,
+[56:54] there is a recording or presentation
+[56:57] for everyone that we had done since
+[56:59] '21,
+[57:00] so for the last almost four years.
+[57:04] K.
+[57:04] So if you want, you can
+[57:07] look at the presentation or listen to the recording or ask for the record. Some of the recordings, you might need to send the mail to the community for some of the older ones if something interests you.
+[57:17] But the second page I send, the user groups page, is where you can always see what is already scheduled and you can register.
+[57:25] Yep. And I don't know where you are physically.
+[57:28] I'm I'm in Netherlands.
+[57:30] Well, sorry about that.
+[57:33] I'm not late. But we're doing some European user groups
+[57:37] as well. I just don't know that often.
+[57:40] So because now
+[57:42] we're going to we'll have five, I think, in The United States in person in the next three months.
+[57:48] So we're heading it out. But, again, this one, the Ask Honey, is
+[57:53] every month.
+[57:55] Yes.
+[57:56] Great. Thank you. Yep.
+[57:58] And everyone is always welcome on it. And we we record. So if you miss it and just do want to listen to it, you can always listen later.
+[58:05] So okay.
+[58:09] Okay. Do we have anything else?
+[58:13] Hello.
+[58:14] Hey, Kenneth. Hi. I have a question regarding the Ad hoc system to human interface.
+[58:21] Okay.
+[58:24] When I look at the instructions to set up the configuration,
+[58:28] I noticed we have to set up a d four network zone.
+[58:34] So I have it working, but I would like to know if
+[58:37] because we we have the core and
+[58:40] the edge for the
+[58:43] external users as well. So I'm wondering if
+[58:47] ST can support
+[58:50] different
+[58:51] ERP fix based on
+[58:54] the email address of the
+[58:56] the people we're trying to send the files to.
+[59:00] No. Not based on the email, I'm afraid. It's based on
+[59:06] where you're coming from. Are you coming from the edges or the servers? That's what it is because it's on the networking zone.
+[59:13] So in the networking zone,
+[59:16] you're talking about the public URL. Right?
+[59:19] Yeah. Yeah. Exactly. So if we have a system
+[59:23] initially transferred to the humans,
+[59:27] how are we able to support
+[59:29] both internal and external users? Oh, I understand what you're asking. Okay. So, actually, the answer to that might be actually better. So you are doing ad hoc as server initiated. Right? Mhmm.
+[59:42] Okay. So when you're creating the transfer site
+[59:48] no. That that's the wrong thing I clicked on. Hold on a second.
+[59:54] Where
+[59:55] is my
+[59:57] the system to human. Right? Yep.
+[60:04] Unfortunately,
+[60:06] that one
+[60:08] and that's why I want that's why I have a live server because I don't remember everything.
+[60:11] So as you know, for the regular
+[60:14] sites,
+[60:16] you'd have a networking zone that would have sent you to whichever zone it is. We don't have one here,
+[60:22] and that's
+[60:24] and that's why you cannot control where it's going through. Okay. That's the problem.
+[60:28] So if you
+[60:30] you I'll get you the same advice I gave earlier. Open an idea for that because the solution for that will be for us to add the networking zone here.
+[60:39] And then when we know which networking zone we're going through, we might be able to. The challenge and why we don't have it is because it's email. Email cannot go through SOX.
+[60:49] And our only way to go through
+[60:52] the the way they were thinking about networking zone is always about SOX proxies. Right?
+[60:57] However, in this case, we don't care about the proxy. What we care about is the URL itself.
+[61:02] So Yep.
+[61:04] Either they can we can put the URL to be on here to be able to override from here, or we can allow from here to select the zone so that you can have the multiple URLs,
+[61:15] but we don't have that. So open an idea about that. Explain your use case exactly what you're trying to achieve.
+[61:22] Okay. And how they'll solve it, I don't know. I know why it's not here because it's not relevant.
+[61:28] Right? This cannot be SOX, and the whole point of the networking zones always had been the SOX proxies on transfer sites.
+[61:35] But in this case,
+[61:36] it's one of those cases when you have the two functionalities who are built and merged together,
+[61:41] and then somewhere in the middle, we forgot to do a configuration.
+[61:45] So
+[61:46] you're stuck for now.
+[61:49] Okay. Got it. Thanks. So the way, by the way, people usually solve that, in my experience, is to send everything to their own exchange servers internal and allow them to forward out
+[62:02] and do your routing of the mail in your exchange. So you work with your mail admins
+[62:08] and always use the external URL on the link.
+[62:13] Oh, that would mean you have to attach the files instead of just sending the link?
+[62:17] Well, you can do that, but my point is so because all this sent is a mail. Right? And the idea is that it contains a link how to get to the files.
+[62:27] So if you do your URL to be the external
+[62:31] part, the external
+[62:32] URL,
+[62:34] then
+[62:35] actually, it's not the mail problem. It's for your load balancer people or someone on the networking player. If you're coming from inside and hitting the external URL for them to somehow route you to the internal or whatever you want them to do, you know, Pure networking.
+[62:51] Okay. Alright. Thank you. But but the the way to set it up if you want to external is put the URL to the external URL, the external load balancer, and then deal with your internal people differently. You can even just put a note in there. If you're internal, please use different URL or whatever. You know? Internal people usually are used easier to to work with.
+[63:12] Okay. Right. Thank you. By the way, in another customer, the way they solved it is they have to set separate servers, one for internals, one for externals. So they just point to the correct one.
+[63:24] But that's a different it's a lot more complicated that way. But, yes, open an idea.
+[63:30] Okay. Thank you. Mhmm.
+[63:34] Okay. What
+[63:41] else do we have, or do we have something? Oh, by the way,
+[63:45] for if you had one seen that site for the last three years or so, now you can send the whole file as an attachment so they don't even need to come download the file.
+[63:55] But careful about the size of this file because it's
+[63:59] there is a maximum size that you can specify in a parameter.
+[64:05] And if the file is bigger, we're not going to send it as a mail attachment.
+[64:10] So Yep. It just heads up. It works beautifully when you're sending something very small.
+[64:16] So depending on your use case, that might all also be an option to resolve the whole problem with URLs, then they don't apply at all. But,
+[64:26] you know, no one like these days, one likes opening attachments, so it's up to you how to handle it.
+[64:34] Okay. Thank you. Mhmm. Okay.
+[64:37] Those attachments
+[64:38] I'm sorry. Are those attachments encrypted at all?
+[64:42] Nope.
+[64:43] Well, if you PGP encrypt the file before you send it, it will be PGP encrypted. But otherwise, we we just attach whatever we find. Okay.
+[64:52] It it's like it's the same as the download. Don't download, except that instead of you needing to log in and come grab it or click on a link, it just comes to my your mail. Okay.
+[65:02] It works for status things. It doesn't work for real data.
+[65:06] So Gotcha. Thank you. But again, the it it's the same old rule.
+[65:12] We you can do SMTP over SSL, so that will be encrypted, and then what happens inside happens inside.
+[65:18] So
+[65:20] okay. Yep.
+[65:22] Okay.
+[65:24] What else do we have?
+[65:33] One time? Second time?
+[65:36] If not, I'll give you twenty minutes back from your wife.
+[65:45] Sounds like we have a shortish meeting today
+[65:48] or some value of short.
+[65:51] Hey, Mark.
+[65:54] And
+[65:56] I saw Mark unmuting, and then he disappeared.
+[66:03] Okay.
+[66:05] Okay.
+[66:08] Well, then back to Lucy, and thanks everyone for joining us. We'll talk again next month. If you are in one of the locations where we will have user groups,
+[66:18] which is let me go grab my list, by the way.
+[66:22] Yep.
+[66:24] We are going to Seattle,
+[66:26] Scottsdale,
+[66:27] Dallas.
+[66:32] Let's see what else. I keep forgetting. Chicago. Chicago.
+[66:36] September 24, Seattle. September 26, Scottsdale.
+[66:41] October 24, Chicago. November 13
+[66:45] in
+[66:46] Dallas, and November 21 in Sacramento. So we are
+[66:50] on the road.
+[66:52] And
+[66:53] if you guys have any
+[66:56] interest in attending any of these, if you're not already signed up, please email me lcoltman@axeway.com,
+[67:02] and I'll be glad to send you information. Again, you can always go on the community
+[67:06] portal
+[67:07] as well to
+[67:10] check those out.
+[67:12] They're gonna be user group sessions,
+[67:14] and some locations are gonna be at our at a Topgolf venue to add a little fun to the event. It'll be a user group session in the beginning of the afternoon and then
+[67:25] a social event afterwards at some of the locations.
+[67:30] But be glad to give you more information on that.
+[67:33] So please let us know because we'd love to have you.
+[67:36] Totally free to you and and
+[67:39] our opportunity
+[67:40] to
+[67:41] interact with you guys and and
+[67:43] make it fun as well. So,
+[67:46] yes,
+[67:47] happy to do that. And then
+[67:50] I think that's it for now. Thank you all for attending,
+[67:53] and I will be sending out the presentation and recording link
+[67:57] this afternoon as soon as I tie everything up on this end.
+[68:01] And
+[68:02] just wanna quickly mention too,
+[68:04] you guys will probably get a survey.
+[68:07] Just really brief.
+[68:08] Really appreciate your feedback on that. It really helps us on our end to
+[68:13] know, you know, how we did and and,
+[68:15] you know,
+[68:17] how you feel about the the user group session today. So I really appreciate you taking literally two minutes to just fill that out. We would love that. So
+[68:27] if you have any more questions,
+[68:29] please let us know. But thank you, Annie, as always. Very informative.
+[68:34] There's pretty much no question you can't answer.
+[68:38] So
+[68:39] you guys have a great rest of your afternoon,
+[68:42] and
+[68:44] look forward to seeing you at the next one.
+[68:46] Thanks, everyone, for joining. Have a great rest of the day, whatever part of the day it is. And if it's evening already, have a wonderful evening. That's right.
+[68:57] Bye. Thank you. Thank you.
+[68:59] Thank you. Bye. Thank you. Talk
+[69:03] to you next month
+[69:04] or see you this month.
+[69:06] Thank you. Have a day. Thank you. Bye. Bye.

out/857548090/transcript.txt

@@ -0,0 +1,993 @@
+# Transcript: 857548090
+# URL: https://vimeo.com/857548090
+# Duration: 4969s (82.8 min)
+
+[0:02] This one is a little different from the usual ask any sessions we had had earlier in the year.
+[0:08] We still want you to unmute yourself and ask questions if something is unclear
+[0:14] or if you have additional questions.
+[0:16] And sometimes I might ask you to skip it for later in the call.
+[0:21] But, for the most part, the idea of this session is to present to show you some ideas of how to use SecureTransport a little better or
+[0:29] reuse it more, give you some ideas of what the server can do that you might not have realized we can do now,
+[0:36] and basically talk about how to utilize your server and get better and better and get better processing for your files, get your business users happier,
+[0:47] and all that funny stuff.
+[0:49] And let me share my presentation.
+[0:52] So I'm starting with the presentation.
+[0:58] Let me know if you can see it.
+[1:02] But I'll switch the live server after that. So the way this session works or what I have is five scenarios
+[1:09] using some of the newer features in features in advanced routing.
+[1:15] And we'll actually see them on the live server. We'll discuss how they can be used, when they can be used. I'll be happy and I'll be I hope that
+[1:24] some of you will unmute yourself
+[1:26] and either ask questions or mention something that they are doing that might be relevant or,
+[1:31] you know, just share how you see that being useful.
+[1:36] And with that being said, Hong Kong, can you just confirm that you can see my presentation at moment on the screen?
+[1:44] Yes. I can see. Okay.
+[1:47] Thank you. Just checking technology.
+[1:49] Okay. So
+[1:52] this workshop started actually as part of our summit. As you know, we had summit all over the world earlier this year.
+[2:00] And here in The United States,
+[2:02] we are usually doing the technical workshop for the half of the first day,
+[2:08] which I usually lead for secure transport. And as part of that,
+[2:12] I created that presentation and that workshop specifically for that event. However, not everyone can travel, and I didn't go to the summit outside of the North American
+[2:21] continent.
+[2:22] So we decided to just take the same presentation on the road. It's a little shorter. So couple of technical notes on that. You will get the presentation after the meeting, so you don't need to take screenshots if you are trying to do that. And I also have screenshots of all the screens,
+[2:39] relevant screens from ST
+[2:41] in the presentation itself at the bottom of it, so you'll get everything when you get the presentation.
+[2:47] So
+[2:49] secure transport routing,
+[2:51] depending on when you joined
+[2:53] actually, and when you started using secure transport, you might have seen different iteration of that. For the customers from way before 04/06, it was everything was script based. We couldn't route files around at all unless we wrote a script for it.
+[3:08] Then the application framework in 04/06 going into 05/02 added the ability to do unconditional routing
+[3:14] by the adding the
+[3:17] allowing
+[3:19] users to push files, pull files, but without any conditions
+[3:23] based on file names or anything like that. Think about basic application,
+[3:27] for example,
+[3:28] or standard router or any of the old applications.
+[3:31] Then in five three, we created the advanced routing that allowed the conditional routing finally.
+[3:38] However, it still was just routing.
+[3:40] The file arrives or the file doesn't arrive in the cases in the error handling, which came a little later, actually.
+[3:47] So in the very first release release of advanced routing, it was a straightforward
+[3:52] conditional routing,
+[3:53] depending on the file name and so on. And then in five five, and now continuing that approach,
+[4:01] we actually enhanced the fast routing by adding additional step, additional condition, additional places where things can be done and going into full blown orchestration
+[4:11] as opposed to just conditional
+[4:13] routing where you go into the routing, and then all the steps go one after another.
+[4:19] In the modern world,
+[4:21] yeah. In yeah. I've so in the modern world with the MFT,
+[4:27] with everyone that had managed MFT for long enough had this pretty much the same problems and challenges coming one after another and basically a never ending cycle.
+[4:39] Usually, there is a bunch of workarounds and all setups all over the place that had been created historically because of what was required or because of, you know, what the products could do that had never been untangled, so you might be running ten years old workarounds that are not needed anymore.
+[4:55] New protocols, new channels, new ways to deliver data, data lakes, or the
+[5:01] prevalence of s three lately and so on.
+[5:04] There is security enhancement that they're always required.
+[5:07] Anyone that works MFT knows that usual that very often security teams
+[5:12] are on your head trying to get you to do things.
+[5:15] There is a lot of huge amount of unconnected systems usually in the infrastructure unless you're building from scratch.
+[5:23] Full visibility is very hard. And then there is the question that managed file transfer in reality should become an orchestrated file transfer. Even though we keep the old name of managed file transfer, we all know that these days,
+[5:36] we have APIs in the picture.
+[5:38] So we're not just file transfers even though we're still moving files, technically speaking.
+[5:43] But we're also not just managing it, but fully orchestrating.
+[5:46] And what we'll be talking about during this workshop is the orchestration part of it. We all know how to manage our MFQ with secure transport. It's pretty good about that. You have multiple options.
+[5:58] So what we'll be talking about, okay, we got the file or there is an error condition.
+[6:03] Now how to do something a little bit more intelligent based on what is happening as part of the processing,
+[6:10] and not just have a straightforward list of do step one to three be done.
+[6:16] In order to allow ST to become a orchestration engine,
+[6:21] we had done multiple steps inside the FAST to the years. It started with the transfer side definitions.
+[6:28] If you had not used STIP until three years ago, you probably don't even realize that this had been changing. But dynamic parameters all over the place that allow you to fit parameters from outside, the pluggable framework that allows the building of new protocols. That way,
+[6:44] you can have s three or sample or anything you need to have.
+[6:48] Number of connections control.
+[6:50] Until three years ago,
+[6:52] there are only the maximum per host, and everything else was tied into that. Now we have it both on the transfer side and down into the subscription level.
+[7:03] The ability to do history at least for specific for some prompt calls, and this might be coming for others as well, allowing the admin to have a visibility of what actually had been coming for the list. And with the history, the ability not to pull the files over and over if your partner doesn't want to remove them. And the connection reusability,
+[7:23] which is one of the newest features that allowed an s allows an SH connection to be reused for multiple files during a pull push operation if needed.
+[7:33] The scheduling
+[7:34] evolved
+[7:35] with allowing Cronjob that probably was one one of my favorite enhancements last year.
+[7:41] And now there is also the ability to do on demand pools
+[7:45] from inside of an ST routing, and that what we'll be starting with the first scenario in a in a minute.
+[7:52] And then in pure routing conditions
+[7:55] that were usually
+[7:57] so before
+[7:58] late earlier this year, the conditions were only allowed to you could do a conditional route. But once into the step, it was either stop or go. There was no way to do any condition in there.
+[8:10] Passing calculated values between different routes,
+[8:13] allowing,
+[8:15] one user to one route to calculate values and to pass them to another during a publish to account. So the publish to account can actually use variables and
+[8:25] calculated values from the first one,
+[8:27] and from their complete orchestration
+[8:30] allowing
+[8:31] a full flowchart as opposed to just the linear sending of events one after another.
+[8:37] And that's all about the introduction here, and let's talk about the workshop shop scenarios.
+[8:43] We'll cover five of them. That's why we have an hour and a half.
+[8:47] It usually takes me about forty five to sixty minutes to talk to them if there isn't too many questions, so there should be time at the end for questions.
+[8:55] However,
+[8:56] we're not going to move on to the next one until we talk if you have questions or something is unclear. So pulling files only
+[9:05] for based on something happening. So the first one is pulling files when another file is found.
+[9:12] The common scenario is your partner creates a macro file to tell you, yep, I have all of the files, and then you go and pull all of the files now so that,
+[9:22] you actually know you have all of them.
+[9:24] That doesn't mean that they'll be moving together, and we'll discuss that.
+[9:28] But it allows better control so that pool is not only tied to a scheduling or APIs, which is the old ways, but now you also can do it from inside of or out.
+[9:40] Scenario two and three are just are working on how to get data that is received with the first connection
+[9:49] or calculated on the first connection. For example, the date on the first connection
+[9:54] and preserved throughout the whole routing, including sending it with the published to account out. And scenarios four and five are actually
+[10:03] are the
+[10:04] ability to control what happens inside of the route
+[10:09] by based on what happens in every single step and creating a flowchart operation where you decide what can continue and what cannot stop. In order to achieve that, SD had a few enhancements in a row.
+[10:24] As long as you are running SD five five release from February year or newer, you have all of those pieces.
+[10:32] If you're running something older,
+[10:34] well, go update. A lot of the staff is, well, the staff we'll be talking about is actually from earlier and from last year.
+[10:42] So you might have pieces of it. What I'm sure about is that the latest pieces came in early this year or late in December
+[10:50] last. So by now, considering it's August, pretty much everyone should be on the proper releases to actually be able to use that. So with that being said, let's talk about the con the first of the scenarios, which is the conditional pool.
+[11:04] In the classic STF that you already used to, there are two ways to invoke the pool. One of them is by a scheduler.
+[11:11] Cronjobs helped a lot there, but still a scheduler.
+[11:15] Or by using the API.
+[11:17] What was added is an additional step
+[11:21] in advanced routing that allows you allows ST to pull
+[11:32] in
+[11:33] spite of a step, in the sight of an advanced routing.
+[11:38] Common scenario, you go to a partner site,
+[11:42] you download
+[11:44] a file that says something dot ready, for example, you know, telling you that they are ready to go, and then you go and pull all the other files. So that way,
+[11:53] you don't need to look for all the files every three hours,
+[11:57] Or
+[11:58] it it it be or as you will see, because you actually can reset both the download folder and the download pattern,
+[12:07] this file that they left there,
+[12:10] you they can use the name to tell you what file to look for or what the other file might be. This also can be used for something like,
+[12:17] your back end application uploading a file to tell you they're ready to start processing, at which point you start going pulling from someone to start pushing to them,
+[12:26] or any operation like that one.
+[12:31] The basic idea is moving the ability to actually call pull from inside of a server. And with that, I'll stop sharing my presentation and move to the live server. And while I'm doing that, any questions
+[12:45] so far?
+[12:54] Nope.
+[12:55] Okay.
+[12:55] So
+[12:56] browser.
+[12:59] So this is the mailing list. I didn't update it on purpose because this is what I built everything based on.
+[13:04] I was thinking of putting it to July 1, but it doesn't have anything that I need for this presentation. So I left it on May release. I also have a February release server that I'm using as a client or as a receiver,
+[13:17] that we can look at things
+[13:19] if needed. So
+[13:22] our scenario
+[13:24] that we're building,
+[13:26] I can see a raised hand.
+[13:29] You're the way, Sharia? Yep. Go ahead. Can I ask you a quick question?
+[13:34] So Yeah. Is this One moment. Replacing
+[13:37] replacing the business rules?
+[13:39] No.
+[13:42] No. It's just an additional step inside of advanced routing.
+[13:47] So can it be used for business rules? Sure.
+[13:51] If you think about transaction manager rules, in a way, it can be used for that. Yes.
+[13:56] But it's always part of advanced routing.
+[13:59] It's nothing so what they built is a special
+[14:03] step called pull from partner.
+[14:06] The same place where you can usually push, now you can also call pull. That's all this is all about. This is where it stands.
+[14:13] So for for example, if we pull a file from the partner side
+[14:17] Mhmm.
+[14:18] Or if we want to push a receive a file to partner side and immediately we want to trigger an email
+[14:24] notification to the
+[14:26] recipient that the file has been sent.
+[14:29] Or in our case,
+[14:31] for example, we are pulling a file from our side, and we are sending that file to
+[14:37] different users through email.
+[14:40] Mhmm. We are using a business tool. Can this be done through a routing?
+[14:45] When you say business tool, you mean transaction manager?
+[14:49] Yes. Transaction manager. So we have Yes. You a subscription mentioned there, and we have a file name mentioned there.
+[14:57] So it just trigger
+[14:59] it says just send an email as an attachment to the recipient.
+[15:04] Yep. You can do that out of the box. It has nothing to do with this, though. So
+[15:10] remind me if I forget after I finish with this scenario, and I'll show you what you want to look at. Because we enhanced one of the transfer sites, and we have a transfer site that will do exactly what you want
+[15:21] as long as for the sake basically, sending the file via mail to the customers
+[15:26] the same way as if it was SSH.
+[15:30] So
+[15:31] okay. Cool.
+[15:33] So
+[15:35] okay.
+[15:35] So I just don't want to close the screen I have just opened here. But as soon as I start looking in different places, I'll show you what you want to talk about.
+[15:44] So
+[15:45] the scenario I had built here is pretty straightforward. If a if a file
+[15:50] which is called
+[15:52] something dot ready
+[15:54] arrives,
+[15:55] go and pull from this site, which is my other server,
+[16:00] by
+[16:01] overwriting
+[16:02] by going into the test folder
+[16:05] on the remote site
+[16:07] and using this pattern. Basically, go and grab all the files from the test folder.
+[16:12] You can override the download folder and download pattern, and as you can see, they're yellow,
+[16:18] which means you can do expressions.
+[16:19] So you can actually parse the filename of the file that arrived initially to tell you what to do, or you can do anything
+[16:28] with expression language as as you know and make it very, very flexible,
+[16:33] overriding both the download and a pattern and
+[16:38] and the folder.
+[16:39] If you don't put anything here, it will grab them from the transfer site itself. If you have the transfer site properly set up,
+[16:47] you don't need to do anything here.
+[16:50] The local settings are telling you
+[16:53] where to pull the files into ST.
+[16:57] You don't need the so
+[16:59] this pool will not put the files in the same sandbox where you're working with the original file.
+[17:04] It doesn't need to be the same folder either.
+[17:08] They can go in any folder you want in ST, and because they are pools, they basically are, like, API pools. And if this folder is a subscription folder, this will trigger whatever subscription you have on default.
+[17:23] Okay. Any questions on that? So I'll show you how it works as long as I haven't broken something.
+[17:30] Hello.
+[17:31] Sorry. I asked a question. So for this download
+[17:35] this routing Flula,
+[17:37] how could we trigger this download?
+[17:40] Can we trigger based on the customer download? So meaning right? So when the customer connect and then it try to download the file,
+[17:49] instead of downloading from the, you know, the main box, right, we would like to trigger this advanced routing flow, you know, download from the another back end, you know, as
+[17:59] No. Because
+[18:01] Unfortunately,
+[18:02] no. Because there is no because it's not a synchronous action.
+[18:06] You can start that on the download, but the user download will still be just the file they are downloading. But
+[18:14] this download can be used to trigger another download that brings the file into the server,
+[18:19] and then the customer can download later the file.
+[18:23] Oh, okay. So did this in that case, this routing step is something like the
+[18:28] a scheduled job or frequency. Like, it cannot link with the user download. Right? That direct connection. It's correct. It's not something that is synchronous,
+[18:36] but it's not tied based on time, which watches the schedule is, and it's not API based, which is coming from outside.
+[18:44] It's based on something happening inside of your routing.
+[18:47] It can be because of push failed, for example. If you try to push and on push failure, you know, or something like that, but it it can be a scenario I have here.
+[18:58] Something produces the ready file saying we're ready to go grab the files, so we go and grab the files.
+[19:04] And what I didn't explain here, and I'll show it while I'm here, this is some of the new stuff I was talking about that we enhanced. In on top of every single step, and this is not just for the new pull step, but for every step,
+[19:17] the there is a condition over here for the step itself.
+[19:20] And, also, you decide if you want to proceed on success or error. This will become important on the next scenarios,
+[19:29] not on this one because this one is pretty straightforward.
+[19:32] Because this is what will give you the orchestration,
+[19:35] and because you can catch the result from the previous step,
+[19:39] you can do the next step conditional on that. But I'm running a little early for that.
+[19:44] One note again for the pool for partner for now,
+[19:47] it only supported for the four standard protocols.
+[19:50] The reason for that is pre is just technical. Those are written differently from the plug ins.
+[19:55] If you require that to be working for any of the plugables
+[19:59] plugable ones like ST or something, please open an idea in the ideas portal so R and D know
+[20:05] which protocols are required to be done next.
+[20:10] And it is David. Tim's here from, Link Group. Just a question about how does
+[20:16] Secure Transport detect that file as to dot ready on the client side? Does it poll that endpoint on a on a time basis?
+[20:24] You
+[20:25] can do it on a time basis. Basically, this is just a route. So you need to subs to tie to a subscription.
+[20:32] On the subscription, you can have a standard scheduler,
+[20:35] or the user can upload the file, or you can use the API to upload the file. Mhmm. You know? It doesn't matter. In this case, I don't care. Oh, I'm caring that the file arrived and they built the subscription.
+[20:47] But you also can't do it unconditionally
+[20:50] on every upload when the file arrives. You can't do it if a pool fails, you know, with the conditional route. This is old stuff. That's why I'm not covering it.
+[20:59] The
+[21:01] point is
+[21:02] that
+[21:03] at the moment,
+[21:04] as you know,
+[21:06] before this change happened,
+[21:08] you could with the file, you could go into STM, process the file, but then you couldn't read back out into the server to tell it to do something. Right? You you you could do it with an external script calling the API, but that was about it.
+[21:22] So this is a easier way to do it. And that's not something that everyone will use, and I understand that. Right? We all understand that. But it's one more way to do pool, and it might be useful.
+[21:35] If you have back end application that says I can't you cannot send me files between eight eight and five,
+[21:41] you know, that might be a good way for them to tell you when they are ready or if they get overloaded or something.
+[21:48] So
+[21:50] k.
+[21:52] Was there another question?
+[21:54] I think I saw a hand going up.
+[21:59] So, Sharia, the transfer site you want to look at is called
+[22:06] yay yay. And we'll go and check on that in a second. Let me just finish what I was asked earlier about how to send the email stuff. So there is one over here that is called
+[22:17] system to human.
+[22:23] This checkbox, this is the new thing. You actually can send the file as a attachment,
+[22:29] and you can use this transfer site pretty much the same way you're using SSH transfer sites. So if you're trying to send your files out to the your partners via email,
+[22:39] use this transfer site.
+[22:43] And
+[22:44] there is also a variable that tells how big the files should be before you stop sending them.
+[22:50] You know? Don't please don't send one gigabyte files.
+[22:54] Please don't send one gigabyte files. Bump it.
+[22:57] I'll see. So sorry. Can you just show me the transfer side again?
+[23:02] System to human.
+[23:04] System to System It's to
+[23:06] already on the server. It's one of the old style ones, so it's always on your server.
+[23:12] Cool. Thank you. Good to know. Yep.
+[23:15] Yeah. That that so we always had that one, but it could only do attachment.
+[23:20] So it only could do a link.
+[23:22] What they changed
+[23:23] last late last year is they now allow you to send the file itself as an attachment,
+[23:28] which, you know, it's exactly your use case.
+[23:31] Okay.
+[23:32] And now so
+[23:34] to go back to the what the question was, was how I triggered that? Well,
+[23:40] I just do a pull from a site that I have the ready file on. Let's make sure I hit.
+[23:47] Hold on a sec.
+[23:51] No. Live presentations
+[23:53] can be a little.
+[24:00] So any other questions while I'm making sure that they have already filed for?
+[24:13] Nope.
+[24:21] And do we remember where I'm pulling from?
+[24:24] Okay.
+[24:27] Let's go check that.
+[24:36] So I am going
+[24:37] to my
+[24:39] folder folder, download folder from the to the download folder.
+[24:46] And then
+[24:48] so here on the download folder,
+[24:50] I do have already file.
+[24:53] Right?
+[24:55] And then it will go and drop the file from here
+[24:59] and ignore the name.
+[25:01] That's why I have some renames. Okay. Let's go and run that.
+[25:22] Okay.
+[25:25] So
+[25:27] now tracking let's see if my team is up and running. It should be.
+[25:32] So it found the two files because I have an unconditional looking for it.
+[25:37] If we get if I did that correctly,
+[25:40] nothing should happen
+[25:41] for one of the files.
+[25:45] Okay.
+[25:46] See? That file weird file with the weird name is now coming.
+[25:57] And if we go to the server lock
+[26:13] Way too much server lock as usual.
+[26:16] Here is where the pool files
+[26:19] went through.
+[26:22] And then
+[26:24] it went here to find the single file
+[26:27] and to graph.
+[26:29] Questions on this one?
+[26:38] Anything in the chat? Let me see.
+[26:41] Okay. I'll come put sync links in. Okay. So any questions on this one? Anything unclear? Anything you want me to show you more before moving to the next one? Essentially, what happened here, my routing was set up. There was a single route
+[26:54] over there. Two files arrived.
+[26:57] This one was the one we are waiting. This one's a different one that I didn't have a route for. You can have your own route for it if you need. You know?
+[27:05] Alright. We have both already.
+[27:07] And then because the file was ready, it initiated another pull. And as you know,
+[27:13] inbound server, that's another pull that was not scheduled, but kept on because the correct file arrived.
+[27:22] Questions?
+[27:29] Nope. Okay. You know what? I'll just share my whole screen for a second because
+[27:35] I want to switch between the presentation
+[27:38] and okay.
+[27:41] Okay.
+[27:43] So
+[27:45] on the next one,
+[27:48] as you know, you can send email notifications
+[27:51] when the file arrives, or you can use the or
+[27:57] or use the time or the timestamp or the the the
+[28:02] time of the event to rename a file and so on. But what happens if you have long operations? For example,
+[28:11] you have a PGP decryption
+[28:13] and you have something else longer happening or some custom step that takes a lot of time. By the time you call timestamp, timestamp is now different. So the only way to preserve the initial timestamp or date or something else from the very beginning
+[28:29] will be to save it somewhere.
+[28:31] And the only place where you have where you can save things, unfortunately,
+[28:36] ends up
+[28:38] the file name. So you start packing it on the file name, and I know we all have played that game, but it's very annoying, especially if you need to do PGP encryption, for example,
+[28:48] because PGP encryption requires the file to be with the proper name inside of the PGP archive.
+[28:54] And then if you had tackled something that you want to carry, it becomes a nightmare.
+[28:59] So what we created,
+[29:00] what we added is a new step,
+[29:03] which is pluggable. You need to download it, actually, from our support site.
+[29:07] But what it allows you to save a parameter
+[29:10] and use it later in the route, either to rename something
+[29:16] or to put it in an email. So if you have encryption
+[29:20] followed by, say,
+[29:24] a push,
+[29:25] you can save the time when the PGP encryption starts,
+[29:29] then save the time when the PGP encryption ended. And then at the very end, when you send the mail to the end user, you can tell them when the file arrived,
+[29:38] when the PGP encryption started or ended,
+[29:41] and what happened after that. If you are doing pushes to three different sites,
+[29:46] you can also use that to determine and to keep track of when they are scheduled. With pushes, it's easier because as we know, they go into their own event, so you can actually see them on the tracking table.
+[29:57] But
+[29:59] and it doesn't need to be dates. I'm working with dates here because it's easier to explain and show things than anything else.
+[30:07] But that is valid also for pretty much anything you want to calculate that
+[30:12] any elements that are changeable.
+[30:15] For example, if you do two if you do a rename or if you are pulling a file from inside of a zip file or from inside of a PGP file, preserving the names can become a problem, especially there are multiple layers. As we all know, we have target, we have current file name, we have encrypted file name.
+[30:33] But, for example, if you receive a ZIP file that was PGP encrypted,
+[30:39] and then inside of the PGP encrypted, there was another ZIP or there are multiple levels of ZIP, you're going to lose some of the names of those files because we just don't have enough variables.
+[30:49] What this this step allows you is to save the fire point user late.
+[30:55] And back to the live server.
+[30:59] Okay.
+[31:22] So the scenario I'm building is pretty straightforward.
+[31:30] Oops.
+[31:31] Wrong one.
+[31:34] In it, all I'm doing is to catch the time
+[31:39] of the arrival of the file.
+[31:42] And then when I send the file to the partner, I'm using that time.
+[31:51] To
+[31:52] put it in a special file that I sent as a trigger after the file goes out. So I send the file to the end partner, whatever arrives, and then I send them a second file which contains
+[32:06] the, parameter itself, the parameter I saved.
+[32:10] And, again, I'm doing that with the date
+[32:12] because it's easiest to test, but it can be anything from the environment.
+[32:17] And it I use a trigger file because it's easier to see. I don't need to go to the mail client and wait to see if my mail server will decide to work tonight or not, which,
+[32:26] you know, test systems can be a little funny sometimes this way, especially when all the ports are closed.
+[32:33] But it can be done for anything. You can send the and if you had never used the outbound trigger file, the way outbound trigger files work is that it's sent only if the push succeeds.
+[32:49] So any questions here?
+[32:53] Or,
+[32:54] and here, what we're doing is we're setting the flow parameters on failure. I want it to stop because if I cannot set the flow parameter,
+[33:02] I don't want to send the file either because it's important apparently in my scenario.
+[33:07] Otherwise, it's super safe. We're not playing a lot of that. And if you look at my all of them are always running, so I always want the two steps or nothing interesting. The only thing we're doing is setting a variable.
+[33:19] The five scenarios are the four scenarios I have outside of the pool. Pool itself was a little out again, but those four that we're gonna talk one after another now
+[33:28] are kind of building on top of each other. So it was showing to different things that the server now can do,
+[33:34] which
+[33:35] are building blocks. And then the very last one will let you use every single one of them to build a full blown orchestration.
+[33:43] So for this one,
+[33:52] is this this one or the other one?
+[33:57] This is the one.
+[33:58] So,
+[33:59] it's in the send date folder.
+[34:02] As long as the file arrives, it get pushed out to the other server,
+[34:05] and then the follow-up file is being sent. My other server, as I mentioned, is this guy over here,
+[34:11] and the files will be uploaded
+[34:13] over here. I already have one date, so I will just delete the old file that I was testing with during the previous run of this thing.
+[34:21] And then I'll go and upload the file.
+[34:26] And while I'm uploading files around, questions,
+[34:29] anything you want to ask here, anything unclear,
+[34:33] anything
+[34:34] at all?
+[34:41] It's a very silent group.
+[34:52] That loss of information to consume, so we are just consuming slowly.
+[34:57] I know. And I know I'm and that's why I have screenshots for all of you on the presentation.
+[35:03] And I'm trying to go as slow as humanly possible,
+[35:06] but, know, I have only ninety minutes, and I want to show you a lot of text today.
+[35:14] Okay.
+[35:15] Upload the file. It doesn't matter. It's unconditional, so let me just pick an interesting file.
+[35:23] Okay.
+[35:26] And
+[35:27] if I didn't mess up somewhere
+[35:32] oops.
+[35:33] Sorry about that.
+[35:36] If I don't didn't mess anywhere,
+[35:38] they should show up over there. So here is my
+[35:43] file, the push, the successful push, and here is the trigger file. And if I open the trigger file,
+[35:53] you can see the date. And I know perfectly well it's not the correct date for you guys, but that's the date on the server.
+[36:01] And if I go to the admin UI,
+[36:05] oops, file tracking,
+[36:09] you can see
+[36:11] the nine g p g going out,
+[36:14] and you also can see the timestamp that actually matches what I have in the file.
+[36:19] Right?
+[36:20] Of course, this time is when the server thinks the file arrived. As you can see, it's ten
+[36:26] 03:18.
+[36:27] That's a bit later because this is the time when the step triggered,
+[36:31] right, inside of the step. But it still is earlier than when the file actually got pushed out, which is when
+[36:37] the
+[36:38] dates file was created to start with.
+[36:42] Makes sense?
+[36:43] A little bit?
+[36:48] So, again, I'm doing it with the trigger file because I I do MFT. I prefer to send files around. But this variable
+[36:56] and I didn't even show you how the variable is set, so oops. Sorry about that.
+[37:03] Running a little bit fast here.
+[37:06] The way you set the variable
+[37:09] is
+[37:21] is you pick whatever name you want,
+[37:24] and you just put whatever expression you want. Here is my date. You can also do email. You can do a conditional here. This is and, you if you want, what, more than one, you can do the, one after another, separate lines.
+[37:38] And you can specify what will happen if they're already there, which will be important The next example here, it didn't matter,
+[37:45] unless you want to just do override. If you do just override and this doesn't exist, it will not get set.
+[37:51] But you also can use it to override standard variables that are inside of the routing,
+[37:57] almost any of them.
+[38:00] Just pick up the correct name, account dot email or whatever.
+[38:04] And, that way, you're using it for anything you need to. And once it is set,
+[38:11] it is fully usable.
+[38:13] You can use it in any of those email notifications over here, or you can use it on the next steps.
+[38:20] Both for,
+[38:22] what I did here was to use it inside of the trigger, but you also can use it as a condition,
+[38:28] and that we'll be doing it later as well. Or you can use them for finding the transfer site name if this is what you want to do. And anywhere where we have expressions, this becomes the same way how you can use account dot name. You can now use your own variable inside of your Outlook.
+[38:47] So questions on this one before I move to the next step of this exercise?
+[38:57] Nope.
+[38:58] So this was interesting. Right? We're sending them to someone else. But how about the very common scenario
+[39:05] where
+[39:06] a user called Annie uploads a file,
+[39:10] the file get delivered to a second account, and the second account pushes the file or does something with the file, or the second account downloads the file. How do you notify Annie that the file got picked up? So
+[39:23] let me restate that because I messed up my own email. I won't have what I'm doing.
+[39:29] One user uploads the file.
+[39:31] It gets delivered account to account, published to account to another account, and the other account downloads the file.
+[39:38] At this point, we want to send an email to the original user that uploaded the file to tell them the file was picked up.
+[39:45] How do you do that?
+[39:49] Here is the problem. You are now in the second
+[39:52] second subscription.
+[39:54] Right? You're on the second account, so all of the email variables belong to the second account.
+[39:59] So the original account email is nowhere to be seen.
+[40:02] So how do you send back?
+[40:05] Does this screen give you an idea? Set the variable.
+[40:08] And
+[40:10] when we do publish to account,
+[40:13] any variable
+[40:14] you set inside
+[40:16] of the regional route
+[40:18] will get moved
+[40:20] to the routing
+[40:22] to the
+[40:25] routing on the second account,
+[40:28] including for later purposes like downloads.
+[40:32] As you know, inside of our subscriptions,
+[40:35] and that that's how we actually do this trick. Inside of our subscriptions,
+[40:41] we have this flow subscription attributes. If you have never used them, they are very useful and so on, but they are also hard coded inside of the subscription. So what can happen when you do publish to account,
+[40:52] all of the flow subscription attributes of the original subscription are automatically
+[40:57] added to the flow parameters
+[41:00] on the second subscription where you published into as long as you trigger the subscription.
+[41:05] Right?
+[41:08] And that applies not only to the hard coded ones, but also
+[41:12] to the ones that are coming
+[41:14] that were added within this new step. So the scenario I will show you is exactly that.
+[41:21] One user uploads a file, the file is published to another account, and the other account downloads the file. And at this point, we will see the variables from the original
+[41:30] subscription
+[41:32] showing up in the file. I'm not going to send the mail again. No mail server running at the moment, but you can do that back on the mail.
+[41:40] One important part here, and it's very, very important, these variables,
+[41:44] both the flow subscription hard coded ones and these new ones,
+[41:49] are not saved in the database.
+[41:51] They are saved into dot STFS folders
+[41:55] inside of the subscription folders.
+[41:58] So if you're cleaning your dot STFS folders,
+[42:02] they'll get lost. So for example, if
+[42:05] the download happens three weeks later and you had deleted your STFS folder for some reason,
+[42:11] obviously, we cannot see the file.
+[42:13] So
+[42:14] how is that built?
+[42:17] Questions on the scenario?
+[42:25] My name is convention is a little weird here.
+[42:29] So what I have
+[42:31] is two steps.
+[42:36] On the first one, I'm setting the flow parameter by setting again the current date so I can see it on the other end so we we know when the original file was uploaded here. And then the center email, which is hard coded. This can come from a variable.
+[42:49] It can if you,
+[42:51] if this user is authenticated for LDAP, you can grab it from the LDAP email, you know, the variable that arrived as an ldap dot, or it can come from the account or anywhere that is available,
+[43:03] or you can hard code. I hard code because it's easier.
+[43:07] And then
+[43:08] add them at a new override.
+[43:10] If the subscription where this route is called already
+[43:14] have static
+[43:16] variables
+[43:17] with the same names, with add new override, it will override them. So whenever playing with variables, be very careful where what you're overwriting.
+[43:27] Okay?
+[43:28] And then I'm just published to account. And if you look at the published to account,
+[43:33] I'm not doing absolutely anything interesting here besides go to the receiver account, into this folder, and trigger the subscription.
+[43:41] The trigger of the subscription is mandatory because this is what will carry the flow parameters with us. If we don't trigger the subscription, we're not carrying. There is no point of doing it. So when the file arrives on the other end, we'll go and see what we do.
+[43:55] Okay.
+[43:56] And then on the receiver account,
+[44:03] I
+[44:11] have a single route.
+[44:17] So
+[44:18] I have two rules. One of them is with is conditional on the download. The other one is unconditional if it's not the download, which is when the when the file arrives to something. So on download,
+[44:34] I have a re so if it is the client download and the trust transfer status is a success, this is nothing new. This is just the conditional route from way back when.
+[44:45] We're doing a rename so I can use the variable.
+[44:48] So I renamed the file with the email
+[44:51] file instead to to to use the email again just to see the the value.
+[44:57] And in this case, if you don't want to rename, you can just send an email or do whatever. And then I'm publishing the account back into a different into the same folder so that I can see the rename file.
+[45:09] You know how it goes because I'm renaming inside of a sandbox if I want to see if any published
+[45:14] it somewhere.
+[45:15] So it's just a simple rename
+[45:17] when the end the second user downloads the file.
+[45:20] And then
+[45:24] when the other the file arrives originally,
+[45:29] I have another rename, which is to use the other variable.
+[45:32] This is a little bit more complicated than it usually will be for anyone. I just wanted to show
+[45:38] two different variables
+[45:40] showing around so you can see. So here, I'm using the other one just to rename the file in a different way.
+[45:45] Both of them are doing the same thing, but on different operations. One of them is when the file arrives unconditionally.
+[45:51] The other one is when the file is downloaded from the end user.
+[45:55] So shall we try how that goes? While I'm logging with the correct users, any questions on that?
+[46:07] Nope. Okay.
+[46:11] I just want to log in as my receiver and make sure I don't have files that will trip us.
+[46:17] And then we'll go and
+[46:20] trigger the tank.
+[46:34] That's the only one I don't want here.
+[46:37] The date ones
+[46:39] are not a problem because it's a different date. Okay.
+[46:43] So
+[46:44] log out and log in as my original account.
+[46:48] So what we'd expect to happen is when we go back into the receiver after this is to see the
+[46:55] file named with the date.
+[46:57] Right?
+[47:08] File.
+[47:10] Pull the file.
+[47:17] As you can see, I've been doing that for a while here.
+[47:20] So if
+[47:24] we look at what is happening in the file tracking while we're waiting for everything to go,
+[47:30] Here is the upload, the STP upload, followed by the AMI outbound. This is the publish to account.
+[47:36] Right?
+[47:38] This is the inbound of arriving into the receiver,
+[47:43] followed by the routing
+[47:45] of the file now with the date. So if I go as the receiver again,
+[47:50] log out, receiver.
+[48:17] And here is today's file.
+[48:20] Right?
+[48:22] So now I can download any of those files. So can I download all of those files? The answer is, well, maybe.
+[48:29] And here is where the point is. I don't know if any of my other files you have is this dot STFS because it's a test system. So I'm going to download this file, and what I expect is after I download it for it to be renamed to the email. Right?
+[48:44] So download.
+[48:49] K.
+[48:50] Refresh.
+[48:53] And we hope it works.
+[48:58] And
+[49:00] here is our file.
+[49:02] Got renamed because the end user downloaded, and this is the email that is hard coded all the way back when the other account uploaded the file.
+[49:13] And if I can rename to it, I can use it also to send an email back to annie dot top test dot com to tell her that the file was picked up from the end user.
+[49:24] Okay. Questions on this one?
+[49:35] And here is the outbound user. There's the download
+[49:38] followed by the routing because we went into the routing, the standard inbound outbound outbound inbound for the routing.
+[49:45] Publishing back to back to the folder with it. So
+[49:49] questions?
+[49:52] Yeah. I have a question.
+[49:54] Yeah. So
+[49:56] just giving you a scenario. So for example,
+[49:59] my one of my users upload a file,
+[50:02] and that file goes to a
+[50:05] not the user, the second user. Yes. Then the second user reprocess the file.
+[50:11] And Yes. After the reprocessing,
+[50:13] I have to distribute this file through an email.
+[50:17] Can we achieve these things with the routing?
+[50:19] Yes.
+[50:21] So
+[50:22] and I will show you what so that's exactly the scenario here except that I download it manually as opposed to sending to people.
+[50:31] You know? So,
+[50:32] in the receiver account
+[50:39] come on.
+[50:40] In the receiver account, remember that I had two rules. One of them, it's saying what to happen on download, but the other is what to happen when the file arrives.
+[50:49] Right? So so what's the receiver you're
+[50:52] referring to? Receiver and the sender? Receive I'm sorry. Receiver is my second account. The one that I pushed the file in to send the file to originally.
+[51:01] So account Annie uploaded the file, and the file went to receiver, and the receiver is the one downloading
+[51:08] in my side. Who is the sender in this case your case? Annie.
+[51:15] Account called was
+[51:17] yeah. The account called Annie.
+[51:20] Oh, yeah. Yeah. Annie. Annie is uploading the file, and the receiver is the recipient of the file. Yes.
+[51:28] Okay. And on and on the recipient over here, where I'm just doing the rename
+[51:34] come on, open. I'm doing just the rename over here and then publishing it back.
+[51:39] You can instead push the file here to anywhere it needs to go.
+[51:51] So you do send,
+[51:52] send to partner and select the trust site,
+[51:56] which is from the type system tool
+[51:59] with human.
+[52:04] But you don't need to go through a second account. You can do it from the first one if you want. But if you want to do it from the second, this is where you process.
+[52:13] We we do from the first account because
+[52:17] Yeah. Single account is always better.
+[52:19] Yeah. If you do it from the first account, you don't need to do anything special.
+[52:23] You just set it up the same way you'd send the SH push.
+[52:27] So
+[52:28] the system to human is just a transfer site just like, any of the others.
+[52:34] So if you create one, I don't have one in any of my accounts because I don't use it for anything for these examples.
+[52:40] But it when you create it,
+[52:43] it will show up in the list, and then they send to partner with you just to pick it up. So you just do an unconditional route, and if the file arrives,
+[52:50] go and send it over there. Can you set up ever advanced routing to send to SSH?
+[52:58] Sharia?
+[53:01] Sorry?
+[53:02] What's the question?
+[53:03] Sorry. Can you ever send
+[53:06] can you ever set up advanced routing to do a push to SSH?
+[53:12] Yeah. We do the most of them SSH.
+[53:14] Yeah. So instead of selecting on SSH side, you select the system to human side. That's that's it. Nothing else needs to happen.
+[53:24] Yeah.
+[53:25] I noticed that once you mentioned earlier, so that's a good good option.
+[53:30] Mhmm. Okay.
+[53:31] Okay.
+[53:32] Any question
+[53:33] on
+[53:34] the whole moving of parameters around the account and sending mails back to the original sender and stuff like that that I just showed you.
+[53:52] Just look at my chat
+[53:54] quickly.
+[53:55] Actually, I cannot.
+[53:57] Okay.
+[54:00] Okay. If there are no questions so that those are scenarios two and three. I never came back to three
+[54:06] to to the PowerPoint for that just because it was easier to just stay on the server. But, basically, that's what we did,
+[54:13] having the data from one account and one subscription move to another. What happens if this one publishes to a third one? They all come with them. Basically, they belong to it now, so they keep moving. So you can daisy chain them a lot. The common scenario when I see things like that being used is when you have one account pulling from somewhere and then distributing based on file name or based on folders
+[54:37] and distributing into secondary account, then you can notify the original
+[54:42] puller that the file was downloaded or pushed successfully
+[54:46] or, whatever happened to it. In my case, I did it with the download because it's
+[54:52] not automatic. It can happen days later and the variable is still there, which is what I wanted to show you. But you also can use it to as a mail after a successful push
+[55:02] or after a successful processing in the second account or whatever you need to happen on the second account.
+[55:09] Okay. Questions?
+[55:13] No?
+[55:15] Okay.
+[55:16] So the next one,
+[55:17] is a little bit more
+[55:20] MFT related or, let's say, more on the managed part of the house.
+[55:25] And,
+[55:26] how often do you have a partner that calls you and tells you, oh, by the way, I I will be migrating to a new system, but I don't know when. So if I start stop responding, send to the second site instead instead
+[55:40] of the first one.
+[55:41] Or how often do you have someone calling you and telling you, have two servers, And usually, the first one is up, but if it is down, send to the second one.
+[55:52] I don't know about in your world, but it happens
+[55:55] occasionally.
+[55:57] And
+[55:58] this and it can be the second one can be on that list belong to the partner,
+[56:04] or you might use it to just send back internally for prep pop up for
+[56:09] processing again
+[56:11] or to another group just to tell them this file couldn't be delivered. Go do something about that.
+[56:16] Until now,
+[56:18] we actually already had two options in STU. One of them is there is the alternate addresses on the transfer site itself. So if the protocol is the same and everything is the same, you could just put it there, but there wasn't the control of which one is we used when.
+[56:35] And if something was going wrong, you never knew where it went, but it was usable for things like Doctor
+[56:41] or when they call you and tell you they'll be migrating.
+[56:44] Other option, of course, was to stop on error, as you know. However,
+[56:50] if you stop on error, you couldn't do anything after that.
+[56:55] So that if the first fails,
+[56:59] the problem is that in this scenario, you want to continue on error, but stop on success. And the old routing didn't allow you that. The past routing before the last changes didn't allow you that. So the scenario we're building is
+[57:12] when
+[57:13] a file arrives, we try to push to one place. If we cannot, then we push to a different place instead. But we don't do the send to the fur to the second place if the first one succeeds.
+[57:27] Okay. Any questions on the scenario?
+[57:35] I need to go back to my on the account.
+[57:53] And I call it backup server.
+[57:55] It's actually alternative server or something like that. You can call, you know, the the and it doesn't even need to be both sent to partners. You can also do
+[58:06] if PGP fails, do something, you know, all of that.
+[58:09] The way it's built here is just to give you ideas of what you can do. Almost everywhere,
+[58:15] one step can be replaced with a different kind of step. So your scenario might be if the PGP fails,
+[58:22] then send
+[58:23] the file to somewhere.
+[58:26] And, also, they can try to process differently,
+[58:28] or if you try to unzip and it's not a zip to something else and so on. So in this case,
+[58:34] what
+[58:35] I'm doing is
+[58:39] opening.
+[58:40] So first, it's a very straightforward
+[58:43] send to partner, continue both on success and on the failure. Technically speaking, I don't need to proceed on success because I know I don't want to do the second send. But if I have a third step at the end
+[58:54] or if I want to do email notification
+[58:57] and so on,
+[58:58] continue into the route makes sense. So I'm building that as if there will be more steps under the center partner,
+[59:04] even though in my case, it will be easier. So the first one, nothing special here. Just send the file into the success one folder.
+[59:12] But on the second one,
+[59:15] I'm going into the step
+[59:18] and
+[59:19] oh, come on.
+[59:21] I will only con this one will run only if the previous step,
+[59:27] the preceding step exit status is a failure,
+[59:30] which means that if the previous one succeeds, this one will never trigger, so nothing will happen. If the previous one fails,
+[59:38] this one will continue. I, again, put continue on proceedings and server,
+[59:42] and I'll send into the errors folder. It's on the same server because I have only one to play with, but, it's in a different folder.
+[59:50] Or it can be totally different server and protocols. Don't forget. It doesn't need to go to the same place. You can be sending to one partner and then forward to an internal group. For example,
+[60:01] you try to send to the external partner, and if it's failing, you send to the internal users that actually own the file.
+[60:08] And this is the new thing that we added is the ability to track the previous steps.
+[60:13] So that every steps, you can actually now check
+[60:16] what happened in the previous step and they act based on that. In this case, I also proceed also on step on failure and success,
+[60:24] which means that if I add more steps here, for example, more sent to partners or published to accounts or
+[60:30] any custom steps,
+[60:32] they will they will also be able to see and they'll continue. So if this one fails and this one succeeds,
+[60:39] then it will be a success at this point. So the next step but because both of them continue both on success and error, the next step will always execute, and it can be conditional or not.
+[60:52] Questions on that while I'm showing you how it works?
+[61:01] Questions?
+[61:02] Nope.
+[61:03] I know it's a lot of information.
+[61:06] Okay. I need to log in back. Yes. Annie.
+[61:25] The way I had set it up at the moment is that my first push will fail. The second one should succeed.
+[61:43] I think I didn't pick up a big file.
+[61:46] Nope. It's small one. Okay.
+[61:48] So let's go check what the tracking table is doing.
+[61:55] So here is my first failures are happening.
+[61:58] I had put it to have only
+[62:00] one retry because I didn't want it to wait.
+[62:05] And then here is it going out.
+[62:08] And if I look at here,
+[62:11] the
+[62:13] remote folder on the failures is success one.
+[62:16] While on success,
+[62:19] it's errors as I ask you to be.
+[62:24] Questions?
+[62:30] Did I lose everyone?
+[62:37] College is cold. No. No. No. You're we did.
+[62:40] Okay.
+[62:41] So that was interesting. The file went somewhere. Okay. So here is an exercise for the whole group. So
+[62:49] at the end, a mail will be sent or you'll see a you know, that that the success went out. Right? The file went somewhere. If the file if the whole thing ends up in an error, you know that none of them worked. That's an easy job. Right?
+[63:03] But if the
+[63:04] it ends up in a success.
+[63:06] So if you have a mail notifications
+[63:08] on the whole package that says on success,
+[63:11] notify me to tell me the file went out,
+[63:14] where did the file go?
+[63:17] It could go to server one or server two.
+[63:24] Anyone try to guess?
+[63:28] We don't know. Right? The logs.
+[63:31] Well, you check the logs and then But we can get it from metadata attributes.
+[63:38] Which no. There is no parameter for that,
+[63:43] unfortunately.
+[63:45] Or if you're sending to three different sites, how how
+[63:48] do you know where it went?
+[63:50] The answer is that you cannot know, unfortunately.
+[63:53] Not in this case. And that's what my enhanced, the last of the scenarios you're doing, that not only sending that way, but also keeping track of what happened. How are we going to do that?
+[64:03] We'll be setting variables. Remember, I told you I'll be building on top of each other.
+[64:08] So the way it's built at the moment, it's going to work perfectly well, and it will be sending the files where it's supposed to go. But if you need to know where it went,
+[64:17] you'll need to do some prep internally.
+[64:20] Now can you check the tracking table? Yes. Can you check the server lock? If you have sentinel,
+[64:25] ADI,
+[64:26] embedded analytics,
+[64:28] MFTOI,
+[64:29] all of that will tell you where it went. Right?
+[64:33] But
+[64:34] what but
+[64:35] how about being able to just send an email
+[64:38] telling your admins that the file went
+[64:41] to this server
+[64:44] without the need to go and check server logs or anything like that?
+[64:50] So
+[64:51] how do you solve that?
+[64:56] By making a little bit of a
+[65:00] so,
+[65:01] if you're a developer,
+[65:02] and I suspect I have quite a lot of developers on on on the on the phone, how would you solve that programmatically?
+[65:10] You'll set the variable you will set the flag and you'll keep or you if you're a database admin.
+[65:14] How will you do that? You set the flag, and then if something succeeds, you'd raise the flag success. If something fails, you put the file on error. Right?
+[65:24] So we'll do exactly that.
+[65:27] So what I'm doing is I'm setting code I'm setting two flow parameters. We're just initial initiating values for them. Then I'm running the first of the pushes.
+[65:37] Then I'm setting a variable,
+[65:39] and I'll show you inside of the conditions.
+[65:42] Then I am doing second one, then second four parameters,
+[65:47] and then I'm publishing to account the file
+[65:50] by renaming the file with the two variables. Again, this might be a mail or something at the end. I'm just using publish to account because it's easier for me. So at the beginning, on the set flow parameters,
+[66:02] because I'm a developer, I always initialize my initial
+[66:07] ize
+[66:07] my variables
+[66:09] because I don't want to be trying to figure out does it exist. Is it no? So I'll just create both of them with no
+[66:16] or error or not going or, you know, some value that I know. That means
+[66:21] I didn't send to this server.
+[66:25] Right?
+[66:27] Then I'm doing the push, not in case, think inside.
+[66:31] Then on this flow parameter over here,
+[66:35] I'm doing
+[66:37] if the previous step is success and the previous step is because it was unconditional push, the previous step is the first push,
+[66:44] set the main server to yes at this point. Raise the flag. I sent to the main server.
+[66:50] Okay?
+[66:52] So far with me?
+[66:54] And don't forget here that you need to always either oops.
+[66:59] Either use override or add new or override. If you do add new, nothing will happen because the variable already exists, because I already set it earlier.
+[67:07] Then on the center partner, can I use the same condition as before? Can I look at the previous step again?
+[67:15] I cannot because what the previous step is now the set the set parameter.
+[67:20] It's not the previous push.
+[67:25] So instead,
+[67:26] I'm checking if the main server is still no.
+[67:29] If the previous exceeded time, yes, I want to only run here if the previous is not given from, so I change what I'm doing.
+[67:39] Then pretty much the same thing I did for the previous parameter, but now for the second server. So if the previous one is a success
+[67:47] and the main server is a no, because that's what my scenario. If I just use the previous as a success,
+[67:53] the previous of this one is
+[67:56] either
+[67:57] the set to partner or the previous set flow parameter.
+[68:01] Because because this one is a conditional,
+[68:04] if it didn't run through here,
+[68:08] there is no exit.
+[68:09] So
+[68:11] be very careful what's preceding of what.
+[68:14] Now, technically speaking, I have kept the proceeding here because both of them are conditional. They don't turn against each other.
+[68:22] But I
+[68:23] building your own logic sometimes can trip you, and
+[68:27] that's pretty much showing to you that you have other options. You don't just need to use the preceding step. You can use a variables we already set.
+[68:34] And then on publish to account,
+[68:37] I'm just renaming the file to use the main server followed by the, backup server.
+[68:44] And if everything is done correctly and to what what I think it should do, it will be one no. Yes.
+[68:50] And, again,
+[68:52] this can be used for
+[68:54] putting them in email, for conditions,
+[68:56] for the next processing, or whatever you need to do.
+[69:01] But that's how you keep track of where we went to
+[69:04] if you need to. And I'm doing it here with only two steps, but if you have a lot of steps, you can actually build your structure for each of the steps, and that will tell you perfectly well for your emails where exactly it failed.
+[69:19] No.
+[69:20] Any questions?
+[69:25] I'll go and upload server. Alright. Server file.
+[69:39] Did someone notice where I'm publishing in
+[69:43] the test?
+[69:48] Oops.
+[69:52] Let's do that again.
+[70:01] The one time I didn't check.
+[70:10] It created the file. It put it over there, but because it's exactly the same file as the previous one, it didn't do anything. So let me do that clear.
+[70:20] It's actually the same file. These two files were the same.
+[70:25] And
+[70:31] here is now the file with the
+[70:34] correct timing.
+[70:37] And I have something else running in the test most likely. Oh, yeah. That's one that
+[70:42] so now I have the two flags up so I know where the file went.
+[70:48] Can you use these variables to send them all the way to Sentinel?
+[71:04] Remember that we have the mapping cover here?
+[71:07] And you have to see, yes. A variable set inside of the routing can be sent to to Sentinel
+[71:12] as long as you have where to house it in Sentinel. As you know, if you find that one of the nonused variables,
+[71:18] you can send anything.
+[71:20] It this was created in order to create to send things like the email, for example.
+[71:24] But, you can also use this send this custom ones if you want to. So in this case,
+[71:30] while it doesn't make much sense to do that for pushes and pulls because each of them has its own event, If you have a multistep transformation,
+[71:38] for example, ZIP and PGP, as you know,
+[71:41] if you go to Sentinel,
+[71:43] you'll see a single event routing failed.
+[71:45] Right? And you don't know if it is the ZIP or the PGP. That will allow you to send information all the way to Sentinel or ADI or whatever you're using
+[71:54] or email,
+[71:56] hailing,
+[71:57] saying
+[71:57] why the routing failed without the need to read to the log files and giving access to end users to your log files.
+[72:07] So questions?
+[72:19] Maria, you have your head, your hand up? You have anything, or is it from before?
+[72:26] Nope. Okay.
+[72:27] So
+[72:29] anyone so and that's the last thing I have on my presentation, which run
+[72:33] it must was my fourth time to it, and it's running a little faster every time as usually happens. So any questions or anything I showed you or anything advanced routing related?
+[72:58] Any questions about ST in general? You know, if you don't have anything on the presentation, I'll take any questions at this point.
+[73:15] Yeah. Hi, Annie. This is Dinesh.
+[73:17] Don't have a particular question about this ST, but, like, in general, this presentation was pretty good. Actually, a lot of value add.
+[73:25] I wanted to understand,
+[73:27] like, this
+[73:28] so many features we are in including in in ST, like, in advance routing condition for the detailed condition routing we we talked about. Subscription variable, we also talked about. So So do we have any plans to include those as part of CG or FM? Because the flows are
+[73:46] being used, you know, in some of the automation that have been deployed
+[73:50] by FM or CG Yeah. In case. I, yeah, I really hope no one asked me that.
+[73:58] CG,
+[73:58] probably not. As you know, we're retiring CG.
+[74:02] We're moving into FM now, so flow manager.
+[74:07] Maybe.
+[74:08] So the answer is that they're not going to have full parity between ST and flow manager.
+[74:14] However,
+[74:15] they're willing to work with customers that require specific
+[74:20] features
+[74:21] to be ported up.
+[74:23] So
+[74:25] the answer is, if you need any of those to be in flow manager, please, please, please tell them by adding an idea.
+[74:33] They need to do priorities.
+[74:37] So and I know that's not the answer that we want, and that can change in a few months. As you know, that's a very
+[74:45] fluid situation a little bit,
+[74:48] but
+[74:52] I'm hoping they'll be adding them. I just don't know what the timeline is and if they'll make all of them. But they're not going to stop creating new stuff for rescue just because it cannot catch up.
+[75:02] So
+[75:05] I is I'll I'll
+[75:07] are all of your accounts behind phone manager?
+[75:12] Yes. Dinesh? Okay. Mhmm. Yes.
+[75:16] Okay. If
+[75:19] something of what you saw
+[75:21] is going to be useful for you, and I'm pretty sure that a lot of it looks useful.
+[75:26] If you have a business case specifically, please log it into ideas.
+[75:31] I'm not sure if they will ever give give up the exact,
+[75:36] full blown possibility,
+[75:39] but at least some of them are probably will become available sooner or later if they have enough
+[75:45] need for it. At the moment, they're basically working closely based on requests.
+[75:50] That's my understanding.
+[75:52] And, again, it can take two to three months.
+[75:55] I will remember for the next session to actually talk to r and d before the session,
+[76:01] so I have a better idea of where we are. It's summer over here, everywhere. Well, not for you guys. I know for most of you, it's winter. But my part of the world, it's summer. No one is working till summer. I cannot find anyone.
+[76:13] So I actually tried to catch up with r and d before the call.
+[76:18] The answer is the same, you know, if you have specific case for key ideas.
+[76:24] So
+[76:26] So do we need to Alright.
+[76:28] Write a a,
+[76:29] sorry, support call for for the business cases or just liaise with the account manager?
+[76:36] No. So we have an ideas portal. So if you go to community,
+[76:41] and Hong Kong will post the ideas portal URL directly as well. But, on the community, there is a link to the ideas portal, which is our new way to for enhancement request.
+[76:53] And that's where r and d are reading it. And you can, upvote someone else's idea, or you can add add your own idea. If you have an account executive,
+[77:02] talk to them as well. If you don't, ask them where the ideas partner is. They can help you with that, or they can act on behalf.
+[77:15] Thank you.
+[77:16] Makes sense. And, yeah. Hong Kong, can you grab the ideas,
+[77:20] portal address?
+[77:23] Yep. Done. It's in the chat box.
+[77:26] Okay. It just showed up. So yeah. So if you look at the chat window, it's now in the chat window. So that's the direct address, but it's also reachable to community.
+[77:35] And, of course, your account executives or Hong Kong, you know, just ping him. They'll give you the address. And if you log in over there, you can see what all the ideas you had added, but you also can search ideas and you can see what other people had added
+[77:48] and add your notes to someone else's idea. You know, it's an enhancement request in the in in the clear. Let's say it like that. Instead of having every customer
+[77:57] thinking aside or not seeing what everyone else is asking. They just open the system for everyone. And that's not just for the flow manager people, by the way. Secure transport is also driven that way. So if you have a feature request for secure transport, for example, the on demand pool is now only for the four parameters. Right? For the four protocols,
+[78:17] HTTP generic,
+[78:19] FTPSSH,
+[78:21] and I forgot the other one.
+[78:23] If you want
+[78:25] other protocols,
+[78:27] please open an idea and tell them what to work on. Now are you going to get it? Not a 100% guarantee.
+[78:34] But that's the enhancement request process at the moment for all of our products on the NFT suite.
+[78:42] R and d of each of the product actually will evaluate.
+[78:46] There's a SLA for them. We know there's a time frame for them to evaluate each of the idea.
+[78:50] And then you can get your colleague or your, you friends and
+[78:54] account executive with an internal x-ray to vote for it. The higher the vote, the higher the chance you will get approved.
+[79:00] And then
+[79:01] and and and one good thing is once you either vote or you create an idea,
+[79:06] the the portal will automatically
+[79:10] update you on the status. If there's any change in state, you proactively let you know, you know, what is happening to our idea, what is the status, has R and D accepted it, or if if they accepted it, is it in the road map, or is it for future consideration,
+[79:23] etcetera,
+[79:24] etcetera.
+[79:26] Right?
+[79:28] Okay.
+[79:29] Thank you, Hohong. And and that again is valid for all of our products. So CFT, flow manager, all of our visibility staff,
+[79:38] ST.
+[79:39] This
+[79:40] that's the way to talk to r and d. They listen to customers more than to us. Yep. And and sometimes you do have some
+[79:48] justification
+[79:49] that is confidential to your organization. Let's say, you know, revenue impact, business impact, you can actually either contact myself or you can contact your account executive
+[79:58] right from X-ray, and then you can let them know we can actually help you
+[80:03] ping the product manager on the background.
+[80:05] Mean I Mhmm. Because they are confidential information that you you are not able to share in the public.
+[80:10] Yep.
+[80:14] Okay.
+[80:15] So
+[80:16] we are on time, surprisingly,
+[80:18] this time. So last questions.
+[80:21] We have a few more minutes, and that'll take pretty much anything ST related at this point or MST related.
+[80:27] I don't know the lottery numbers in any country, so don't ask me for them.
+[80:37] Okay. If there are no more questions, thanks everyone for joining us.
+[80:42] Hong Kong will or someone will be sending you the recording and
+[80:47] well, the recording will be in the link, but there the presentation as well will be included.
+[80:52] And at the back of the presentation let me just show you that very quickly. Sorry.
+[80:56] Just for a second.
+[80:58] So at the end of my presentation
+[81:01] oops.
+[81:04] I have screenshots on all of these scenarios with all of the
+[81:08] variables that I with all the expressions and so on so that you can actually recreate everything in your environment. And for the ones where they're most
+[81:17] hard to see, I actually have them on separate screens this as well, so it just can copy paste.
+[81:23] Just as a warning, if you're copy pasting, please make sure that you clear the quotes
+[81:28] because this was built in Microsoft and my in the in PowerPoint,
+[81:33] and Microsoft PowerPoint is changing it to the clever ones or whatever they call them.
+[81:38] So, you know, but you know all of that. But, basically, I tried to put screenshots for everything
+[81:45] so that,
+[81:47] you actually can refer to that back when you crop the
+[81:53] presentation.
+[81:54] And, it will be as as a PDF, so portable and so on, but you'll have it.
+[82:00] And with that, I think I don't have anything else unless someone has anything.
+[82:06] And I hope that this was useful,
+[82:10] and we'll talk again next quarter.
+[82:12] And
+[82:14] last thing, we we we'll send you a feedback survey.
+[82:18] So
+[82:19] please help us answer the survey.
+[82:21] You know, we do read all your survey and then try to improve each time.
+[82:29] If not, then thank you all for your time today. Thank you, Annie.
+[82:33] Yep. Thanks, Annie.
+[82:36] Thanks, everyone. Thanks, everyone. Have a wonderful day. Bye.
+[82:40] Thank you. Bye bye.
+[82:43] Thank you. Bye bye.

out/880858572/transcript.txt

@@ -0,0 +1,971 @@
+# Transcript: 880858572
+# URL: https://vimeo.com/880858572
+# Duration: 4408s (73.5 min)
+
+[0:02] Group, and I suspect we'll have another one in a few weeks because it looks like we had some communication issues with this one.
+[0:10] So
+[0:13] who wants to start? So if you I don't know if you had been on one of those before, but these are question and answer sessions.
+[0:20] You basically ask anything you need or want to know about ST,
+[0:24] and then
+[0:25] we talk about that.
+[0:28] If you have
+[0:30] if we talk about the topic you're interested in, even if you didn't ask the question originally,
+[0:35] feel free to chime in. Because it's such a small session,
+[0:42] I'll probably just be calling on both of you all the time to see if we are okay and if something else is needed. And, Ryan, you go first.
+[0:50] I have only one request. When you ask the question,
+[0:54] just mention what version of ST you are running and what kind of cluster you are running because it will
+[1:01] help answer some questions. So go ahead.
+[1:05] No worries. Thank you. So I'm from
+[1:09] Queensland shared services.
+[1:11] We have
+[1:12] s t 5.5
+[1:15] with the August patch in sorry,
+[1:18] with the May patch installed, and we're about to go to the August patch.
+[1:22] We have a few challenge we're running
+[1:25] on on premise on Red Hat server with
+[1:31] cluster
+[1:32] with two edges and two streaming to two STs
+[1:37] with active passive
+[1:39] configuration.
+[1:41] So one of the challenges we're facing
+[1:44] in the very near future is the end of support for Red Hat seven. And,
+[1:49] unfortunately,
+[1:50] given that approaching timeline,
+[1:53] we've been
+[1:55] instructed
+[1:55] just to go to Red Hat eight on premise rather than looking at other options.
+[2:02] So I guess,
+[2:03] you know, we did some training earlier in the year and, you know, the containerized versions of secure transport
+[2:10] using Too early for that. Isn't too
+[2:13] early. That's what I was gonna say. It was recommended that it's not being really being considered. Is that still the case?
+[2:20] It's still restricted availability.
+[2:23] Let's say it like that.
+[2:24] So Okay. If you need to go there,
+[2:29] talk to your account executive.
+[2:31] We'll need R and D in the loop and so on.
+[2:34] But for the moment, we
+[2:37] don't really have installations
+[2:39] like that on the field.
+[2:42] Let's say, like So
+[2:44] yeah. If you how
+[2:48] do I phrase this?
+[2:49] If you are looking to build an on premise
+[2:54] streaming
+[2:55] active passive
+[2:57] deployment
+[2:59] with as robust but simple as possible, what would what sort of platform would you be looking at would be your choice?
+[3:10] Just for building it or for running? I mean, it's Red Hat. Right? For
+[3:15] running it. Yeah. For to build a a service that can get us through the next couple of years.
+[3:21] Okay. K. So
+[3:23] the standard installation, I have both normal mode and silent mode, so you can easily install and so on. And you said you're active passive store standard cluster. Right?
+[3:34] Yes.
+[3:36] So I'd just install it as usual.
+[3:39] You know, forget about containers.
+[3:41] Forget about all that modern stuff.
+[3:44] Just install
+[3:46] just install the servers clean on the platforms
+[3:49] on the servers, and then
+[3:52] export your account from the current environment, import them in the new one, and you're back in business.
+[3:58] That will be the fastest and the cleanest way to go. And in addition,
+[4:03] this way, you are going to be on a platform
+[4:06] that have been tested and used extensively everywhere
+[4:09] as opposed to going for containers,
+[4:11] which are restricted availability.
+[4:14] They're actually changing. They're making something that will be called called the cloud edition of ST, which will be a very different deployment wise.
+[4:23] So
+[4:24] if you need to jump now, I would just install on the Red Hat and forget about anything else.
+[4:30] Sorry.
+[4:31] So
+[4:32] CloudST,
+[4:33] are you are you able to expand on that at all? Or
+[4:36] Another one, it's too early. Basically, what they are doing is our containerized
+[4:41] approach will be cloud first, although it will not be just for cloud, obviously.
+[4:46] But the idea is that they're changing some of the architecture that the the way the server is getting set up. So the biggest issue at at the moment, if you take the container approach, the app, which is restrict availability,
+[4:58] What would they have done is just to grab the whole server as is with all the pieces including the database and show it into a single container,
+[5:06] which if you know anything about container, you know that this is not how it's supposed to work. Right?
+[5:12] Mhmm. So they are actually working
+[5:15] on a separate edition, a separate installation, but a separate deliverable that will be specifically for containers
+[5:22] and
+[5:24] and cloud.
+[5:26] This will not be ready on time for your migration, though.
+[5:30] So
+[5:31] if you are waiting for that,
+[5:33] you'll need to stay on Linux seven for mid
+[5:36] next year at the earliest, which is way too late. Right?
+[5:41] So
+[5:43] as soon as they have the details, there will be a separate session, probably a separate user group in
+[5:50] the other in
+[5:51] the other time zones, but we'll talk on this call probably in a few months
+[5:56] when we have more details. For now, it's one of the things coming. It's not out yet. It's not even the sixth availability at this point.
+[6:05] It's in the road map.
+[6:07] So Thank you very much. It's coming.
+[6:12] As soon as there is more information,
+[6:15] there will be enough announcements about that. But if you show up on the next call, which will be well, not the one in a couple of weeks that will be replacing what we do the missing people from this one, but probably early next year, I hope to have more information about it. But to get back to what you are asking, just install it straight. Forget about containers. Forget about anything else.
+[6:37] Just take installation,
+[6:39] configure it, and then move the accounts. That's all you need.
+[6:44] Makes sense? Excellent. Thank you very much. Yes. Thank you.
+[6:47] Okay.
+[6:49] Anything else from you?
+[6:53] No. Thank you. Not at the moment. So just out of curiosity, why active passive?
+[7:02] That's the decision that was made a long time ago before my time, and
+[7:08] I believe we're locked in license wise unless we wanna go to a subscription
+[7:13] license. So that's a that's a whole different
+[7:17] argument that we're having, and it you know, I've been arguing that for two years, and I don't see an end in sight. So
+[7:24] we're just gonna address that risk of
+[7:27] end of support of Red Hat seven. So we'll be maintaining, you know, pretty much at like for like.
+[7:33] I I understood.
+[7:34] I was just curious because active passive is kinda a disappearing
+[7:38] beast, especially in The United States.
+[7:41] Most people are at least active active. So in anytime I hear active passive, I'm like, okay. That's new. That's surprising.
+[7:48] So okay. Well, keep in mind that most of the new stuff, including the cloud edition or whatever they keep call whatever they it's called later, will probably be subscription only.
+[8:00] So
+[8:02] Yeah. I I I'm I'm aware of that, and and that's the way we're we're nudging people slowly. But, unfortunately, it is a very
+[8:10] slow process.
+[8:12] Absolutely.
+[8:13] Okay. So okay. Just install the clean servers,
+[8:16] and, you know, that will buy you some time at least. And then
+[8:22] this will also allow you to wait for whatever comes as containers.
+[8:26] So,
+[8:27] you know, you might actually be in a better shape. How many accounts do you have in this server?
+[8:33] Do you know?
+[8:35] In production,
+[8:36] just over 200.
+[8:38] Okay. Not too bad then.
+[8:40] Okay. Well,
+[8:42] export import works beautifully.
+[8:45] Don't try to do system export import. You will not be able to. So, you know, we have two exports. Right? We have the system export, which is configuration, and we have the account export,
+[8:55] which is the XML file. Only the XML one will work between the environments.
+[9:01] You will need to redo the configuration manually.
+[9:05] We did a fresh build and a migrate when we went from 5.14,
+[9:09] I think, to 5.4.
+[9:11] Oh, and, yeah, basically, we built up a a fresh environment
+[9:17] and had it as, a preproduction
+[9:19] area for testing in that. And then
+[9:21] on the day, just, you know, migrated everything across, switched off the old one, reappointed out load balances,
+[9:28] and switched on the new one. So that's the strategy we'll probably employ this time around too.
+[9:35] Good. That's what I was going to propose anyway.
+[9:40] Excellent. Thanks. See there are a few things that will actually be a lot more helpful for you this time. The scheduler and the folder monitor can be kept down a lot easier now. You know, we have the new buttons for them.
+[9:51] So it will be a lot easier for you to to actually start the whole new environment, including TM, test everything
+[9:57] without the schedulers and folder monitors and so on, and then just turn them on at the time when you need them.
+[10:05] Unlike the old servers where you in order to disable them, you have to change configuration, and you always move up to percent. Right?
+[10:13] So
+[10:14] what but yeah. Okay. Well, good luck with that. Hopefully, it will run clearly.
+[10:20] The one thing I can tell you is that the XML import export is a lot better in five five than it used to be. As in, it's a lot less likely to develop issues.
+[10:31] It still can happen, but, you know,
+[10:34] but it it shouldn't be a problem. And the other thing is depending on how much do you have a lot of user classes and restrictions,
+[10:42] upload, download restrictions, stuff like that?
+[10:46] No. It's a very vanilla install, so it's very straightforward.
+[10:50] If you were sharing, Jenny, I would have pointed out that now we have an API for them, so you don't need to redo them from scratch and all by hand as it was in the old migration,
+[11:01] which is usual was usually the pain. But if all you have is 200 accounts and almost nothing else, it should be fine.
+[11:09] One request,
+[11:10] if I might, I don't know how much traffic you have and so on. Just make sure you don't underpower those machines. You know? Give them enough memory and enough CPU.
+[11:22] Just some general principle. Right?
+[11:24] Thank you. Well, we do have
+[11:27] the example of, you know, the on premise Red Hat seven running the same thing. So,
+[11:33] yeah, we would we do have that experience, and we'd leverage that and and monitor it as we go as well. How much memory do you have on the boxes where the server is running?
+[11:44] Do you know? I can't remember off the top of my head. I think it's
+[11:48] gig on each Yeah. That's what I expected. Bump it.
+[11:52] If you want a recommendation,
+[11:54] bump it up a little bit on the new servers.
+[11:58] Okay. Thank you. Is that specific to Red Hat eight or just a general performance issue?
+[12:05] So those servers, when you build them initially, they came from five four and so on. Basically, in my experience with five five, sixteen gigabytes
+[12:13] is basically the bare minimum to actually get something done.
+[12:18] So I
+[12:20] and
+[12:21] eight
+[12:22] Red
+[12:23] Hat eight requires a little bit more memory than seven. You know? It always happens that way. So if you can bump them up a little bit, you'll give yourself space to grow.
+[12:34] So
+[12:35] just in general, I don't like seeing sixteens anymore anywhere. I just think that they're not adequate
+[12:41] at this year.
+[12:43] K. Thank you. Doesn't doesn't mean it won't work. I'm just saying if you still have any saying in that, get some more memory in there.
+[12:53] So, you know, '24, '34, something like that.
+[12:57] Okay?
+[12:59] Okay.
+[13:01] Arga.
+[13:03] And we have new people So hey, guys. We're having a little bit of a weird meeting because we think there was miscommunication on mails.
+[13:12] So Any?
+[13:13] I I just sent out a reminder to all the all the all all the who are registered.
+[13:18] Okay. So we might see new people. So for the newcomers,
+[13:22] welcome. We're happy to have you. It's a smallish meeting. If you had never been on one of them, it's question and answers. If you have a question, raise your hand so I know you want a question.
+[13:34] And
+[13:35] okay. Arga, that's you.
+[13:38] Yeah.
+[13:41] I've been working in secure transport for, like, around two years now. I'm working for co op client and
+[13:49] current employee in the PCS.
+[13:52] Now I'm working on the development part a lot,
+[13:55] not the
+[13:57] back end, like, how the
+[14:00] secure transport application is installed. Although I know, obviously, the architecture, how they're working now.
+[14:05] As you were speaking about migration
+[14:08] of the old,
+[14:09] you know, ST tool, we are also in the phase where ST is being migrated from on prem
+[14:15] Linux servers to
+[14:16] the Azure cloud
+[14:19] environment. Okay.
+[14:22] So when you say that
+[14:24] I have other questions just but but just to add on Ryan's questions I wanted to ask. When you say that XML, when we export an account from
+[14:34] one environment like ST's
+[14:36] supposed production environment, we we we export the XML one,
+[14:41] do you think that there will not be any issues with the SSH keys? So many
+[14:46] of the user accounts which I have created,
+[14:49] they are authenticated with the client's SFTP servers or any other server with the SSH key. Yep. Now We do we need to raise again generate a a new
+[15:02] SSH key pair from we don't need to do that?
+[15:05] No. So
+[15:07] use so they will work on our site.
+[15:10] However, if you're moving them to a different IP or something, they might need to do something on the client side if they are the ones connecting to you.
+[15:19] If we're the ones connecting to them, all you need is to make sure that they are allowing you into their firewalls.
+[15:25] Okay. Understood. So our keys are not saved or connected to the OS level at all. They're in our database.
+[15:34] They're only on the SD. So I can grab an account from your environment and move it into my lab, and it will be still it still will be working
+[15:43] because it's SD.
+[15:45] Right?
+[15:46] Now
+[15:47] if I am the one connecting if ST is the one connecting out Yes. Obviously, if the firewall is closed, I will not be able to get there. But that's have nothing to do with the key. But just moving the key is not a problem.
+[16:01] If they are the client, depending on what they're using, they and you are changing the IP or the DNS name and so on, they might need to re add the key for the you know, to accept the key again. You know how it works.
+[16:14] Yes. Other from that,
+[16:17] no. You don't need to.
+[16:19] Okay.
+[16:20] That is helpful.
+[16:22] One more thing.
+[16:24] You were talking about API.
+[16:26] Like, when you Yep.
+[16:28] Export the account, we you said that there is an API right now. Can you Not for the API.
+[16:35] It's
+[16:36] for the user classes and for
+[16:42] restrictions. So for the a p for the accounts, there is an API. However,
+[16:47] you need to export the pieces one by one through the API and preassemble on the other side. The XML export is the better way to move whole whole accounts.
+[16:57] So if you need to move a single transfer site or if you need to move a single key
+[17:02] or something else from the server using the API is
+[17:06] okay.
+[17:07] But if you're moving whole accounts or all of your accounts,
+[17:13] use the XML exporting import export. It's faster.
+[17:17] It's actually better.
+[17:18] If you are doing that, please make sure you shut down the audit log because otherwise, it will be slow.
+[17:25] But other from that
+[17:28] apart from that, it's pretty straightforward. So if you're moving accounts between environments, if you're moving from your on prem to your cloud, that's the cleanest way. Export the accounts, move them up. If you're using advanced routing, don't forget that you need to move all of the template routes first
+[17:45] because they need to be there with the same ideas. If
+[17:50] if there is no template for the advanced routing, like, suppose each and every account is made advanced routing.
+[17:56] You you are you are still using a template. It may be an empty one, but you're using Yeah. Basic template. And you need to move
+[18:03] yeah. And you need to move the one from this from the old server into the new one because with routes, we connect based on ID, not based on name.
+[18:13] So you need to export it and move it up first because otherwise, you will not be able to import the accounts.
+[18:19] The applications,
+[18:20] you can call them if as long as they're called the same way, we don't care. We will connect because it's name based.
+[18:27] But routes are connected based on IDs.
+[18:30] So if you're using advanced routing, even if you don't have absolutely anything in the template, you need the object itself.
+[18:38] That
+[18:42] is helpful. I have few more questions, actually.
+[18:46] See,
+[18:47] right now, I'm trying to
+[18:50] so suppose there is a
+[18:53] server, a staging legacy server where a where a lot of Linux scripts are running.
+[18:59] And within those Linux scripts, there are logics.
+[19:03] I mean, the logic is given for to pick up a file, how many
+[19:07] minute intervals the files the process will run, the job will run-in, and then it will be
+[19:14] the the particular interface file will be, you know,
+[19:18] changed to the destination server or or, I mean, destination system.
+[19:22] Now I want to replicate the whole this this Linux shell scripts into the secure transport environment because we have something around 600
+[19:32] interfaces that we need to migrate at this point of time.
+[19:35] And I'm try just trying to figure out a a process, like, using the external script advanced routing section, How I can do that?
+[19:44] Don't.
+[19:45] Don't. Okay.
+[19:46] Okay. So technically speaking, you can run any script you want over there, but you are going to need to leave it exactly as is, which means all credentials and everything will stay in the script.
+[19:59] Your performance will be abysmal because,
+[20:02] you know, each script on its own is you're doing whatever it wants. You cannot use pools. You cannot use secure connections. You will need to build every inside.
+[20:11] You will need to
+[20:14] you'll end up basically moving all of this spaghetti that you have, the 600 spaghetti scripts, and just moving them into a new server.
+[20:22] And as I used to say a few years ago, I still like using that. It's like you were driving a bicycle over there. Now you bought your Mercedes or whatever, you know, big carry boat,
+[20:33] and you just
+[20:34] started pedaling
+[20:37] the Mercedes because you don't know how to drive it. Right? Okay. Okay. The better
+[20:42] approach is analyze each of those and actually build them natively into the server.
+[20:49] If you're only doing the first one.
+[20:51] Yep. If
+[20:53] you're picking up files and then pushing them somewhere,
+[20:56] this is pull push. SDK can do that out of the box.
+[20:59] Right? Okay. Okay.
+[21:01] So you build up the both directions. You go through advanced routing.
+[21:06] If you haven't been if you had never worked with advanced routing,
+[21:10] we do have
+[21:11] actually, university
+[21:12] has a class about that. It's paid one, but, you know, it's a class.
+[21:17] But, also, there is some documentation.
+[21:18] So start small, but build it. Because
+[21:22] moving things
+[21:23] from one place to another
+[21:25] is the worst way to do migrations, and that's different from what Ryan is doing. Ryan is coming from an ST on a new version going to the same version. He just needs he's just changing
+[21:35] the OS. Right? He he's not trying to migrate anything.
+[21:38] In your case,
+[21:41] moving an old system into the new system by using exactly what the old system uses,
+[21:46] why are you paying for the new system?
+[21:49] Absolutely. I understand the point. Right. So
+[21:52] if
+[21:53] any of those scripts cannot be migrated cleanly,
+[21:58] then you can use the external script.
+[22:02] You know, it exists. Or you you can build a plug in. You also have the pluggable framework where you can build the code in Java so it works better.
+[22:11] And we had the user group about that about a month ago.
+[22:14] The recording will be on community, so you can download it and listen to it, or at least listen. I don't know if you can download.
+[22:20] But
+[22:22] I would strongly advise to analyze what they're trying to achieve and try to build it into the product first before
+[22:29] you try to move scripts in. Because I've been through those migrations
+[22:34] a lot of times through the years. And
+[22:37] I've seen people that say, oh, we'll just moving them for a week.
+[22:41] Guess what happens?
+[22:43] Ten years later, the scripts are still running.
+[22:46] Oh.
+[22:47] You will never clean it up.
+[22:50] So
+[22:51] No. That the first approach from my end was to analyze and I mean, that's what I've been doing for all the other interfaces
+[22:58] for the past, you know, few years when I've worked in this team. But I was just thinking, let you know, out of the box if we could do that.
+[23:06] But as you said, it would not be a very good approach. So I'll You can.
+[23:11] You can, but you shouldn't. So and that's one thing and that's one thing you need to learn about ST the hard way.
+[23:19] With ST,
+[23:20] there is very little things that you cannot do,
+[23:23] but there is quite a big list of things you shouldn't be doing.
+[23:27] So it's very
+[23:28] it's very open. It's almost like a platform, and everyone can play into it. And that's the whole point of the platform. And that's why ST is so
+[23:37] nice sometimes, and that's why it's so powerful in a lot of ways. But you always pay the price at the end. And I
+[23:44] know it's easier that way, but if you do it that way,
+[23:48] you're just moving the problem from one place to another. So what happens if they need to change the password?
+[23:55] Someone needs to change the script?
+[23:58] Yes. So we would need another resource
+[24:01] to be available, like, resource there. Yeah. And you're talking yeah. And you're and you're going to Azure. Right? Azure has access over there. You know,
+[24:11] accessing the cloud for OS
+[24:13] access is usually more restricted than on prem.
+[24:17] Yeah. You don't need to have about 75 permissions just to do that. Instead, if you build your transfer sites, your certificates,
+[24:24] your routes, something needs to change, it's on the admin. Why?
+[24:27] You go, you change it, you're done. Plus, you have tracking because think about the scripts. What happens if something goes wrong?
+[24:35] You'll need to go find figure out where the the errors are, and you don't have the tracking table, and you cannot do reports based on that. You know, all of that funny stuff.
+[24:46] So don't
+[24:50] step one,
+[24:51] try to get it into the server. Step two, if you cannot and do you really, really need it, then go for the scripts.
+[24:57] But don't default on the script. That would be my biggest advice. So
+[25:02] okay?
+[25:04] Absolutely.
+[25:05] That is helpful.
+[25:08] There is a few more things, like expression language skills. Like, I've been doing some expression language,
+[25:14] you know,
+[25:15] coding in the advanced routing section where you publish
+[25:18] file as, like
+[25:19] Yep. You know, deleting, truncating the first 21 characters or replacing it with some other characters and doing all those things. But I want to learn more. So can you please tell me where I could go?
+[25:30] Like, do you have any classes available for expression language? Like, learning, you were saying that there is a class.
+[25:37] Not not really. So
+[25:39] so so here is the point.
+[25:42] The expression language is
+[25:45] we have a few 100 variables,
+[25:47] and then it's just the good old Java JSP language. Nothing
+[25:52] fancy over there. So we don't really have a class about that. But the best way to learn how to do things is, look to community. There had been a lot of questions through the years with people asking how to do things. So if you look at what people are doing, that will give you ideas.
+[26:09] Right?
+[26:11] Look through some of the older recordings. For example, the one I did for last time for APAC,
+[26:17] I did a workshop on advanced routing, advanced settings.
+[26:21] We did some code, some stuff there. There were quite a lot of expressions in that one as well. So that will give you some ideas.
+[26:29] But
+[26:30] it's not something
+[26:32] it it's all and in addition, expression language allows
+[26:36] regex.
+[26:37] Right? So between regex and expression language, you can do a lot of regex.
+[26:42] And even if someone tries to build the class,
+[26:47] they'll probably miss what you need anyway. There is way too many things over there.
+[26:51] The other thing, though, is and that's just a fair warning.
+[26:54] Don't overthink it. Sometimes
+[26:57] when people try to be creative,
+[26:59] they end up creating something that is not maintainable.
+[27:04] Yeah. I understand.
+[27:06] So
+[27:08] yeah.
+[27:09] Yeah. That is good advice.
+[27:11] Last
+[27:13] that would this is the last question from my end. So there is a
+[27:17] server.
+[27:18] So how do we pull multiple files
+[27:21] from different remote directories from a single SFTP server configured in a transfer site? So can we use yeah. Any
+[27:30] Can we use anything like an advanced routing, or is there any way to do that? Yes. You can. Let me show you something. Let me see where is my server now. Okay. Let me know when you see my server.
+[27:42] Yeah.
+[27:43] You can see it. Right? Yes. Yes. So that's something I showed on the last meeting, and I strongly recommend you to go and find the it's called even more advanced routing was what the session was called.
+[27:55] But basically,
+[27:56] we do have a step now.
+[28:00] Mhmm.
+[28:02] Pull all files.
+[28:04] We have a pull from partner step.
+[28:07] So what you can do is you create a site with whatever download folder you set up. So if you want to pull from 10 different download folders or whatever,
+[28:18] you need to catch it either when you receive a file or when no files are found. One way I like to set that up is I create the transfer site to be pointing to a fault to a
+[28:30] Mhmm.
+[28:31] Folder that doesn't exist or that is always empty,
+[28:34] that will return
+[28:37] empty. Right? And then you you you catch it on advanced routing on the subscription.
+[28:43] Hold on. Okay. It doesn't. So on the subscription, you know how we have
+[28:49] over here.
+[28:51] I did here.
+[28:53] Execute
+[28:55] route when returns no files.
+[28:58] Right? So if you check this one, you will go into the routing, but not with the file, but with an error condition. And then you do a conditional route that says if no files were found.
+[29:10] And then inside of the route,
+[29:13] you use our new
+[29:15] best friend, which is the on demand pull step,
+[29:19] which allows you to override the download folder.
+[29:24] So
+[29:26] pull from partner, it is a pluggable step. You need to download it from
+[29:32] was that the pluggable one or is this the one that was getting cut it automatically?
+[29:36] It's I don't remember.
+[29:38] If it's not there in your server and you are May or later,
+[29:42] then you'll need to download it. But what you do basically is that you can set it up to specify from which folder on the server to download. So if you have 10 folders, you just do 10 of those steps, and you specify into which folder in ST to put it. So it can be either in the same where we are pulling initially or on a second separate folder. And when they go here,
+[30:04] they Uh-huh. They are as if they came from a scheduler.
+[30:10] Makes sense?
+[30:11] Makes sense. Makes sense. And, yes, we do not have this
+[30:15] step installed in in our server. I have to
+[30:19] So what version
+[30:20] are you running?
+[30:22] 5.5.
+[30:26] Yeah. 5.5.
+[30:28] Yeah. But which release?
+[30:31] Which release? Let me just check on that. So see see here on the top, if it is May or later,
+[30:38] I I so because
+[30:40] this is something I did for last time. There are set flow attributes and the send and the pull from partner. I don't remember. One of them is pluggable, the other is not, and I forgot which is which. I think pull from partner is not pluggable, so it should be there. If it's not there, you need to update your server to get it first because it's newish. It came out earlier this year.
+[31:00] Okay.
+[31:02] So if if you don't have it, you need to update the server first.
+[31:08] We
+[31:09] don't have it actually. No. We don't have So
+[31:13] you're on earlier version then.
+[31:15] So you don't need to update
+[31:19] you don't need to update the server,
+[31:21] and then it will show up. If you cannot update, then your only option will be to use the API from outside and choose on demand pull from the outside,
+[31:31] which means not run by ST. Or you can run it with the script from ST, which, you know, we talked about scripts earlier. Yeah.
+[31:39] But those are your options with the tools.
+[31:44] Your you know, worst case scenario, just create multiple sites and just run them Yeah. Into separate folders.
+[31:51] And then on the advanced routing, do publish to account and put them in the same folder so all of them end up in the same place.
+[31:59] And then do the processing from there.
+[32:02] That's old style. If you don't want to use the ATS and if you don't have this step yet, that was the old way to do it. You create separate site for each of them,
+[32:11] then you do the scheduling for each of them into their own folder because you can have only one site per folder. Right?
+[32:18] But then
+[32:19] on the processing, you do a publish to account and just move everything into a set into a new folder, the actual subscription folder, and trigger the subscription there from there to the processing.
+[32:33] The version which I'm using is 5.520220224
+[32:37] in the bracket 3103.
+[32:40] Yeah.
+[32:41] So you said 202201?
+[32:44] 0224.
+[32:47] 20220224.
+[32:50] Yeah. You do realize it's almost two years old. Yes. It's almost two almost two years old. That's And you do realize that you cannot even update it with one step. We only support update within twelve months. So I strongly recommend you actually come to something a bit more modern. So five five is kept in around four years now.
+[33:10] Update yourself. There had been a lot of new stuff and a lot of stuff that will be very, very helpful that when now that you start playing with advanced routing.
+[33:18] Absolutely.
+[33:19] I'll talk talk about it with my, you know, management.
+[33:22] Talk to them.
+[33:24] Come over
+[33:26] this what I have is May, simply because that's what I built everything on. The October release just came out last week.
+[33:33] So
+[33:34] if you're moving to something, you know, September, October, something like that is what you want.
+[33:40] Okay. And it will be two steps. Keep that in mind. When you're updating, you will not be able to update from where you are all the way up because it's more than twelve months. You will need to jump through something.
+[33:51] So because you're on the February release, the cleanest way might be to jump into January 2023 and from there into the newest.
+[34:00] You know? You need something. And and it's not to test anything in the January. It's because the way our updates are tested is only for the last 12 releases,
+[34:10] the last year.
+[34:12] So
+[34:14] you you need to jump through.
+[34:16] Understood.
+[34:17] Yep. And keep those servers a little better up. And I know that's hard sometimes, but
+[34:25] I would strongly recommend to plan to update them at least twice a year.
+[34:29] Okay.
+[34:30] Because a lot of the things that you will see people recommending and how to do things, you will not be able to do. The last two years had been a lot of development in the advanced routing pieces.
+[34:42] We had improved a lot.
+[34:44] Yeah.
+[34:45] So okay?
+[34:47] Okay.
+[34:47] Thank you, Fiona.
+[34:49] That's
+[34:50] all for my end. And,
+[34:52] Ho Hung, just put in the chat the link to the even more advanced routing
+[34:57] recording.
+[34:58] So that's one of them. There is also another one that was for The US. Same same material, different questions, different scenarios from people.
+[35:06] So, you know, you can listen to as many as you want. Okay.
+[35:11] Brian?
+[35:18] Sorry about that. I was just on mute. Can
+[35:21] you hear me?
+[35:22] Now I can. I I mean,
+[35:24] my my crystal ball is in the shop, so I cannot hear if people don't talk.
+[35:31] No worries. Okay.
+[35:32] So one of the challenges we have moving forward is
+[35:36] revamping the way that we handle
+[35:39] certificates
+[35:41] Mhmm. The
+[35:42] expiry and, and, you know,
+[35:44] moving to best practice in terms of,
+[35:48] you know, refreshing certificates and things like that. And I believe that SecureTransport
+[35:53] now supports two separate HSMs,
+[35:56] the Talos learner seven and and one other.
+[35:59] But I can't really find any documentation
+[36:02] about the user cases for them, like, what functionality
+[36:05] they provide.
+[36:08] Always support with them is the server certificates,
+[36:12] the one then the protocol demos are carrying.
+[36:15] We do not support user certificates yet.
+[36:18] Okay. So for SSH
+[36:21] HSN,
+[36:22] like, if we wanted to
+[36:25] to manage user certificates that are used for user accounts, then that's out of scope at the moment. Is that on the road map?
+[36:32] It is, but I don't know how close it is on the road map.
+[36:37] I mean, implementation. Yep. So it is. However,
+[36:40] if you are interested in that, go to the ideas portal if you have never been there. Find
+[36:46] there is an idea about it or add your own if you cannot find one,
+[36:50] and mention that you need it as well. The ideas portal is our
+[36:55] enhancement request system.
+[36:57] Yeah. I'm familiar with it. And I and I believe there is an idea already there. No worries.
+[37:03] So no idea on timeline for that or what the functionality will be or anything like that? Nope. Too early.
+[37:10] One of those. Yeah.
+[37:12] No worries. Excellent. Thank you for that. And
+[37:15] when it's my turn again, I have another question. No. Well, no one has their hand raised at the moment, so go ahead.
+[37:23] I've forgotten what it was. Just give me a moment.
+[37:26] Oh, okay. I'll give you some time then.
+[37:29] Sorry. Yeah. I'll come back come back if that's okay. That's okay. Okay.
+[37:35] Any of our newcomers,
+[37:37] and welcome.
+[37:38] If you walked into the middle of explanation, we seem to have had some communication
+[37:42] issues on this meeting. So we'll probably will have another schedule shortly again in a few weeks. But in the meantime,
+[37:49] anyone
+[37:50] else? Any questions before I call on Ryan again?
+[37:54] I see a few names I recognize. I see a few people I don't see I've seen before. I don't think I've seen before.
+[38:02] Okay. If no one else wants to say anything, Ryan, back to you.
+[38:07] Thank you. So with
+[38:10] our work currently to install the August patch, we noticed that
+[38:15] some ciphers have been removed, specifically the MAC ones like HedgeMaxShot256AtSSHDotCom512.
+[38:23] And that was noted in the release documentation,
+[38:26] but we also,
+[38:28] after patching, noticed that
+[38:32] is it Keith's changed? The Diffie Hellman Group 14
+[38:36] was removed. It's still supported, but it's removed, and a whole bunch of new ones were added.
+[38:41] So I'm just curious
+[38:43] about Xway's,
+[38:44] like, standard around Cypher management.
+[38:48] Are they meant to be mentioned in the release documentation,
+[38:51] or is it just a, you know, patch and and monitor kind patch in our test environment and check kind of thing?
+[38:58] It was an oversight. It should have been mentioned in the documentation, and I'll check with r and d why it wasn't. The idea is that whenever we remove
+[39:07] something,
+[39:09] we are not just going we are not just mentioning it into the document, but we're also mentioning it into earlier release notes as a warning so people not prepare for it. Unless it's something security wise that really, really happened weirdly.
+[39:24] You know, if there if there was a huge escalation
+[39:27] worldwide,
+[39:29] and we had to lift through a few of them in the last years. Right?
+[39:33] Then we need to drop without a warning. But even then, it should be in the documentation.
+[39:37] If they didn't mention to you the documentation,
+[39:39] it was on our side.
+[39:42] Also
+[39:43] No worries. Thank you. We
+[39:45] do have a YouTube channel
+[39:47] where r and d are publishing what's new every month on the new releases.
+[39:53] And it's some of the things actually might be better off there as well if you're into videos.
+[39:59] You know, the release notes are short ish. Plus, keep in so
+[40:03] the one thing if when you say release notes, keep in mind we have two sets of release notes. The shorter ones are the ones that go into the major documentation.
+[40:11] But when you download the patch itself, it carries its own release note, is usually a little longer.
+[40:17] Right?
+[40:18] So make sure it's not hiding there.
+[40:22] Yeah. So we just the read me that comes with the the patch
+[40:27] Okay. Which has all accumulated information in it. That's what we've been using as our sort of source of truth.
+[40:32] That's that's the big one. That's the source of truth. If they missed to mention it, it it was an oversight.
+[40:39] So adding new ones, not that much. You know? We can add new stuff, new security, but removing should at least we were told that they will always note it. And
+[40:50] I'll see if I can check, but
+[40:54] things happen. Also,
+[40:55] one option might be that they actually removed it before the August release. And that's why it dropped for you in August, but it might have dropped you in July or June. So look to the release notes of all the releases between yours and the previous one yours and the next one. Because, you know, we have them on top of that as a full list,
+[41:15] but sometimes I've seen things getting missed. So I don't know.
+[41:19] Yep.
+[41:20] I have checked,
+[41:22] also, like,
+[41:23] are those readmes, if I do a search in the documentation
+[41:27] portal for a phrase, will they come up in the readmes? Or
+[41:31] The shorter versions of them, yes.
+[41:34] The lead meet themselves are not, but they have a what's new section added to the admin guide that is getting updated every time,
+[41:43] which is supposed to carry the same information,
+[41:46] but because you know what happens when you have the same piece of information in five different places.
+[41:51] Things get misplaced.
+[41:54] So you should be able to find it, but also
+[41:59] Excellent. Thank you. Okay.
+[42:04] Okay. We lost one of the people.
+[42:07] Arga, back to you.
+[42:12] Yes. Can you share the YouTube channel name, please?
+[42:16] Can you what? You mentioned you mentioned about the YouTube channel.
+[42:21] We'll show it to you when we get back to the presentation from HoHong. We put it on the presentation.
+[42:28] It's
+[42:29] how can you pull the name of the YouTube channel and put it into the chat for everyone, please?
+[42:40] That's us.
+[42:44] If you look for actually MFT videos, you you should be able to find it easy enough.
+[42:50] Oh,
+[42:50] thank you.
+[42:52] They release them so they're usually four, five minutes long,
+[42:57] and they release them a few weeks after the release.
+[43:00] So, you know, after they're ready.
+[43:02] But they're useful. And if you like videos
+[43:06] more than reading it,
+[43:08] it's useful. You can see things even if
+[43:11] you prefer to read.
+[43:13] But,
+[43:14] yes, that's why we put in it's not just for ST. So if you have any of our other products, CFT and so on, we also they're also adding it to the whole MFT setup.
+[43:24] And these are directly from r and d.
+[43:26] So
+[43:29] okay.
+[43:31] Any other questions? Anyone else?
+[43:43] Ryan?
+[43:46] Sorry to be hugging all your time. If you want me to stop, I will.
+[43:51] Not at all. You're the only one that wants to talk to me tonight. So, you know,
+[43:56] you and Tharga. No worries. We
+[43:59] we've had an issue come up recently that
+[44:02] has been targeted has potentially been traced to the use of
+[44:07] weak ciphers for the signing of of certificates.
+[44:10] So when
+[44:13] when
+[44:15] we create a certificate, it's signed, for example, with RSA
+[44:20] with chart two five six.
+[44:22] Mhmm. And and there's only four options in the drop down, which, you know, all appear to be SHA one.
+[44:30] So just doing some research,
+[44:33] you know, the the recommendation that I have found is that signing certificates
+[44:37] with SHA one is not something that should be done,
+[44:40] you know, given
+[44:42] that it
+[44:43] that can be shattered or however you wanna call it.
+[44:48] So does actually, I have any concern about that. Is there any way that we can increase that to include a SHA two algorithm?
+[44:55] You know that I will send you to the ideas portal. Right?
+[45:00] Yeah. So
+[45:02] I I don't you know, because I'm not an encryption expert, but my research just suggests that
+[45:08] SHA one shouldn't be used to sign certificates. And it's my understanding that all the ones that
+[45:13] Understood.
+[45:14] Yeah. I I was kind of flipped,
+[45:17] but that that's the only thing. So I
+[45:20] haven't heard about them changing that in the next release immediately.
+[45:25] So my recommendation is to go to the ideas portal and just post it as an idea
+[45:31] and see what they will respond with. Because I know that security wise, we're doing a lot of research. Our security teams signed off on that, and they're not concerned with that yet.
+[45:44] Otherwise, it would have been added by now. But there is no way to add it into the product at the moment, s s. Those this list is hard collect.
+[45:54] Unlike
+[45:55] pretty much anything else, you know, there is a lot of server parameters for pretty much all kinds of Cypress and so on. This one specifically is not parameterized,
+[46:05] so you cannot do anything with it.
+[46:08] No. I'm just doing a day looking looking at documentation
+[46:11] in the database and trying to find if it was parameterized, then I'm it's not No. And and you and you cannot even remove some of them. I mean, short of changing the JSP file, if you start doing that, I'll have some words with you, and they won't be nice ones.
+[46:25] But there is
+[46:27] it's not something driven from a parameter,
+[46:31] and this was done by
+[46:35] it's an older thing. I don't think they had gotten around to parameterizing
+[46:39] it. But also, unlike Cypher's foreign users and so on, being able to sign with the Cypher requires specific libraries, and it depends on what our libraries
+[46:49] can do.
+[46:52] So this list is kinda hardcoded,
+[46:54] but do open an idea and let's see what they'll say.
+[46:58] Most of so our security team is doing a lot of scanning. Our r and d team is also doing a lot of scanning. So whenever something is really, really bad,
+[47:09] we fix it without prompt prompt.
+[47:12] This one just haven't really come up.
+[47:15] So
+[47:16] Can I can I ask too, as we, like, increase our security stance and look at deploying or utilizing more secure ciphers,
+[47:24] more complex algorithms,
+[47:26] is
+[47:27] is there an honest performance hit in secure transport?
+[47:31] Of course.
+[47:32] The bigger the cipher, the slower the encryption, decryption of the channel.
+[47:37] So you are having milliseconds being cut at pretty much any operation here and there.
+[47:44] Okay. Thank you. It's the reality of it. The bigger the key, the longer it takes to do something with it. The bigger the encryption key, the slower the encryption process is. Right? That's why it's more secure. How it doesn't get more secure because it's more random. Right? It gets more secure because it's just more date
+[48:04] more bytes being scrambled. Let's say it like that. It's I know that's over More complex.
+[48:10] Thank you.
+[48:12] But but I know it's gross oversimplification
+[48:15] of the process, but, basically, the bigger
+[48:18] the scrambling part is, the longer it takes to make it. Right?
+[48:22] So
+[48:23] so, yes, there is. That bottleneck they would that bottleneck be processor or memory or both?
+[48:35] Usually,
+[48:36] both of them a little bit, although it rarely gets to there.
+[48:40] It's just time.
+[48:42] You cannot speed it up much more.
+[48:45] It's just
+[48:48] each of the bytes need to do their job. Let's say it like that. It just need to be applied on everything.
+[48:55] And if it was, like, a large file, would that be a nightmare? Like, a 20 gig file?
+[49:00] No.
+[49:01] It's not linear that way. So and it depends on which keys we're talking about. If we're talking about the keys the user key for authentication,
+[49:10] this only comes to play during authentication itself. Right? Yeah. So your authentication will be a milliseconds shorter or longer, but it you'd it's a blink.
+[49:20] If we're talking about the key that is carried by our protocol demo, for example, the SSH demo or the HTTP demo, then this is for the channel encryption. And inside of the channel encryption, it doesn't matter how big the file is or whatever it is. If you're talking about repository
+[49:35] encryption, then it becomes important because this is what is used to to encrypt the file itself. Right?
+[49:42] So it it's different levels.
+[49:44] And that's why
+[49:46] you will see a performance hit, but it won't be based on the file size. It's usually bay will be
+[49:52] unless you're doing repository encryption,
+[49:55] it will be based on the number of channels, the number of connections, the number of files going to at the same time, you know, because it's on the channel level. It's not on the data level. We don't encrypt the data inside the channel.
+[50:07] Excellent.
+[50:08] That that's a really good insight. Thank you. So it it think so and that's important because I've had that question way too often. Whenever we're talking about the encryption in ST, we're either talking about channel encryption, you know, SSH or SSL,
+[50:23] or repository encryption, encrypting on our side,
+[50:26] or
+[50:27] PGP encryption, which is someone else does and, you know, it will just if you do PGP encryption with a big key, obviously, it will be slower than a small key, and this is CPU and memory for the most part.
+[50:38] So it depends on which one it is. So is it going to be slower
+[50:43] as a bunch benchmark? Yes. But unless you are running millions of files per hour, I don't think you even
+[50:51] notice.
+[50:53] You know? And your server is small enough, I believe. Do you know how many transfers do you have per hour or per day?
+[51:03] Brian, you're on mute?
+[51:10] No. He doesn't want to talk.
+[51:13] Ryan, still with us?
+[51:24] Okay. Well,
+[51:27] Hong Kong put the YouTube channel into the chat window for anyone that wants to grab it from there. If not, you can just look for actually MFTA to pop up immediately.
+[51:38] Back to Argo again.
+[51:43] Hi again.
+[51:44] So
+[51:45] I have few more questions. I was just looking into those things. So
+[51:49] first is,
+[51:51] what is the largest file size, like,
+[51:54] secure transport and handling transfer? I knew it was eight GB. Is it still the same? Or the the It had never it had never been eight GB.
+[52:04] Well,
+[52:05] let me change that. Twenty five years ago, it might have been AGB.
+[52:09] At the moment,
+[52:12] the
+[52:16] your storage
+[52:18] will have a lower capacity than SD does.
+[52:23] Your storage will blow before us. Let's say it like that. We don't have an upper limit. The biggest I had ever seen was a couple of terabytes.
+[52:32] Okay.
+[52:34] But,
+[52:35] you know, that doesn't mean I haven't that there haven't been bigger ones. I usually don't get called into situation unless something is grossly wrong.
+[52:43] So if something is working, we won't even hear of that. ST does not have a limit. We do have a limit in a couple of places.
+[52:53] If you're doing a s two, there is a limit of the size there. If you do iCap, there is a limit you can specify
+[52:59] on
+[53:01] how big files used to stop scan, things like that. But if we're talking about straight files coming in through the system,
+[53:08] they can be as big as you want. One warning, because you're on an older version of five five.
+[53:14] If you need to move a big file, don't use advanced routing.
+[53:18] If you move to the new releases,
+[53:21] you can. Because, you know, with advanced routing, we create a copy of the file in the sandbox and move it out. Right? So if you're with a big file, we'll create a sandbox to to push the file, you know, another copy of a terabyte file takes a lot of space.
+[53:36] In the newer versions, we made an improvement that if you don't have a transformation,
+[53:42] we're not going to form a sandbox,
+[53:44] which means that the fast can go through. But in the older versions, if you need to move big files, use basic application.
+[53:52] Yeah. That explains the problem that I had earlier. This this explains a lot.
+[53:56] Yeah. So so the way advanced routing works is that the moment when a route matches, we create a sandbox and we copy the file into the sandbox, and then all the work happens from inside of the sandbox.
+[54:08] So the bigger the file, the longer it takes to create the sandbox, the longer it takes until the file starts getting called.
+[54:14] If we need to do transformations, you cannot bypass that because we need to do transformation somewhere.
+[54:20] Right?
+[54:21] But if you don't have one, did an improvement, as I said, it won't work on your server. You're in February 22. That was a long time ago.
+[54:30] So upgrade your server.
+[54:32] But if
+[54:33] you were having troubles with space being taken or things being slow or a big file arriving can do it nothing for a few hours before starting to do things, that's what was going on. Your storage is slow,
+[54:44] and that's why the sandbox copy was taking forever to make the copy because we are not doing an OS level move. We literally do a copy. We open the file. We read the file, and we write it in the new place.
+[54:56] Okay.
+[54:56] And then we start working on that copy to do whatever you need us to do, which might be just to push the file up.
+[55:03] Yes. Yes.
+[55:05] This means a lot and really helpful.
+[55:08] The next thing
+[55:10] would be, like, suppose there was a problem with FaceTime. Give me a sec. Yeah. Argo, give me a second. Ryan,
+[55:17] 10 cap per ten ten ten thousand files per day,
+[55:22] you wouldn't even notice if you doubled all of your keys sizes.
+[55:27] Just think.
+[55:28] It's small, small environment.
+[55:30] So this should be fine.
+[55:32] But, you know, if you are monitoring up to the millisecond, you'll see the uptick.
+[55:37] But it will be in connection in creation of connections and stuff like that. So okay.
+[55:43] Sorry. Back to Argo.
+[55:48] 10,000 transfers. That's a lot. Okay.
+[55:51] Should you That's baby that's a baby installation
+[55:55] in my world.
+[55:57] If you tell me 10,000 per hour transfer is showing me.
+[56:03] Ryan?
+[56:04] Don't try don't transfer, shame me. I can't deal with it.
+[56:09] Okay.
+[56:10] Sorry. I'm just mucking around. Sorry.
+[56:12] I I know. I know. I know.
+[56:15] No. It's just ST is so versatile that I need to ask with a question about number of files because it matters.
+[56:22] The answer reads differently if you have 10,000,000 files per hour, you know, or 10,000 per day, and I've seen both cases for the most part. So
+[56:34] but yeah. Okay.
+[56:37] Argo, back to you. Yeah. So
+[56:40] there was a problem last year. Like, I kept a schedule of a number of file transfers within two minutes. Right? I created a subscription folder. Yes.
+[56:53] That's what I wanted to ask.
+[56:55] You already answered.
+[56:57] So I have to keep I
+[56:59] have to keep it for fifteen minutes at least by,
+[57:02] you know, other people. Yeah.
+[57:05] So so here is how it works with the schedule. Whenever you set up a scheduler, we basically create a cron job behind the scenes. And now you can even create a cron job. Right? But behind the scenes, it was always a cron job.
+[57:17] So what we were doing is,
+[57:19] the cron job comes out. We know that we need to connect. We go to the server,
+[57:24] wherever it is. We connect to do a we do a list to get the list of the files that we need to pull, and we put them in our database to start pulling. We can see just the records for the files, and then we start pulling.
+[57:36] At this time, two minutes later, your next attempt shows up.
+[57:41] We say, oh, but we're still pulling files.
+[57:44] So it just gets skipped
+[57:47] over and over and over again. If we never find the file, what happens is we log in onto the partner server. We don't find anything, so we close immediately. So two minutes later, there is no open connection, so it goes and tries again.
+[57:59] And we're going to annoy annoy the other guy again two minutes later. Sooner or later, either their firewall or their server is going to mark you as a spammer because you're coming way too often.
+[58:10] In my experience,
+[58:12] there is I
+[58:14] I've been doing ST for eighteen and a half years at this point.
+[58:18] Am yet
+[58:19] to find a single use case where going more often than five than five minutes actually makes sense.
+[58:26] The only case where it makes sense is with the folder monitor, and then you leave it on the standard. It goes every five seconds. You know, that's a different conversation
+[58:34] it's local. But when you're connecting to someone else's server,
+[58:38] do you really want to go and knock on their door every minute or two? No. And how often do they put files over there?
+[58:47] Because
+[58:48] you if you go every two minutes, either they have a lot of files, which means you are never going to go every two minutes because we'll be skipping attempts because we're still in the middle of moving files.
+[58:57] Or they don't put files that often, so you are using all the resources of ST to go and find the files over there that are never there. Right?
+[59:07] So my
+[59:09] recommendation
+[59:10] is don't do it more often than five minutes.
+[59:13] But
+[59:15] for most scenarios,
+[59:17] you might actually want to go up to fifteen minutes or ten minutes or something even higher depending on when their data shows up. Right?
+[59:26] Okay. So
+[59:27] if they cannot tell you when the data shows up, I usually schedule it every hour.
+[59:32] And if we see that it's really delayed, then we start playing with it. 99%
+[59:37] of the hour stay stays stay every hour anyway because the customer is like, yeah. My files will show up. Yeah. You have three files per hour. I don't care. I'll come every hour and just grab it. And if you really and if a partner really need their file to be processed as fast as possible,
+[59:53] they need to reverse the connection. They need to send the file to us. We will process the file as soon as we get it. But using ST to do empty runs to go and check, do you have files? Do you have files? Do you have files? Do you I have
+[60:08] mean, you do a 100 of those, and your server doesn't have any power anymore to do what it's supposed to be doing because those are external connections.
+[60:16] Your firewall people will hate you. Their firewall people will start hating you. Strange. Enough cases where where
+[60:24] you it works for a couple of days, and then one of their
+[60:29] spam protection mechanisms on their side of the house, on the partner side, just slams on you and tells you, you're opening connections every two minutes. I think you're a spammer.
+[60:38] Trying to me.
+[60:41] Alright.
+[60:41] So
+[60:43] yeah. So don't do every two minutes. I I literally had never seen it take needed. We support it. We allow it. Because if you're going to get some internal server where you know that there are there is a file every two minutes, but that is a very small file, you know, it's kinda
+[61:00] sorta
+[61:02] usable scenario.
+[61:03] There is a scenario. That's what I was saying earlier. SD can do so many things, but
+[61:08] for various reasons. But if you're talking to an external partner outside of your network, please stop spamming them.
+[61:15] Okay. You know? You you don't want the headache of that, and and you're cheering ST for nothing. How many files do you get from them daily?
+[61:24] Ten, twenty, 10,000,000?
+[61:26] Yeah.
+[61:27] We get something around 30
+[61:30] to fifty fifty
+[61:31] files. So okay. So you get 50 files per day,
+[61:35] and you were running there twenty four hours,
+[61:39] 30 times per hour. Should I do the math for you?
+[61:43] No. No. No. I got it. It's
+[61:46] and that's the point. I know that all the partners will say, yeah, come and get it immediately.
+[61:52] We don't do listeners.
+[61:53] We need to connect and use resources.
+[61:56] Back to what me and Ryan were talking about, the bigger the keys are, they'll get bigger and bigger as time continues to grow, and
+[62:04] the slower this process will be. And you are I understand. Eating the bandwidth, both of you and them,
+[62:10] just to go and knock on the door and be annoying. So don't do that. I understand. Don't and that's the other thing.
+[62:17] If you have 50 files from them, check with them or check your records to see when they arrive. If they're all between eight and five, I would do instead of doing a regular schedule, I would do every
+[62:28] five minutes during business hours and every hours over the non business hours with the cron job. Yeah.
+[62:34] You know, design it in a way that actually makes sense for that partner.
+[62:38] Absolutely.
+[62:39] I did that already. Was just trying to understand the mechanism
+[62:42] within
+[62:44] should do.
+[62:47] That is very helpful. It means a lot, actually. I mean, I've been trying to get hold of someone like
+[62:52] you or, you know, an expert in ST. And the last thing I want to ask is
+[62:57] the
+[62:58] at first Sentinel.
+[63:01] Yep. There there is a system where you can,
+[63:05] you know, you can set up a mail alerting system for the partners.
+[63:09] Right? Oh, yeah. There is also there is also a mechanism
+[63:13] within advanced routing
+[63:15] where you can
+[63:16] set up the mail alerting system.
+[63:18] Yep. So,
+[63:20] I mean, is there any difference between those? Because Yes.
+[63:25] Okay.
+[63:26] They run from different servers.
+[63:28] Okay.
+[63:30] So
+[63:32] the once in a well, it was a little flip, and I apologize for that. But basically,
+[63:38] the Sentinel one is the older one. But in order to set it up, first of all, you need to send the emails of the users, which is we don't send automatically.
+[63:46] So you need to go on let me share my server again to show you what I'm talking about. Ryan, I saw your hand up a little earlier.
+[63:53] We'll get back to you in a second.
+[63:57] Can you see my server again?
+[63:59] Yeah. Yeah.
+[64:01] Okay.
+[64:02] So over here on the Sentinel
+[64:05] page at the bottom where you can map additional parameters,
+[64:08] over here, the mapping rules.
+[64:11] You actually will need to map the email to go with each each of the request because we don't send the email by default.
+[64:20] So and then Sentinel can do it. The mechanism with Sentinel is through correlation rules, which are a little harder to set up than the template than the routes.
+[64:30] If you
+[64:32] but it depends on where your Sentinel lives compared to where your ST lives, who is closer to the exchange server or whatever server you'll be using, the mail server.
+[64:41] Right?
+[64:42] And who you want to send them.
+[64:47] On the second house side,
+[64:49] you can design it very great as granular as you want to, but you will need to basically build everything from scratch over there
+[64:57] almost on the correlation rules.
+[65:00] While in the ST, it's just checkboxes all over the place.
+[65:04] I personally
+[65:05] if ST can do it, I would keep that in STs.
+[65:11] So
+[65:13] it's
+[65:13] built for that. It's a lot more intelligent, especially if you have complicated
+[65:17] route where one fails, another doesn't fail, and you want different mails in both case. You will not be able to design that in Sentinel unless you sent a lot more variables
+[65:27] out so that it can do the design. Well, in the STS, you know, oh, this route failed. This route started. That's what you want. That's why we built all of that. And you have them on the route level. You have them on the package level.
+[65:38] So there is a lot of mails going around. Right?
+[65:42] The reason why we have it in both places,
+[65:44] historically,
+[65:45] ST
+[65:46] was having a different mechanism to send mails through the transaction manager,
+[65:51] and Sentinel is not only used by ST. So there are other products that you sent, you know, that cannot send their own mails. So and and, again, it comes down to what you're doing. If you have CFT and ST going both to Sentinel,
+[66:04] then you might want to do notifications in in Sentinel so that they go out for both of them. Right? So it's
+[66:12] there is no
+[66:13] that's best.
+[66:14] In my I personally prefer to use the ST notifications when I can, simply because they're designed around AR.
+[66:24] Right? So you don't need any
+[66:26] intelligence. You don't need to correlation at all. You don't need to think about how to set it up.
+[66:31] But on the other hand, of course, that means that SD is sending mails. One thing to be
+[66:36] conscious about and the buffer sending our SD,
+[66:39] we are sending the mail. We don't carry a mail server on the products.
+[66:45] So what we're doing is to send it to a Relay or to your corporate server. And for us, a successful mail is the one that reaches the corporate server and or whatever relay and doesn't get bounced from there. So you'll need to check with your mail people to see if the mails actually make it out and all that when it's done.
+[67:02] Right?
+[67:04] Makes sense?
+[67:06] Makes sense. Makes sense. Absolutely.
+[67:08] Okay. Thank you.
+[67:10] Ryan, I saw your hand up. I know you brought it down, but
+[67:14] do you have anything?
+[67:17] I just wanted to comment around
+[67:19] what you're saying earlier on about
+[67:22] the number of connections.
+[67:23] Mhmm. We did some analysis of inbound connections,
+[67:27] and something like 98%
+[67:29] of our connections were coming from an internal application
+[67:32] from the two development
+[67:34] regions.
+[67:36] So, basically,
+[67:38] developers, when they were setting things up, they didn't wanna wait for their files, so they were pulling us, like, every twenty seconds or something. So we got that volume down from over 250,000
+[67:49] per day to under 2,000
+[67:51] just by, you know, managing expectations
+[67:53] around that. So
+[67:55] it's yeah. It's basically, there was no reason for them to be connecting so often.
+[68:00] You just need to rationalize those things sometimes.
+[68:03] It it's just easier when you're building something instead of thinking about modeling. It's like, oh, I'll go every twenty seconds. Who cares? And you go and kill your partner. You have 10 of those, and,
+[68:14] you know, you get in trouble.
+[68:17] But yeah. Yep.
+[68:19] And that's the only way to figure it out, you know. You start looking at connections.
+[68:24] Okay. Good.
+[68:26] Okay. Anyone else? Anything else? We have a few more people and no one else is talking to me.
+[68:42] Any takers? Any other questions? Anyone?
+[68:53] Not a question as such. If I want to connect with you,
+[68:57] like, separately,
+[69:01] should it be through LinkedIn or
+[69:03] if you can share anything
+[69:05] with LinkedIn sample?
+[69:07] You can send me an email.
+[69:09] Hoagong has the email, and it should be in the invitation as well.
+[69:13] I'm also easily found in community where I answer questions all the time.
+[69:19] Okay.
+[69:20] And I would strongly recommend using community if it's a technical question that doesn't have too many customer details
+[69:27] simply because there is a lot of people answering both partners
+[69:31] and customers and X-ray people. And if I'm busy with something or not around or, you know, went on vacation, there is someone to help. Yeah. Feel free to send me an email if you want to, and that's valid for everyone. But
+[69:44] and I'm happy to help. I'm happy to answer. But, occasionally, I might tell you to go support or to go to community simply either because it's too big of a question or because I'm literally swamped them for under text. Right?
+[69:57] So
+[69:58] but,
+[69:59] yeah, my mail should be somewhere in the invitation, I believe. And if not, just talk to Hohong. He usually knows how to get him to me.
+[70:07] So
+[70:08] okay.
+[70:09] Thank you.
+[70:11] Mhmm.
+[70:12] Okay. Last call for questions.
+[70:16] So
+[70:17] I'll pass it back to Ho Hong. He has some things to show you and to talk about at the very end.
+[70:25] One thing, we probably will have another meeting this year for
+[70:30] Asia Pacific. We were not planning on one, but with apparently something happened with this one.
+[70:36] So
+[70:38] we'll probably have another one and everyone. Even though you are on this one, you're welcome to come on the next one as well. So don't feel like you're not supposed to be there if
+[70:46] we redo it. So, Hong Kong, back to you.
+[70:50] Thank you, Annie.
+[70:52] So just a couple more minutes now.
+[70:55] We do have this something called the g two peer reviews.
+[70:59] So right now, all our solution are actually in the leaders.
+[71:04] So
+[71:05] if you want to, there's a link below that you can
+[71:10] you can you can you can go to give us a review on the product that you are using from X-ray.
+[71:15] Right? And then as a thank you, you know, all actually, g two will send you a a gift card, which is about 25 US dollar.
+[71:24] So feel free to
+[71:27] to give us a review.
+[71:32] Makes this our as Annie has spoke has talked about just now, you know, as a community. If you are not on the community, please feel free to go and register yourself.
+[71:41] And then you can create ideas there. There's a user group, then also
+[71:45] road maps. And then q and a forum for all the different X-ray solution. If you have any technical question, there is no
+[71:53] sensitive information. Right? You can actually ask the questions there. So anyone from X-ray will answer or even sometime our customer and partners, if they have the same use case.
+[72:06] The
+[72:07] last one,
+[72:08] I've already posted in the chat group. Like, there is this new X-ray MFT YouTube channel.
+[72:14] Right?
+[72:15] Register it, and then you can see that, you know, you you you actually, give you all the technical enablement and what's new in each of the coming each of the ST releases. As you know, ST release
+[72:27] a new release every month. Right? So this will be a lot easier for all of you.
+[72:36] If not, thank you for your time. We will send you the link, and then we'll also send you a survey. Please feel free to answer the survey.
+[72:44] We we really appreciate all your feedback, and then we take your feedback seriously. If anything that you think that we need to improve, let us know.
+[72:53] If not, thank you, everybody.
+[72:56] Hope to see all of you soon again.
+[72:59] Thank you. Thanks, everyone.
+[73:01] Thank you. Thank you, Annie.
+[73:04] Bye bye.
+[73:07] Bye.

out/932608789/transcript.txt

@@ -0,0 +1,810 @@
+# Transcript: 932608789
+# URL: https://vimeo.com/932608789
+# Duration: 3859s (64.3 min)
+
+[0:02] MFT architect assisting on the product team.
+[0:05] With that being said,
+[0:07] so for anyone that is here for the first time, as Jeff mentioned, this is an info it is a question answer session.
+[0:14] So you unmute yourself, ask a question. I already have two in the chat, so that's what we'll start with.
+[0:20] If we're talking on a topic you are interested in, just chime in. If you're doing something similar, if you have a follow-up question, the idea is to talk.
+[0:29] Another thing is that as you noticed,
+[0:32] it's in a different time compared to what we usually do. We're experimenting at the moment.
+[0:37] So for a while, you'll be seeing both meetings at the regular time and at this later slot, and we had a matching earlier slot one late last week for the East Coast and Europe.
+[0:48] So after the meeting ends, if you have
+[0:52] to tell us something about the timing and do you think it was a good time, and what time would you rather this meeting be? Just let us know. We're trying to find the best time for everyone.
+[1:02] With that being said,
+[1:04] let's kick it off. And as I said, I already have questions in the chat. If someone
+[1:09] so if you cannot unmute yourself for whatever reason, feel free to just put it in chat, but I would much rather talk to you. And chances are I'll still ask follow-up questions. So just typing, usually, doesn't. Not yet.
+[1:21] But if needed, we can work with that. So with that being said, let's start with Nay and the question. We have a set of file extensions that are not allowed into ST. However,
+[1:32] if they zip a file and send it over and unzip and deliver it out.
+[1:36] So
+[1:37] the x the
+[1:39] older
+[1:40] all
+[1:41] the restrictions we have for
+[1:44] files that are on the inbound side. So if they circumvent
+[1:47] it by going with a ZIP file and we unzip,
+[1:50] the only way
+[1:52] to stop it from delivering is to make a condition
+[1:56] on the sent to partner.
+[1:58] Oh, I forgot to mention. I have a live server, so I'll just pop up on my server to show you what I mean.
+[2:09] So in the
+[2:10] template that you are sending with and it will need to be advanced routing because,
+[2:16] in template or composite route, but it will need to be advanced routing because basic application don't have conditions.
+[2:23] But over here, when you're doing your delivery, the sent to partner
+[2:28] oops.
+[2:29] I clicked on the wrong thing.
+[2:34] So
+[2:35] what you'll need to do is when you are adding the step, the last one, the sent partner
+[2:40] or published to account, whatever you are doing after the unzip,
+[2:44] you will need to either do a condition,
+[2:48] which says if this is the extension, just don't deliver. So, basically, repeating the whole set of extensions that you don't want to deliver with.
+[2:57] Or if,
+[2:59] if you are on an older version of ST or if it is just patterns, you can also do file globin regular expression over here on the file name pattern because that's what it is based on. But one of the two will need to be enabled. ST will not protect
+[3:12] delivery out based on the inbound restrictions.
+[3:17] Does this make sense, Nai?
+[3:25] Good morning. Yes. That does make sense. Thank you. Yeah. And it will need to be one by one, unfortunately. Right? We cannot just. There is nothing on the outbound side like we have the restrictions on the user class on the inbound.
+[3:38] So So Okay. How do you,
+[3:42] how do you put in a condition where I have multiple,
+[3:46] file extensions in there?
+[3:49] Okay.
+[3:50] Back to the server. The easiest way I will do it from here, and it's a full blown expression. So you do,
+[3:58] extension
+[4:01] transfer dot target.
+[4:07] Get you.
+[4:10] Not equal
+[4:13] dot
+[4:14] x
+[4:17] and and so on and so forth.
+[4:21] Blah blah blah blah blah. So you just do it this way, or,
+[4:25] you can do it if there are too many of them. And and you also can do matching and replacing. So you can grab the extension and check if it matches with
+[4:33] the standard regex that has the the slashes, the
+[4:38] this character. I don't know the name of it. This character between them. So there are multiple ways to do it. But this is a full blown expression,
+[4:45] so you can have as many as you want. So if how many extension do you have?
+[4:51] Maybe around 20 or so.
+[4:54] Okay. In this case, I'll probably do,
+[4:57] whoops. Sorry. I'll probably do something like this. And then,
+[5:03] two lowercase
+[5:05] to make sure that, you know, they don't trick you with capital letters for whatever reason.
+[5:11] And then extension.
+[5:14] And then
+[5:16] transfer doc target unless you are inside of a trigger subscription. In this case, what you know, it will be different. But, basically, grab the extension,
+[5:25] make it too lower case,
+[5:28] and then matches.
+[5:31] And then in the matches,
+[5:34] you can do extension one.
+[5:37] And remember that the extension returns the dot at the beginning.
+[5:41] So you can either do a substring to remove the first character or just leave it like that. And then on the matches, you have dot e x t
+[5:51] oops.
+[5:51] Dot
+[5:54] dot star
+[5:56] dot
+[5:57] exe
+[5:59] or
+[6:01] dot star
+[6:04] dot
+[6:05] bin and so on and so on and so on, and then close everything at the very end. And this will match the files that match this, and you don't want it too much, so you just put the no at the beginning. So, you know, standard way. Okay. But something like that.
+[6:19] I and this will not work, obviously, exactly like it's written, but that's the idea.
+[6:24] Build your regex that matches.
+[6:29] Right?
+[6:30] Yeah. So if I need a an uppercase, then I wanted to do another condition to go with that.
+[6:37] Yes. But because those are extensions, you don't care about the case, and that then that's why I called two lowercase so that it will make the extension into lowercase. So this means that if the person uses Excel with a capital x, small x, small e, whatever, it will
+[6:52] put it down, just to lowercase at the beginning. That's why I added it here to make sure that what comes from the file is to a lowercase.
+[7:02] Is there a global setting at all, or does it have to be individually for all of this? I mean, every
+[7:09] file that we're unzipping has to go through this.
+[7:12] Yeah. For the outbound, it will need to be individually immediately after every unzip.
+[7:17] Oh.
+[7:19] Yep.
+[7:20] Sorry. Gonna need a request to make this a global thing then.
+[7:25] Yes.
+[7:26] Open an idea. What you are asking for is outbound restrictions.
+[7:31] Alright. Thank you. Yep. Matching the inbound. And, yes, if they upload the file, you will not even allow it. You will not process it. Right? But if it was inside of a ZIP or inside of PGP or something like that, you don't we don't know until we grab it from inside.
+[7:47] So Okay. Thank you. Didi, I can see you, but I have a couple more before you.
+[7:52] Okay. It's a follow-up to Oh. To this one. Go ahead. So what would the, what would the be if it's a, if there's no extension on the file?
+[8:03] Oh,
+[8:04] the way I would do it okay. I I should so I cannot get to the chat and, share for some reason today. So what I would do in this case
+[8:13] is matches
+[8:17] hold on.
+[8:19] So
+[8:20] let me let me clean up that a little bit so that it's easier to see. So extension transfer dot target and then matches.
+[8:31] You know what I'll do? Actually, I'll do a replace instead if I'm I'm looking for a, no. So replace.
+[8:39] So at the moment,
+[8:41] if you have no extension, this will be just empty.
+[8:45] Otherwise, it's dot something.
+[8:47] So and then I will replace that with,
+[8:51] actually, what I'll do? Hold on. So concat,
+[8:56] a random character, it doesn't matter what character it is, and then followed by the extension.
+[9:01] Right?
+[9:03] So at the moment, if you look at this string
+[9:07] did I close my brackets?
+[9:09] One bracket. Close. Second. Yeah. So at the moment
+[9:13] so this
+[9:14] will either be the letter r
+[9:17] or r dot something if there was an extension. Right? And then all I need to do is to see if this equal
+[9:27] r
+[9:29] like that.
+[9:31] So if this expression here
+[9:33] returned the letter r, then the extension was empty. We do have an empty.
+[9:38] Technically, we do have a function that checks if a strict is empty, but it doesn't check for nulls.
+[9:45] I think here using the empty will also work,
+[9:49] but I'm a little old.
+[9:57] Try force.
+[10:01] Makes sense, CD?
+[10:04] Yes. I captured that. Thank you.
+[10:06] Yep. And where I so this is equal.
+[10:11] You can also do standard match with an expression. You can do it in a lot of different ways. It's basically comparing two strings, and we have multiple functions for that.
+[10:21] So
+[10:22] but, again, also look at if you look at the documentation, there is also an empty function, and you can pass that if you don't do the concat.
+[10:29] I
+[10:31] from years of writing code, I'm just used to I much prefer to do it that way. Concatenate so that I force it into a string always, so I don't worry. Is it a no? Is it empty? Whatever it is.
+[10:42] And then compare it. And if it returns just whatever thing I put at the beginning, that's it.
+[10:48] Done. Okay? Okay. Good. Thank you.
+[10:51] Good. Okay.
+[10:53] Mishra Mishra.
+[10:57] If that's the first or last name, I apologize. Sometimes I'm bad with that. You all we all know that if you had been here before.
+[11:03] We're planning to migrate all the users' logins to its external IDP, and you don't want a big bank.
+[11:09] Well, that's
+[11:11] very easy to do because in the world of so your current all your users at the moment are local in ST. Right?
+[11:22] Let's assume yes, unless they can unmute themselves.
+[11:25] So in the world of ST,
+[11:28] there is a checkbox
+[11:29] on the account that says if the password is kept locally or not, and back to my server.
+[11:36] So when you go to the account
+[11:46] Okay. My server is being
+[11:49] temperamental.
+[11:51] But on the account,
+[11:53] when you set up the account, there is a checkbox that says if the password is stored locally. So for any account you are ready to migrate, all you need is to go to uncheck it, which will put it on the external path.
+[12:04] So when this user tries to authenticate,
+[12:07] they will come in. Now there is one exception.
+[12:13] Let's see.
+[12:16] There is one exception
+[12:18] to that rule, and this is when you say IDP, are we talking about SAML? Because if you go for SAML, the forwarder itself becomes unconditional
+[12:27] because it's happening before we know who the account is.
+[12:30] So if you need HTTP
+[12:32] users to be able to use both
+[12:35] okay. Either my VPN or my server doesn't like me at the moment. I will get it later. But
+[12:40] if,
+[12:42] if you have
+[12:43] users
+[12:44] that will if you need your HTTPS
+[12:47] users to be able to go SAML or not SAML, you'll need two listeners or different ports for them because of the way the SAML forwarder works. It goes before we know who the user is.
+[12:59] Make sense?
+[13:04] Thanks, Chris. Yes. The character I couldn't remember the name of was Pipe.
+[13:15] Okay.
+[13:16] So that that was about the migration.
+[13:19] It's if if you need to go the way with a double listener on the HTTP,
+[13:24] it will be a different port. So one of the two groups of users will need to change the port, but it's not impossible.
+[13:33] Hey.
+[13:35] Okay.
+[13:36] Olga,
+[13:37] is it possible to have more than one email contact in the email account email field? No, unfortunately.
+[13:44] The email field is one mail only. Part of it is because we're also using it for authentication
+[13:50] during ad hoc operations and for fighting the users when we you use ad hoc
+[13:55] or, system to user delivery.
+[13:58] So it will probably never become multiple mails. However, you can use additional parameters
+[14:05] on the account level or on the flow level with additional emails that then can be called in different situations, like notifications
+[14:13] or whatever you need it to be in.
+[14:16] If you need all the mails to the standard mail to go to multiple users, you will need to do groups on your mail server instead of ST.
+[14:24] But in ST, it's one mail per user.
+[14:28] Thank you, Amy.
+[14:30] Yep.
+[14:31] What is your use case, Algo? Or do you
+[14:34] why do you need two mails
+[14:37] or more?
+[14:39] Just for general notification purposes?
+[14:42] No. It's not general notification purpose. It's just that some of our clients
+[14:47] have more than one point of contact. So
+[14:50] they they wanted both those contacts to be notified.
+[14:54] I tried it today. Didn't allow me to. And I
+[14:58] said, okay. I'll throw it in there.
+[15:01] So what I would do is leave the email in the mail field, whichever you want to leave, because this is the one they'll maybe use to reset their password, for example.
+[15:11] But then
+[15:21] And then inside of every of notifications,
+[15:24] instead of using account.mail,
+[15:26] use this variable account. User vars
+[15:29] get get attribute.
+[15:33] Annie, I think I'm losing you. I don't know if it's on my side. Maybe the the forum can help me
+[15:39] because of I can't hear you any can you hear me? Am I audible?
+[15:44] Yeah. I can hear you. I I can hear you. I think she's coming in and out for some reason. Yes. Coming in and out.
+[15:53] Sorry. Can you hear me now? Yep. Yes. I can hear you now.
+[16:02] Now you are gone again. Now we lost her.
+[16:07] I think she's got connectivity issues.
+[16:10] Let me pan.
+[16:31] Kenny.
+[16:39] Okay. Can you hear me now?
+[16:41] Yep.
+[16:42] Yes. Yep. Sorry. Yeah. Sorry about that.
+[16:46] My VPN is making problems. That's why I lost the server as well. So I was just saying that, when did you lose me all, though? Because I was trying to explain how to work with multiple mails.
+[16:59] Yes. It was at the point where you were talking about
+[17:02] using multiple mails.
+[17:07] Yep. So you basically put them in the in the additional parameter under the user VARs.
+[17:14] And then when you build your templates and accounts, instead of using account dot mail, you use account dot attributes
+[17:20] user VARs dot notification mails.
+[17:23] That way, you still have the single mail into the email field because that's what is used for setting passwords and things like that.
+[17:31] But you can send everything,
+[17:33] all notifications to multiple people. And you can even do a condition,
+[17:38] like
+[17:42] in the field, you can check if the email is if this variable is empty, and if it is empty, then grab the email.
+[17:51] And if it's not empty, use those.
+[17:53] Something like that.
+[17:57] Everywhere where you type account dot mail instead of type typing account dot mail, you can do account dot attributes
+[18:05] user bars dot
+[18:08] whatever mail you have whatever notification mails, m is empty,
+[18:13] then use account
+[18:15] dot mail. Otherwise, use this
+[18:18] with a conditional.
+[18:22] Any are you able to demonstrate that? Do you think you have time, or maybe you can pop me an email if it's okay with you?
+[18:29] Yes.
+[18:30] And as soon as I managed to get back on my other device I'm on my phone at the moment, just with an audio, unfortunately. I lost the VPN on the laptop, and I need that for the server.
+[18:41] So if I managed to recover that in the next few minutes, I'll try to show it on the screen. If not, drop me a message, and I'll send you in the mail the expression that I'm that I'm talking about.
+[18:54] Much appreciated. Straightforward.
+[18:56] Yep.
+[18:57] It's it's just a conditional. If you have never done those, this is the this expression with the question mark and the the column.
+[19:06] So
+[19:08] Much appreciated. Thank you so much. Yeah. Okay.
+[19:11] Oh, okay. So let me see.
+[19:15] Of course, we'll have troubles.
+[19:18] At least my chat is alive, which means I still can't have the questions.
+[19:23] Okay.
+[19:24] So
+[19:25] but back
+[19:26] to where we started, single mail per account
+[19:30] simply because we use it for various purposes,
+[19:33] not just for
+[19:35] notifications,
+[19:38] resetting password and logins on ad hoc. So that's why it's a single mail over there. Okay.
+[19:46] Okay.
+[19:49] Why is the use case where we need both condition and file name pattern both in the route step? Why would you need both of pattern and the condition?
+[19:57] The condition can do patterns as well.
+[20:01] So what I I don't know if you can have both at the same time. I haven't ever tried,
+[20:08] quite honestly.
+[20:09] Because if I'm going to write a condition,
+[20:12] I would
+[20:13] always just put it over there. Any any
+[20:17] file name pattern can be written as an expression.
+[20:21] So if I need to go expressions, I'll just do that. I'll go file pattern only if I don't need otherwise condition.
+[20:28] But it's an interesting question, so I'll go play it this afternoon on my server.
+[20:39] Because I could I could not think of any use case where I would use the that. Like, condition, we never use it. If I need to use the condition, I'll probably use it at the route step itself. Right?
+[20:51] You know, in the main route.
+[20:53] So I always wonder because this was introduced rather recently.
+[20:57] So So I mean Yeah. So,
+[21:01] technically speaking, anything can you can do with the patterns can be done with the condition. We just didn't want to remove the patterns
+[21:08] before.
+[21:09] The the patterns is the older concept.
+[21:12] So way back when we had only the patterns.
+[21:15] Now that we have the condition,
+[21:17] yes. Anything you can do with a pattern, you can do with the condition. But it's more readable if you do it with a pattern sometimes.
+[21:26] So and there is backward compatibility to think of. So if you're asking why we didn't remove it, well, we didn't want to change everyone's routes and practices.
+[21:35] Plus,
+[21:36] if you're technical, writing condition is very easy. If you're you're not that technical,
+[21:41] something like
+[21:43] start up TXT is a lot easier than trying to figure out how to do that as an expression.
+[21:48] Right?
+[21:49] So that that's all this is all about.
+[21:51] Okay. Thank you.
+[21:54] Plus, especially
+[21:55] because we're talking about so especially the globing session. So if you're doing regular expression down in your, pattern,
+[22:03] then I strongly advise you to go to condition instead anyway.
+[22:07] But if you're doing globing,
+[22:08] globing is a lot cleaner to write sometimes and a lot easier,
+[22:12] and it works differently. So if you have too many files coming from from a ZIP, for example, a globing will be faster than a regets
+[22:20] simply because of the the way OS level works,
+[22:23] but not by much. Not enough to make a difference.
+[22:26] So for the time being,
+[22:28] technically speaking, you can just stay on the conditions and just stay there.
+[22:35] So
+[22:36] okay.
+[22:37] Chris, can you have a distribution list email if you are not using
+[22:42] ad hoc?
+[22:44] Yes and no. Can you put it in there? Sure.
+[22:49] But if this user tries to reset their password, if we keep local passwords and we allow them to reset,
+[22:55] they will need to have to be able they'll need to know which mail is there, and it's not won't be theirs. So we don't care if the mail you put in the email field is,
+[23:05] individual or group
+[23:07] or, you know, a forwarder that sends to everyone in your company.
+[23:11] It's just what we're using it for.
+[23:16] And it it doesn't even need to be unique. So we have a parameter on the server that allows even for ad hoc yeah. For for
+[23:25] that allows for non ad hoc. If you don't use ad hoc, if you just do password reset,
+[23:30] allows
+[23:31] you to for us to ask also for the username on a password reset so that you have password you have a username
+[23:39] and a mail, and then we can find the user. So it depends on the use cases. The field is always one
+[23:47] mail.
+[23:47] Is it a distribution list or not? It's up to you. We do have some
+[23:52] I've seen a couple of accounts where they are doing exactly that. They have distribution mails in their
+[23:58] exchange
+[24:00] server.
+[24:01] So every single mail they put in ST is actually a distribution list.
+[24:05] So
+[24:08] makes sense?
+[24:11] Okay. I think I might have a server, so let me just check it quickly
+[24:16] if it restart itself.
+[24:22] Okay.
+[24:23] While I'm looking at the server, what l I I'm out of questions on the chat.
+[24:29] So
+[24:31] or at least I don't see any more.
+[24:33] Let me see.
+[24:42] Yep. I don't see any more questions. So we have so
+[24:46] other questions?
+[25:03] No questions?
+[25:07] Hey, Annie. This is Morita.
+[25:11] Yep. Hey.
+[25:12] Hey.
+[25:14] Not sure if this is the the right forum to ask, but for the API part,
+[25:20] is there,
+[25:22] is there a way
+[25:24] we can,
+[25:26] like, if I pull the different,
+[25:28] the different parts of the API, right, like, the account subscription,
+[25:33] transfer sites, and routes,
+[25:36] is there a specific field that I can pinpoint
+[25:40] that link all these three, these types of report,
+[25:45] and be able to link them together,
+[25:48] like an
+[25:50] like an ID or a field that that that is present on all these
+[25:57] on all those reports?
+[26:01] Unfortunately,
+[26:02] not really. There are ideas that you can link one to the next one, but there is nothing that will give you the complete
+[26:12] sequence.
+[26:13] So there isn't so for example, if you have one account with three transfer sites and five routes and whatnot, there is no single ID that you will see everywhere.
+[26:24] So you need to understand the structure of the database and the API in order to connect the dots. So if you have so, usually, there will be either an account ID or
+[26:36] a route ID or subscription ID in the other object. And they are named properly,
+[26:42] but you don't have one that is
+[26:45] completely linkable all the way through.
+[26:48] I see. And with that one,
+[26:52] is is there, like, a documentation
+[26:55] for the on how the like, a like, a metadata for the API
+[27:00] data you guys have. Do you have
+[27:02] an information on that one where I can pull
+[27:07] to
+[27:09] So the only documentation we have
+[27:12] is the swagger documentation,
+[27:14] as you had seen it, that doesn't really have the level that you need. There is a class. I think it's free at the so there is something in university
+[27:23] team.
+[27:24] And then way back when,
+[27:26] back in 05/03, I wrote an article in community that was explaining how all of the objects fit together.
+[27:33] It was with API
+[27:35] one four and not with API two zero, but it doesn't matter, really.
+[27:39] So if you look for onboarding
+[27:42] for the onboarding article I wrote, it actually explains what connects to what and how.
+[27:48] But
+[27:50] that's that's pretty much what we have. We are working on something, but I don't know when it will be ready.
+[27:55] And then if you are you coming to Denver next week?
+[28:01] No. Unfortunately,
+[28:02] no.
+[28:05] Too bad.
+[28:06] Ian
+[28:07] from that, he's now on my team, but he used to be in training for a lot lot of years. But he's one of the sessions we have is start with your APIs.
+[28:16] That will do something that will be basically an introduction of how to start with APIs and how the STAPIs connect to each other. I don't know if we'll be recording
+[28:24] this session. I'm
+[28:27] pretty sure I also have
+[28:29] so look at the list of the user groups, especially the ones from a few years ago. I think
+[28:34] we get an group on APIs
+[28:38] where I went through the different objects and how they connect to each other. I'll need to look through the list. Yeah.
+[28:45] Well, we are we are we are recording the sessions for for next week, and so we can provide that out to you afterwards
+[28:53] and then
+[28:54] send you send along the the the onboarding article that,
+[28:59] Annie mentioned as as well as past user groups that that cover the topic.
+[29:04] I would I really appreciate that. Yeah. I'm playing I'm trying to play with the with the re the ID for each of these reports, and it seems like but I am not confident. Like, there's a certain length of your IDs that kinda match with all all the reports, but I I'm I'm not confident that I am not pulling,
+[29:26] an invalid information
+[29:28] for each customer. So
+[29:31] Yeah. Thank you. I will look into that. Yep.
+[29:35] Yes. So when it shows up
+[29:37] and then, we'll have this meeting over and over, and I'll put a note
+[29:42] on my calendar as well. So on one of the next ask Annie's through the summer or, you know, spring summer, whatever we can, revisit again.
+[29:51] And to
+[29:53] if you want to bring what you already have or send me the questions beforehand, then we can look at we can go through that. Because I don't mind even bringing up the server as soon as it's back live, and we can look into it. But it's just without having things ready to show,
+[30:08] we'll spend the next half of an hour of me chasing and showing you ideas while when I know what we're looking for, I can have things already opened and in place
+[30:18] so that we can look to it. But,
+[30:21] yeah. But the base but look at the onboarding article because it was explaining the IDs and which ones belong to what not.
+[30:28] And another thing, keep in mind that those those
+[30:32] IDs might look very similar, but they're basically they need to match exactly. The fact that they start with the same 10 characters means nothing. It's just how we generate them.
+[30:41] They're complete they're not random random, but they're independent.
+[30:45] So don't try to find the oh, this one starts with the same 10 characters, so it's something the same. Nope. They're just IDs.
+[30:53] And the good news is because of how we generate IDs,
+[30:57] you cannot have the same ID on different objects. So if you get the ID from a route, you will not have the same ID on that account, for example,
+[31:05] or something like that.
+[31:13] Alright. Thank you. I will wait for that for that information.
+[31:18] Yep.
+[31:19] And then, again, reach out with any questions you might have
+[31:25] before that or after that, and we'll talk to it.
+[31:30] Will do. Thank you.
+[31:31] Okay.
+[31:33] Hey. Let's see if I can share my server again. So give me a second to see if I can rejoin from this line.
+[31:46] I just rebooted my laptop over here.
+[31:49] Let me see if you can see my browser.
+[31:55] Yay. Should be able to.
+[31:57] Yes. We see it. Okay. Olga
+[31:59] Olga, you're still around?
+[32:01] Yes. I'm still here. I can see your screen.
+[32:04] So so that's what that's your use case that I was playing with all of this field. It's very, very small. So this is where, basically, you will want to do that expression we were talking about. And what you'll do is on the account attributes, if you call the the vars user
+[32:19] email or whatever,
+[32:21] then I'm checking is it matching dot plus that means so matches dot plus and e d back to what we're talking about how to do empty, that's another way to check for empty.
+[32:31] So dot plus means any characters at least once,
+[32:34] which means that if it is an empty string, if this is not there,
+[32:38] then this will fail.
+[32:40] It will be false.
+[32:41] But if it is an expression, it will be
+[32:44] at least one. And the same thing we talked about earlier, how you check for empty. You can concat with us what's what's not. But check if this is empty.
+[32:53] If it is oops.
+[32:56] I'll move that to a place where you can see it better in a second. But you check if it is empty. So this will check it will respond through if it is not empty.
+[33:04] And then if it is not empty, use that one. Otherwise, use the account email.
+[33:08] That way, you have an account
+[33:11] that
+[33:12] doesn't have this expression, it will still use the account email.
+[33:17] But if you always want to put it, you can do that. And let me see where I can put that so you can see it cleaner here, for example. So that's what it looks like.
+[33:26] And I also can put it on chat now all the time back.
+[33:30] Yes, please.
+[33:34] And, again, I just wrote that. I'll I'll get the screen back in a second.
+[33:38] Here it is. And, again, it might have some technical problems in this expression. You know? Some brackets might not be the correct one, so you might need to clean it up a little bit. I literally just wrote this thing from scratch. So who knows what I messed up? But if you understand the idea, it should be cleanable.
+[33:56] Okay. Thank you so much. I can already see one problem. One of the brackets is wrong. But yeah. So but something like that. And the and this is, by the way, a good way to check when you have two different parameters that may or may not be holding the information. It's not just for mails. It can be for anything.
+[34:14] That's the standard way to check. You check if if the one of them is empty. If it is not empty, then you put the return that one. Otherwise, you return whatever reserve value you have.
+[34:24] You can do it that way or the other way around. Check for email instead of that one and so forth.
+[34:30] Make sense?
+[34:32] Yes. It does. Thank you so much.
+[34:35] Yep. And, again, if you
+[34:37] don't
+[34:38] that's that's the standard way to do it. And because all of those places are expressions, that works, actually.
+[34:46] Right? Mhmm. But it doesn't work for us because in our case, everything is stuck with the email itself.
+[34:53] So K.
+[34:54] And just just put that put the links for the for from the onboarding staff, Lorita,
+[34:59] that I wrote all those years ago. So if you looked into that, it has some explanations about IDs and how you grab ID from one object to use to another, which you basically need the reversal, but it should give you an idea of what connect where.
+[35:13] Oh,
+[35:14] okay. Yeah. I see the I see them. Thank you.
+[35:18] Yep.
+[35:19] Okay.
+[35:22] Okay. And I have my server back, by the way. So if we need to look at something, we
+[35:28] can, at least for the time being.
+[35:31] Okay. So what else do we have?
+[35:35] I see one person that is happy that the meeting is late. This meeting time is working for them, so so am I. You know, I'm not the morning person either if you don't know it yet.
+[35:46] So what else do we have?
+[35:54] No questions? That will be a short meeting.
+[36:12] No? No one has any questions?
+[36:19] Jeff, you're doing okay over there? I haven't heard your voice yet. I was gonna say Jeff's been quiet so far.
+[36:28] Which Jeff? Yep. You.
+[36:30] You. Yes. I usually have something to say, but
+[36:35] today
+[36:36] today, I'm laying low.
+[36:39] Laying low today.
+[36:42] Okay.
+[36:43] Well, it's a first on those meetings. Although, technically, it's the half meeting because I already had half of the people on
+[36:50] last week on the early morning meeting. So maybe that's what's going on.
+[36:56] Hey, Annie. This is the
+[36:58] this is Danny with Blackhawk.
+[37:00] Yeah. I I I came on just kinda I mean, I got on the meeting in time, but I got the invite
+[37:06] from Ludo kinda late. So this is my first time joining me. So,
+[37:13] I hope to join them more often. And then maybe I'll have some questions next time. I was I wasn't even sure
+[37:18] what this was actually gonna entail or how it was gonna flow. But now that I have an idea,
+[37:24] I'll, I'll work on some questions for next rounds.
+[37:28] Yeah. So the rule basically is if you know the questions beforehand and you send them over what we were just talking with Maurita about, I can actually even look at something and have things prepared, but it's not a requirement.
+[37:42] Okay. You can just show up and ask a question like most people do, and I see a hand up so we have another question. So yay.
+[37:48] But
+[37:49] it's
+[37:50] basically a question and answer session, and it doesn't matter what kind of question you have. If you want to ask me about the checkbox, we'll talk about the checkbox. If you want to ask me about architecture,
+[38:00] gear, whatever, that's what we talk about. About. It's Okay. Secure transport.
+[38:04] Any topic goes. If I don't know the answer, if it's findable
+[38:08] through the server, we'll go look.
+[38:10] If it's not,
+[38:11] I'll tell you I don't know, and we'll try to brainstorm. Sometimes, I don't know, but someone else on the meeting does.
+[38:19] Yeah. Okay. Sounds good. I do know one of the things that we're looking at
+[38:23] this year and going into next year is because we're installed on our on prem servers today, and we're looking to move to the cloud. So that's kinda where I'll be looking at, you know, as far as, you know, best practices to move up into the cloud. We'll we'll be, yeah, up into our own private cloud, but
+[38:41] we got a big kinda project to move our systems up into the cloud. So that'll be one of them that we'll be focusing on here.
+[38:48] So the biggest thing you need to think about is where your data is.
+[38:52] As you will move, that's not the problem. If your external partners
+[38:57] will move, and it will actually be easier for them, they might need to adjust their firewalls to get you to your your servers and so on, but that's not the problem.
+[39:05] But Right. 99%
+[39:07] of when
+[39:08] cloud to ground to cloud goes wrong is when people forget about their back end applications
+[39:14] because you're pulling the server out from your secure zone and you're putting it somewhere else, which means, a, you cannot do folder monitors anymore because you are not sitting in the same network anymore, so you cannot attach the servers,
+[39:27] which means you need to switch to Samba,
+[39:30] or you need to find a different way to get to that data.
+[39:33] And b,
+[39:35] all of those that used to be internal to internal connections, you might get hit waivers from security because you are back in the secure zone.
+[39:43] Those will disappear on you. So if you have,
+[39:46] you know, mainframe from 1973
+[39:50] or something that is still doing plain FTP,
+[39:52] chances of your security maligned it to go all the way to the cloud that way are
+[39:57] named to none.
+[40:00] Right? So that that's what you need to look at. Okay. Yeah. I I think for us, that part of it, we would probably be okay because
+[40:08] we so far to date now, we've used the folder monitor really just to monitor
+[40:13] the files within.
+[40:15] We use a lot of folder monitors,
+[40:17] and I know that the advanced route routing is a is a good way to go to handle a lot of that. So that's one of the things that we'll be looking at. But I think for us, we use for our internal systems, we use SFTP to exchange our files, you know, between
+[40:31] ST and our back end platform. So when we move into the cloud, I think as long as that routing is still allowed, we'll be okay.
+[40:37] And then for the external partners
+[40:39] yeah. Nick, for the external partners, the idea was to use, like, the URL we have today.
+[40:45] We would just you know,
+[40:47] when we're testing yeah. And we have the we'll we'll be kinda looking at it as to the best way to do it kinda similar to an earlier question on, you know, phased approach per partner kinda thing or groups of partners and types or if we just do it all.
+[40:59] Because we recently did a migration to new servers on on the on prem arena, so it would be similar to, I think, to the that process. It's just it would be up in the cloud. We We just have to work through all the connectivity and everything. We should be good. Yeah.
+[41:12] As I said, it's usually the internal the internal transfers people forget because you're so used of them being next to you
+[41:19] that you don't have security on them, you don't have firewalls on them, you don't have rules for them.
+[41:25] And then you move, and it's like, yeah. You're three three level three levels away now, so someone needs to punch all of those holes now. And security is like, I cannot open all those ports for you.
+[41:37] Right. And it gets stuck. So that Yeah. Yeah.
+[41:41] I I do have another question if it's okay.
+[41:44] Now that I'm getting the hang of this now this is working. So one of the things that
+[41:49] so we have a
+[41:51] our, you know, our our different daemons, because we run our
+[41:54] ST, you know, on Linux
+[41:57] Red Hat. And so
+[41:59] up so far, we've always just used you know, we we got our our SSL certs and we you know, our HTTPS and our SSH,
+[42:07] you know, and a s two are all using those, you know, SSL cert, you know, to listen for the inbound traffic that, you know, that flows in.
+[42:15] And so one of the questions that came up was, and and due to the security and all the stuff that's been going on in the last few years,
+[42:24] we are at a point where those certs get renewed every year,
+[42:29] you know, which which is fine. And our partners are used to that. They know that, hey. You know, there's gonna be a new cert, you know, and they go through the accepting of it. You know, some systems are better than others as far as accepting that
+[42:38] new cert even if it's a renewed one. But but the question I have is is
+[42:44] one of the things that came up was, like, for SSH, it seems to be a little more problematic than, you know, the other protocols.
+[42:51] As far as, you know, like, can we, like, create
+[42:55] we can create our own SSL kind of cert to listen on. Right? Is it I mean, to so that Yeah. When we do this renew renews, we just won't be tied to that security SSL cert. Now I don't know if our security will allow that, but that was one of the things I was thinking about.
+[43:08] Yes. You can and you can even talk to them talk to them and see what they will allow. So for SSH,
+[43:16] what what is used with partners is the keys inside of the certificate.
+[43:20] What we need for the demo is the SSL part of it,
+[43:24] but it doesn't need too much. So what what you can do is to use the old private keys and then assign them again every year with a new SSL wrapper
+[43:35] so that your security sees a new certificate,
+[43:38] but the keys for the end users don't change.
+[43:41] That doesn't work on the SSL protocols because on the SSL protocols, the whole part of it works together.
+[43:48] But it works
+[43:49] on SSH,
+[43:51] and, support actually have a either an article or a guide somewhere about that. But that's what I see on the field.
+[43:58] So you use your SSL certificate, the read the official one, you know, the one you pay for,
+[44:03] or the SSL demos,
+[44:06] AS two,
+[44:07] HTTP,
+[44:09] FTP if you have any, PSIP if you have any. And then on the SSH, you put a self signed
+[44:15] certificate because
+[44:17] it doesn't matter
+[44:19] unless your security throws a fit about it because I've seen that as well.
+[44:23] And then you just renew that
+[44:26] because it's a self signed. You can keep the key and sign from outside or it can even be signed properly from outside
+[44:32] as long as you extract the key and reuse it every time.
+[44:35] So that for all intents and purposes for your external SSH partners, it will look like you never change your certificate or your key,
+[44:44] but it still satisfies the SSL
+[44:46] repudiation
+[44:47] thing. So Yeah. Yeah. Yeah. I I yeah. That would definitely and that that's the that's the exchange I had with one of our
+[44:55] back end folks. I was asking about that, you know, because they're because we're you know, I'm in our servers are here in California,
+[45:03] and one of, you know, setups is over in Ireland, and then they were asking about that. Well, hey. Well, why don't you just use an SSH? So and I had said that we will we would have to run past security to make sure,
+[45:12] you know, that you know, because there's some guidelines where we have to replace the search, you know, and now it's every year. And we were just we're we were kinda brainstorming through the best way to handle that. And I know you know? And I it looks like
+[45:27] oh, Christopher posted something about
+[45:30] security not allowing self signed search. So that's where we we would have to do some checking on our end as well to make sure that that's something that they would allow. I think as long as we can show that, yes, it's changing
+[45:41] and, you know, that kind of thing, we might be okay.
+[45:45] And that's why I keep saying talk to your security of what actually is the rule in your company. Because Yep. Our SH server is a little unusual because all it requires is the SH keys,
+[45:56] but we need the cert because of how the server is built.
+[46:00] And it has to do a lot of history and the fact that we try to capture the same as the others and so on. So
+[46:06] most SSH servers on the market don't have a SL cert on them. They just have keys, which is the norm.
+[46:12] When ours was built, it was built with a cert on top of it.
+[46:17] Maybe,
+[46:18] that might be worth adding an idea,
+[46:21] over on the ideas portal about dissociate
+[46:24] changing that going forward, but it will require a huge rewrite on the server.
+[46:29] It's just how it's built, unfortunately.
+[46:32] Okay.
+[46:33] Thank you very much for that. That's what it is. Yeah. Thank you very much. Okay.
+[46:39] William, you've been very patient.
+[46:41] Wait. Yep.
+[46:42] I know. William, thank you for being patient, and that's you now.
+[46:46] Hey. Yes. Hi, Annie. After having set up a an account management application for notifying users of their expiring
+[46:54] SSH keys,
+[46:55] I was able to
+[46:57] to modify the the mail template for, you know, for branding purposes.
+[47:01] But I find that the variable at the very bottom of the mailing template, is both in the contents,
+[47:08] I couldn't find a JSON file that can contain the wording,
+[47:11] of it. So is there a is there a way to modify that
+[47:15] or to be able to just one.
+[47:18] Not on just one. So for the ones that just put a variable,
+[47:23] inside of the of the template, they are hard coded in the,
+[47:28] in in the JARS in the Java code, basically. Okay. I see. Okay. I I have I
+[47:33] was expecting that, but I was I wanna make sure that there was not no place else I could see. They
+[47:38] have been looking into it to try to move them out. But, unfortunately, the way they build those strings is
+[47:44] so every time when you see just a variable that contains multiple things, those are not configurable anywhere.
+[47:51] You can configure the x h t m l as much as you want. You can add more tags. You obviously found that.
+[47:56] Yes. But if they're calling a variable,
+[47:59] the variable is what the variable is, unfortunately.
+[48:02] Now It is what it is. Okay.
+[48:04] It is.
+[48:05] Now there are a couple of things you might be able to do on some others, but not on this one. For example, if it is a routing based one,
+[48:14] now that we have the new step that allows you to add additional flow parameters, you can actually build your own flow parameter with whatever string you want and then use that in the mail instead.
+[48:24] But that doesn't apply to send notifications
+[48:27] for certificates and so on because they don't have a routing,
+[48:31] routing. So we are working on things slowly,
+[48:35] obviously, but it just takes forever.
+[48:38] And and for this one,
+[48:40] it's not even a pattern based. They basically created the string inside of Java, creating the string inside of Java and throwing it out.
+[48:49] So it's not it cannot be translated, which is a big problem in our in Europe, for example. Mhmm. Yeah. So it's
+[48:56] they are looking into changing things, but just like the list of files when we sent ad hoc notification that you have 10 files to download or something like that, those just come as they are. And they are not passable, changeable,
+[49:09] updatable.
+[49:11] I
+[49:13] it's it's just how it was built.
+[49:16] Okay. So, unfortunately Thank you
+[49:18] very much for that. No problem. However,
+[49:22] it you if you need to add more
+[49:25] things
+[49:26] to that message, you can add it back into the eight x HTML, and you found that already, I suspect.
+[49:32] So just you cannot check what the message itself says, but you can work around that by adding more information in the template.
+[49:40] I see. Okay.
+[49:42] Right. Makes sense?
+[49:44] Yes. Thank you very much. Yeah. Because you can you can use any variable over there, and you can also use
+[49:51] any strings. So if you just type a message, you know, contact,
+[49:55] you know, contact William for all I can Under under the variable. Yes. Okay. Got it. Very good. Under it, above it, around it.
+[50:04] You know, you can do whatever fancy thing you want. The only thing I will warn you is if you're going too fancy with and so on, they won't work in most clients. So don't do that. Just because male clients can be stupid sometimes.
+[50:16] And, honestly,
+[50:18] right, creating a new a very beautiful mail that works both on, web mail based mails and text based mail text mails and
+[50:28] Outlook is almost impossible.
+[50:30] That's why we have this basic looking pattern,
+[50:35] but you can add as much information as you want in there.
+[50:39] So Sounds good. Yep. Okay. Great. Thank you.
+[50:43] Okay. Well and Jeff have a question. So
+[50:46] big application back ends are exchanging from IBM broker to EKS. Yay. Finally.
+[50:53] Everything is AWS.
+[50:55] Any issues foreseen with such a move? I suspect sorry. I need to read that. So all our apps are within our AWS
+[51:02] cloud on the various
+[51:04] EC tools. Any issues foreseen with such a more comparing everything within the VPC should be helpful.
+[51:11] Boy, what a babbling question Jeff has. That is I just
+[51:17] I just Basically,
+[51:19] you
+[51:20] are moving everything. So everything will be in AWS?
+[51:24] Everything
+[51:25] is already
+[51:27] there including this, you know, the IBM broker,
+[51:31] but we're getting we're getting rid of that. And and and we're we're already feeding in
+[51:36] from EKS,
+[51:37] but they're, you know, they're much smaller volume.
+[51:40] Now we're gonna be feeding in
+[51:43] and picking up tons of stuff, you know. We're we're really increasing
+[51:48] that volume tremendously.
+[51:51] So
+[51:52] there you know, I I guess all kinds of combos with EKS,
+[51:57] workers,
+[51:58] nodes, and so on need to really be,
+[52:02] you know, played with quite a bit until until we get a nice a nice flow.
+[52:07] What do you think?
+[52:08] The one thing I'll be very careful about is not to allow too many files to end up in the same folder or same server for and ask to try to pull them at the same time. You know, the 10,000 files
+[52:21] problem.
+[52:22] And speed is a lot better than it used to be,
+[52:26] but still that's what can kill us and make us unstable. And the other thing is when you change from one application to another and one manager for to another in a way,
+[52:37] you might see a shifting of the patterns and peaks and how data is coming and when it's coming and what's getting processed when.
+[52:45] So you might need to do some performance
+[52:48] changes to account for that. Right. Right? Because
+[52:52] if the broker
+[52:53] could for example, if the IBM broker couldn't do more than six files per time, you know, six threads, whatever, and Audi can do 25,
+[53:03] ST is okay usually with a number, but
+[53:06] your configuration
+[53:08] is set for the old world and you have also other traffic going on. So it's not about so I'm not that much worried about the move from one product to another.
+[53:18] Yeah. It's that if the pattern changes,
+[53:21] if the way files are coming changes, you might need to do something around it to protect SD. Okay. Yeah. Right now right now, it looks like, you know, early tests,
+[53:31] their
+[53:32] outbound,
+[53:33] which is
+[53:34] much higher volume,
+[53:37] is going okay. And the and when I inbound,
+[53:40] like, when a customer drops off and
+[53:43] ST then puts it in the folder
+[53:46] that the broker was picking up. Now it's gonna be EKS
+[53:49] is picking up.
+[53:51] They seem to it seems to be a little bit slower,
+[53:54] which is kinda weird because it's going through the same, you know, VPC and everything. But I think it's more on the application
+[54:02] side with getting the right
+[54:04] combo
+[54:05] configured,
+[54:06] you know, because it's it's SD is taking stuff and zipping it right to to where it needs to go.
+[54:13] And then
+[54:14] EKS is
+[54:16] needs to come in and pick up all that stuff and suck it in and do its application thing. That piece is a little bit slow right now, but they seem to be
+[54:27] getting it better.
+[54:29] So I I would think it's really on our application side, just getting that adjusted properly.
+[54:36] Yeah. My good feeling is that either they're coming with less threats or with Yeah. Smaller threats with smaller buffers or something compared to and that's what I was talking about. It's not really about the data per se. It's Mhmm. You have moving parts and you're changing one of them. Right? Right. And especially because the way SK is configured had been based on the IBM broker details and how it was working. So if EKS changes that
+[55:02] or require smaller windows or whatnot, you might need to adjust it on the SDS side. Yeah. Yeah. And you just said you just said something that clicked when you'd said less threads. I've heard them I've heard them talking about that, you know, adjusting, you know, with with with that. So
+[55:19] I'll report back. I I that's that's pretty good for now. That's what I need. Thank you. Yeah. It's it's it's the same conversation you always hear for you when you change the partner, when they change something on their side. Mhmm. It's the same volume of data. It's the same number of files, but the way
+[55:35] they are sending them and the speed and the the thresholds and so on changes,
+[55:41] which will change everything. So if they're if every if they're picking up slower,
+[55:47] I would say that something on their side is just not coming fast enough to ST because nothing changed on ST. You have the files in place. Exactly.
+[55:55] And that step cannot change. But now but if the broker was coming with 10 connections and then
+[56:01] sick is getting
+[56:03] the files within the 10 connections without closing, reopening, and whatnot. Yep. That will be a lot faster
+[56:09] than if EKS is opening five connections only and closes after every file to come for another one, how SD works usually. Right? So it's the details.
+[56:19] That's exactly what I wanted to hear. And that confirms, you know, that that that confirms some thoughts over here. Okay. Yeah. Thank you. Thank you, Annie. One thing
+[56:29] I need you to check,
+[56:31] by the way, is do the look at just don't look at how long it takes for the whole job to finish from the beginning to end, but just look at the transfers only and calculate the timing there.
+[56:43] Not for transfer,
+[56:44] but for all of them. For example,
+[56:46] within an hour
+[56:48] in the old and the new way and see if that is also slower. Because if this is slower,
+[56:53] what is going to tell you that either you have oversaturation in the network
+[56:57] or there is a slowness
+[57:00] latency slowness or something between whatever a k ETS is and SPS, and you might need to look into that and see what And channels
+[57:09] Yes. And sometimes the application doesn't let you know that they're also doing something else from an application perspective
+[57:16] that now is coming to the forefront.
+[57:19] So
+[57:20] I'm good. Thank you very much.
+[57:22] Yep. I don't like applications
+[57:25] doing multiple things. Part of the reason why I like s t pushing the data out as opposed to just us staging the files and someone else coming is that we control when the files go.
+[57:34] As opposed to us. Sitting and waiting and then someone coming from outside with hundreds of connections and complaining, but it's slow. Well, yeah, because you're trying to download 100 files from the same folder at the same time. And that's another thing. Especially
+[57:50] if the files sit longer in the folder,
+[57:54] that will mean that you have more files in the same folder for a longer time. So when someone tries to read it,
+[58:00] all the responses on list and so on will be slightly slower
+[58:05] because there is more data there.
+[58:08] Right? The way
+[58:09] OSes work, everything works like that. The more files you have in the same folder, the slower the access to the folder becomes.
+[58:17] So you might want to look at that as well.
+[58:21] Thank you.
+[58:22] Okay. It's a lot it's a lot better this week than it was last week.
+[58:26] So that's so that's good. So we're going in the right direction.
+[58:30] Yep. And and, honestly, you'll step somewhere weirdly and then you'll need to come back and fix it again. But it's it's what it is when you have a lot of data moving between two applications and two channels. You just need to adjust on both sides. And from the sounds of it, I'm not saying you cannot adjust things in ST
+[58:48] as well, obviously.
+[58:50] But from the sounds of it, AKS just need to pick up their game. That's right. It's not the s it's not on the estimate. My
+[59:00] my conclusion
+[59:01] thus far, it's not any problem with ST. It's on the EKS side.
+[59:06] Thank you. I gotta run to an immediate 02:00 meeting. So thank you very much, Annie. Okay. Yep. Okay.
+[59:12] Any other questions?
+[59:22] No?
+[59:29] Well,
+[59:30] if no one has a question, we're done in an hour, which a little surprising, but not much because we had another hour earlier late last week with the other half of the people. So thanks everyone for joining us.
+[59:43] So,
+[59:44] logistically,
+[59:45] next month will be a single meeting at the regular hours. Then in June, we're doing the double meeting early late again.
+[59:53] We're still testing all this.
+[59:56] So,
+[59:57] I will we will appreciate any feedback on the timing,
+[60:01] and does this timing work for you and so on and so forth.
+[60:05] I
+[60:06] I like the split meeting simply because it gets chance more chances to people to come into the meeting, but it also obviously can't run for ninety minutes every time because we don't have that many people.
+[60:18] So last
+[60:20] Yeah. Call for questions before I get it back to Jeff.
+[60:29] Yeah. Olga,
+[60:30] look for the other meeting as well. So I had last Thursday, it's
+[60:35] three hours earlier than this one,
+[60:40] which might be better for you.
+[60:42] Yeah. We're experimenting with some times that are more EMEA friendly and North America friendly rather than just one time for both.
+[60:51] So as I said
+[60:52] as I said, the one next month will be the regular time
+[60:56] that is geared to everyone. But then in June, we'll again have the two meetings. One at
+[61:03] three hours earlier than this one, and then this one for the West Coast on The United States and US
+[61:09] in general.
+[61:10] So
+[61:11] okay. So Thanks, everyone.
+[61:13] So so I'm sorry. So so the normal time is 7AM
+[61:16] Pacific,
+[61:17] usually?
+[61:19] Yes.
+[61:20] It's 7AM Pacific on the regular time.
+[61:24] It's basically 5PM
+[61:27] French
+[61:28] France. That's what we're targeting.
+[61:30] And this this was used to be our regular window for almost three years. More than three years, we're doing those.
+[61:36] So we're experimenting a little bit. Because you're Pacific,
+[61:39] you'll have the regular, but also every second month, we'll have this late one at least for now.
+[61:44] And after a few months, we'll make a decision of what we're doing. We're just trying to help everyone based on time zones because it's a big world. And if you by the way, if you have APAC offices and someone on the other end of the world, I also have quarterly
+[61:59] meeting
+[62:00] with APAC basically at 7PM
+[62:03] my time.
+[62:05] So there is also another meeting for if you are all the way at the other end of the world.
+[62:10] We're trying to cover the globe. Yeah. So Yeah. Yeah. It it's hard to find a single time that works across the globe.
+[62:17] Yep. Yep. Yep. I mean, we had all guys in South Africa, and we have the West Coast Of The United States, and that's a huge span
+[62:26] of time zones. So
+[62:28] okay.
+[62:29] So back to Jeff. Thanks, everyone, for joining.
+[62:32] Thanks a lot, everybody. Appreciate it. Thank you, Annie. Just a couple concluding remarks. I just wanna highlight about,
+[62:39] actually community and everything that that's on,
+[62:42] the side in terms of the ideas portals that Annie was mentioning. We have the user group calendar, both what's coming up as well as recordings
+[62:50] of past sessions,
+[62:52] product road maps.
+[62:53] ST is is
+[62:55] obviously featured.
+[62:56] And then,
+[62:57] you know, what's near and dear to community is just an open on demand, discussion forum. So, please take a look at that.
+[63:05] One thing new that we started last year was about, having what's new videos on,
+[63:10] secure transport and and other products. It's we have a YouTube channel for it, and it's really just a,
+[63:16] three to five minutes that they're short videos about the the the latest update,
+[63:22] on the product and and some things to to to highlight.
+[63:26] So take a look at that. And, again, I'll I'll provide these slides out.
+[63:30] And then one last thing is,
+[63:33] welcome,
+[63:34] reviews.
+[63:35] G two is a
+[63:37] a site that that,
+[63:39] many use when they're about evaluating
+[63:41] a technology product.
+[63:43] So you're feel free to to leave a review about
+[63:47] SecureTransport or any other actuator solution
+[63:50] that you that you use.
+[63:53] Thank you again for being here. We very much appreciate it. Thank you, Annie,
+[63:58] and hope you all have a great rest of your day. And we'll see you next time. Thanks, everyone.
+[64:03] I hope I'll see some of you in Denver.
+[64:07] Come say hi. I'll be there.
+[64:09] Thank you. Have a good day. Bye bye. Thanks, guys. Good day, everyone. Bye. Thank you. Thank you. Bye.

out/961596767/transcript.txt

@@ -0,0 +1,810 @@
+# Transcript: 961596767
+# URL: https://vimeo.com/961596767
+# Duration: 4495s (74.9 min)
+
+[0:06] Well, good morning, everybody.
+[0:08] Thank you so much for all joining, and and we'll have more join as we go here. I'm gonna turn off that
+[0:16] transcription.
+[0:19] So welcome to the ask Annie
+[0:22] Secure Transport best practices user group session. We're, again, happy to have you join us, and
+[0:27] I'm just going to mention a few little housekeeping items before introducing Annie and then allowing her to get started.
+[0:35] Just wanna mention that we are recording this webinar,
+[0:39] and I will send the recording link along with the presentation
+[0:43] following today's session.
+[0:45] Of course, if you have any questions throughout the presentation,
+[0:49] Annie will be happy to address them. Feel free to just raise your hand in the
+[0:54] bar there and
+[0:56] speak up, and and we'll be glad to address that. Or you can send a note in the chat, which I will be watching as well Annie,
+[1:03] and we will address your questions that way.
+[1:06] Why I just quickly mention something?
+[1:09] We've
+[1:10] hosted
+[1:11] customer user group sessions at some of our customer sites,
+[1:16] Costco,
+[1:17] D and B, Lockheed,
+[1:19] our parent company, Sopra.
+[1:21] We've had them at the locations there, and it's a great opportunity to allow you to collaborate in person with, your peers.
+[1:29] And, it also
+[1:31] it's no cost to you because,
+[1:34] we do all the work and we come to you. And so, we
+[1:38] appreciate as you having a room for us to hold the meeting, and then we'll take it from there. We'll even provide lunch
+[1:44] and,
+[1:45] refreshments. And so if you are interested in doing that at your facility
+[1:50] or you know somebody that in your company that I could talk to, feel free to email us at community@xway.com,
+[1:57] and we'd love to talk to you to
+[2:00] hold a user group session like this in person.
+[2:04] Again, they're they're wonderful opportunity
+[2:06] as our
+[2:07] customers have attested to that they love doing that. So feel free to let me know if if you would like to do that or point me in the direction of somebody that might make that decision.
+[2:19] So without further ado, I will introduce
+[2:22] Annie Yotova.
+[2:23] She's our MFT architect and will be conducting today's session. Thanks, Annie.
+[2:32] Good morning. Good afternoon. Good evening. I'm seeing a lot of some people from over
+[2:37] on the other side of the ocean. So if this is your first ask, Annie, this is a question answer session.
+[2:44] I have a live server,
+[2:46] a variety of them today, actually,
+[2:49] where we can go and look at things or,
+[2:53] if you have a question about how something looks like or where to look for it.
+[2:59] And then
+[3:00] any question is welcome. It doesn't matter if you are asking about the server property or
+[3:06] architecture question or migration, anything as long as it's about secure transport or somehow related to it, go feel free to. I recognize quite a lot of the names on the session.
+[3:17] So I know most of you had been to one of those or more.
+[3:21] For the ones that are new, welcome.
+[3:24] Hope you enjoy it. And with that, who wants to kick it off today?
+[3:31] And this is the most
+[3:33] fragile part of this meeting until someone starts talking. Once we start, we usually don't even end on time. It usually run over. So
+[3:44] who wants to kick it off?
+[3:48] Okay. We do have a question from Mark in the chat session. Yanny, if you wanna look at that.
+[3:54] Yep. And I'm seeing
+[3:56] erase cancel already. I don't see anything in the chat.
+[4:00] Hold on. Any way to configure a send a partner route to rename the file to deliver only if the file name already exists on the target side?
+[4:08] Yeah. I saw it. Yep. Thank you. Okay. Thanks, Lucy. I'm I'm on two screens and one of them doesn't show me the correct chat, which is weird.
+[4:15] Okay.
+[4:16] So, Mark,
+[4:18] you are try what protocol are you going to be using?
+[4:22] Secure FTP.
+[4:24] So FTP or FTPS?
+[4:27] SFTP.
+[4:28] SFTP.
+[4:29] So that's the SSH one. So,
+[4:32] unfortunately,
+[4:34] no.
+[4:35] Because we don't have a control on the other end. So you can always rename,
+[4:41] but we cannot go and check proactively and only rename if something is happening on the other end. Sometimes it is because we don't might not even have free access into the folder properly.
+[4:52] Because during a push, all we're doing is connect,
+[4:56] log in,
+[4:58] put a CD into the folder,
+[5:00] put the file, and get out immediately.
+[5:04] So we don't
+[5:07] have a
+[5:08] the ability to actually
+[5:12] do anything.
+[5:14] If you do a previous tab that goes and check stuff and you already know and, for example, use the set flow parameter or something to put it in the environment, then we can use that. But the step itself cannot do it.
+[5:28] Yeah. That's why I was wondering. I didn't know if I could do a route that did, like, a pull from partner step,
+[5:34] you know, to see if the file was there. And then based on the success or fail of that step, it would do a send to partner either with a normal name or a a rename or something like that with expression language?
+[5:47] You might be able to. The problem though
+[5:51] is that the pull from partner
+[5:54] is not running in the same sandbox or in the same flow where you are at moment.
+[6:00] So with the pull from partner,
+[6:02] you can check for the file,
+[6:05] put
+[6:06] it eventually
+[6:08] into the folder,
+[6:09] then run around
+[6:11] that
+[6:13] runs a so
+[6:16] the challenge here is that the pull from partner doesn't pull them in the same sandbox or in the same place where your current scenario is. So you'll need to exit with the current scenario.
+[6:25] Then you can catch the result from pull from partner, which is either file or no file found. Right?
+[6:31] And if it is a no file found,
+[6:36] and then you can do the renames. So
+[6:39] can you do it?
+[6:40] Sure. But it will be connected.
+[6:44] Because your first route will need to be just the pull from partner, nothing else
+[6:49] with leaving the file seeking query test. And now the challenge is how do you get the file that was just originally uploaded to get into a sandbox for sending?
+[6:58] Because now you'll need to figure out sometimes of triggering
+[7:01] because the pull from partner
+[7:03] will not put the found file or the reaction from it in the same
+[7:09] scenario.
+[7:11] Does this make sense?
+[7:13] It does. Yes. Thank you very much.
+[7:16] It's just one of those disconnected
+[7:18] things. It's useful, but not for your kind of scenario.
+[7:22] So in your case,
+[7:24] you can play with it and probably manage to get it done,
+[7:29] but I don't
+[7:32] I I just it it won't be as straightforward as it needs to be, not with SFTP. And the reason I asked why is because, obviously, with some protocols, we have better control than with others.
+[7:44] Gotcha. Thank All
+[7:46] you're trying is not to override. Right?
+[7:49] Exactly. Yeah. They want a standardized file name,
+[7:52] but, you know, and they delete it after they process it. But occasionally,
+[7:57] if something fails on their end, they're like, well, if it's there, don't override it. Give it a different name.
+[8:02] And I'm like, well, okay. That gets difficult. And I was saying with that pull from partner and you have the check boxes to,
+[8:10] you know, proceed on route,
+[8:12] failure or proceed on, you know, step success. I didn't know if I could branch off a route, you know, with two different send to partners, one with a rename and one without. And before I even started messing with it, I just thought I would ask.
+[8:27] Yeah. Unfortunately,
+[8:29] the on the on a
+[8:31] pull from partner, the success
+[8:33] will just tell you I scheduled to just pull to run immediately. It won't tell you if I found any files or not.
+[8:39] It's just a different it's just the API call.
+[8:42] It just puts it in the database and that's what this step does inside Gotcha. The route. So that won't help you at all. Okay. Thanks.
+[8:50] But you can run around somehow with secondary route. But one thing to be careful, of course, is how you're going to manage this long term. I would say if you can talk to your partner, just ask them, can you just add the timestamp at the end of your names always,
+[9:06] you know, something like that. Or at the beginning, Chorus, an extension or something, and they can just drop them because there's the cleaner way.
+[9:14] Yeah. It's always our preference is to put a a date stamp in the name, but, you know, you get some vendors that just for whatever reason don't seem to handle those kind of requests well. So I was, you know, trying to accommodate them, but I think it's just gonna be more trouble than it's worth.
+[9:31] I I just don't yeah. It it's the only way for you will be to do a daisy chain, you know, run-in the and you'll need to figure out how to get this file back into a position to push it out. Because once you get the post from partners,
+[9:46] you can run another route now, but the file is not there anymore because it's actually running with the one you just pulled or the one that we didn't find. So it gets progressively complicated.
+[9:57] So just talk with your partner.
+[10:01] K. Thanks. Mhmm. Okay.
+[10:07] Oh, got
+[10:08] We are getting an error
+[10:10] as the sorry.
+[10:15] We're getting a failure to connect to remote host,
+[10:19] violates maximum packet
+[10:24] Uh-huh. Olga, do you have any idea what
+[10:27] software are they running on the other end?
+[10:31] Hello, everyone. No idea.
+[10:35] Okay.
+[10:36] So the best so couple of things you can do. So the problem is that with the buffer sizes
+[10:44] so this is the incoming packet.
+[10:47] And is this
+[10:49] connect is this pull or push?
+[10:53] Well, I'm getting the error message when trying to test the connection.
+[10:58] Not even I'm not even getting to the point of attempting to push or pull.
+[11:03] By just trying to list the sites or
+[11:06] testing the collection,
+[11:08] it throws that error message.
+[11:17] Oh,
+[11:18] it's just some
+[11:27] You're cutting out. You're cutting out.
+[11:31] Kimi. Okay.
+[11:34] Okay.
+[11:40] It shows.
+[11:42] I know you're breaking up.
+[11:45] Yep. I heard that. So sorry about that.
+[11:51] Can you hear me now properly? Yes. Yes. I can hear you properly.
+[11:55] Yes. Okay.
+[11:58] Hold on a second. My VPN dropped my connection again. I'm having the usual phone with my VPNs.
+[12:03] I think it just does not
+[12:06] like
+[12:07] TMs.
+[12:08] The gateway
+[12:12] itself, if you go into the advanced settings, there are a couple of buffers.
+[12:17] Whereabouts?
+[12:19] Set the software
+[12:21] there.
+[12:24] You might want to play with them to try to the other on the transfer side.
+[12:34] So you said on the transfer side because your line is very bad.
+[12:38] I don't know. If you don't mind, you can write the instructions. I can follow them because I don't Yeah. Just I
+[12:49] will.
+[12:50] Sorry. Thank you. Bye. Thank you.
+[13:07] Audio is cutting out, Annie. No.
+[13:12] We really don't can't understand at all. No.
+[13:24] Annie, does it help to drop off and come back in?
+[13:29] Can't
+[13:30] hear you.
+[13:33] Okay. Is this better?
+[13:36] Keep talking.
+[13:38] Okay.
+[13:39] Let me drop off and down. No. That so now you're good.
+[13:44] Oh, okay. I switched lines, and I was hoping it will catch up.
+[13:48] Okay.
+[13:50] Now we can hear you.
+[13:52] Okay. And I think you're seeing the browser as well. Right? Yes.
+[13:58] Okay. Let's hope this holds.
+[14:02] Okay.
+[14:03] So
+[14:04] on the transfer side,
+[14:21] The other ones,
+[14:23] it's the buffer sizes.
+[14:25] One of them, usually the connection read or write buffer is the one that gives the problematic
+[14:29] one
+[14:31] in this
+[14:32] case.
+[14:34] Unless
+[14:36] they are running some kind of software data compliant, play with how much is unclear.
+[14:42] Part of the issue is that
+[14:45] until
+[14:46] unless they tell you what they are doing, sometimes it's impossible.
+[14:51] And that's why I asked you if it is
+[14:54] pull or push. If it is on the connect itself,
+[14:57] it would be it shouldn't be the buffers,
+[15:00] but it might be the block size of the SFTP message, the one over here at the bottom.
+[15:05] So
+[15:06] try to change those, see if the message is changing
+[15:10] is the best I can say based on the on the error.
+[15:14] Okay. I'm
+[15:16] showing that.
+[15:19] Yeah. Because it's
+[15:22] there is
+[15:24] the the problem is the package size, and what is happening when we connect is that they are supposed to respond with a specific length after the two servers negotiate between them. And that's what there is the error is telling you that the packages don't match. We expect one length, something else is receiving is getting received. Which means that the other server is either not receiving our
+[15:45] our our request properly or they don't know how to handle it. That's why much meeting them in the middle might be the way to go. So I would increase the block size of the SFTP over here a little bit and see if that changes anything.
+[16:00] Start from there. And if that doesn't help get our support to look with you, but you'll probably need networking access
+[16:07] because someone will need to inspect the package and see where exactly the communication falls to.
+[16:14] Mhmm. Okay.
+[16:16] I'll try that. It doesn't seem to work.
+[16:19] It's that's why I said that's
+[16:22] the best you can do without actually working with them. The other thing is if you have a communication line with your partner, ask them what kind of server are they using.
+[16:31] Mhmm.
+[16:32] Mhmm. What version? Because
+[16:34] we are RFC compliant and we're a Maverick server. If they're an open SSH server,
+[16:40] which is building on top of some of the newer features
+[16:44] that are not RFC compliant, but that you work with other open SSH servers. I've seen this kind of problems in this case.
+[16:51] Simply because we're very strict on the RFC,
+[16:54] and the library we're using, Maverick, is much stricter than open SSH ever had been.
+[17:00] Okay.
+[17:01] And if
+[17:03] and if they most of their other partners are OpenSSH,
+[17:06] maybe they have some checkbox somewhere to make it more strict.
+[17:11] Okay.
+[17:12] So that's that's all you can do from the SD side of the house, unfortunately.
+[17:18] And we and there is no checkbox on our side that says be less RSC compliant.
+[17:25] We're always trying to be as secure, as compliant, you know, the whole
+[17:30] nine yards, which is annoying sometimes. I would admit that. Mhmm.
+[17:36] But
+[17:38] yeah. My good feeling is it will turn out to be an open s s a derivative on the other end because that that's where I've seen this kind of issues before.
+[17:47] Which also means if you just go on the OS level and try to open the connection from there, it will work beautifully perfectly fine because OS level servers are open SSHs.
+[17:58] Mhmm. So makes it even harder to troubleshoot. But if you haven't tried yet, is this is this site going through the edges or is it going directly out?
+[18:09] SSH.
+[18:10] No. I I know it's SSH, but in the zone down here
+[18:15] DMZ.
+[18:15] It's going by DMZ. DMZ. Okay. So if it's going through the DMZ,
+[18:20] log in on the edge, one of the edges, and try to just connect to the SSH through the from the edge directly.
+[18:29] This is really an open SSH versus mother h tank, the open SSH will connect.
+[18:35] Alright. We'll do that. Thank you Yep. So
+[18:38] If that doesn't work either, you might be looking into a firewall discrepancy
+[18:43] somewhere. Something somewhere is getting your packages either cut or expecting bigger ones, but that's where I would start. It if it works from the edge directly,
+[18:53] but doesn't work from ST, get our support to try to help you because we're talking Maverick versus OpenSH most likely. But if the edge cannot connect either,
+[19:02] then go to your partner and it's it's not managed. Now open as a edge. If both of them cannot connect, something somewhere is not responding as it's supposed to.
+[19:11] Mhmm.
+[19:13] That's Thank you. Yeah. I I know that's not the answer answer, but unfortunately,
+[19:18] until you chase down exactly what's going on, there is no real solution for something like that.
+[19:23] Sure.
+[19:24] Thank you. Mhmm.
+[19:26] Of course.
+[19:30] Okay.
+[19:31] Raquel, is there a way to verify that our local certificates are attached to them? Permanent certificates
+[19:37] for us to operate.
+[19:38] Oh, my favorite question.
+[19:40] So Good.
+[19:43] There is no easy way to find out
+[19:47] what is attached to what unless you want to go dig through configuration.
+[19:52] One thing is because those usually have a very specific names.
+[19:57] If you go to
+[19:59] server configuration
+[20:02] and type the name of your certificate in the value,
+[20:07] admin d for example
+[20:09] Uh-huh.
+[20:10] It will pop up all of them and you just look to see which are they'll say alias and so on.
+[20:15] Okay.
+[20:16] So another thing to look for, if you look for the work alias as a parameter, this is always referring to a certificate.
+[20:24] So if you go that way, you'll see what is referenced. There are some that obviously are not certificates,
+[20:29] but you can ignore them.
+[20:31] But most of them will be like that. So cert alias for the rep encrypt and so on, trusted aliases,
+[20:37] you know, that's the way to look at easiest. You can look with API, of course, but, you know, I know Yeah. It's the same.
+[20:46] Okay. This will also
+[20:48] show you see how even the listeners, if they're attached to a listener, they will also show up here even if you cannot edit from here. So I personally prefer that way. Look for Aliyah,
+[20:59] but also once you find all of them and once you look at the list of them over here Mhmm. Of the certificate,
+[21:06] just get the names one by one and do them as a value for server configuration. You see where they pop up. Okay.
+[21:13] What you will not see if some of them are used inside of transfer sites or inside of steps.
+[21:19] For that,
+[21:21] the cleanest way, do an XML export.
+[21:24] Yep. I was wondering. Okay. Is it in there? Okay. Yeah. It it will be referenced
+[21:30] by the name of it. So if you do XML export and look for RMD, you'll see it and so on. The minimum ST requires to run is a single certificate.
+[21:40] Technically speaking, you can use a single admin d certificate for absolutely everything,
+[21:44] and ST will function.
+[21:46] Really? Yes.
+[21:48] It it's not recommended because you're basically putting every single egg you have and then some more into the same basket. And
+[21:56] if you have edges,
+[21:57] you need a special certificate to run the edges to server communication.
+[22:02] It's not allowed to use the admin tier one. Okay. So if you have servers and edges, you have at least two of them. Admin d sorry. Admin the admin d is the only one that's always called that way. Everything else can be called any way you want.
+[22:16] Okay. It is the other one that always needs to be called specifically is MDN.
+[22:22] This is for the message disposition notifications for those, you know, on the tracking table,
+[22:27] this small envelope at the beginning, that's where it needs to be called MDN.
+[22:32] The
+[22:33] rep reposted encryption one is usually called rep encrypt, but you can change that these days.
+[22:38] I I still always call it that way because it's easier to note. You'll usually have at least one or more for the different protocols.
+[22:45] So a normal server server will have between,
+[22:48] I don't know, two and six at least.
+[22:51] Okay. But technically
+[22:53] speaking, it's lost if you don't have edges, you require a single one.
+[22:57] And if you have edges, we need two of them. At least two. Yeah. At least two. And I've seen people try and quit one. Actually, SQL will not stop them. It just doesn't work very well or can backfire on you.
+[23:10] Okay. I I think that's our our struggle is if we have to replace one of these, where all do we have to update?
+[23:17] Nowhere.
+[23:18] If you replace it in place, it will update automatically. If you're changing the name yeah. If you just do replace
+[23:25] in place, you know, when when you go into, for example, into generate or import, if the name already exist, it will ask you if you want to override. If you say yes at this point,
+[23:36] you override and it will this certificate will start getting used everywhere where the old one was assigned
+[23:42] as long as you keep the name. If you change the name and with admin d, you cannot even do that, obviously, because the administration UI only works with admin d. But if you're changing the name, then you do that. You go to server configurations
+[23:55] to see there is server configuration
+[23:58] and you can use either the API or the XML export. I personally
+[24:02] do XML export for that kind of stuff because it's faster.
+[24:05] Yeah. It's cleaner to just grab everything, find it, and then just follow through. K. Thank you. But yeah. If you are replacing in place, unlike a route that are referenced by ID, certificates are still referenced by name.
+[24:20] So as long as you keep the name, we really, really, really don't care that the certificate is different now.
+[24:26] Okay. Thank you. Mhmm.
+[24:29] And don't forget that if you have edges and you replace the certificate, you might need to go and play on the edges as well. Yes.
+[24:38] As a reminder,
+[24:39] I'm I'm not going to tell how many times I get called because everything broke and they just replaced the certificate on the server and forgot the edges.
+[24:47] Yep.
+[24:50] So that's it.
+[24:51] It's the same with the trusted
+[24:54] CAs as well, locals, and so on. It's it's straightforward. We always reference by alias. So
+[25:01] okay?
+[25:03] Yes. Thank you.
+[25:06] Michael,
+[25:07] transfer
+[25:08] is not hanging up even though the transfer was successful in the second try. The first attempts, we cancel.
+[25:16] Uh-huh.
+[25:19] Let me see if I can see that on a little bigger screen. Michael, you still with us? Yeah. Yeah. I'm I'm still here. Yeah. It it actually started happening
+[25:28] very soon after we had upgraded to February patch
+[25:32] thirty two zero four.
+[25:35] And it stays canceled forever? It doesn't stays canceled forever. It it does not yeah. It it it doesn't go. And and in some cases, it it
+[25:45] isn't very often, but in some cases, like,
+[25:48] it'll show in a failed sub transmission state for the inbound,
+[25:53] and then every subsequent one for outbound will show in this cancel state.
+[26:01] Yeah. It's it's it's really strange. I I haven't I haven't seen this before.
+[26:06] Me neither. But I've seen something very similar happening
+[26:11] when
+[26:12] there was a corrupted
+[26:14] record.
+[26:16] So one thing to do, go
+[26:19] to the new menu that we have about the events,
+[26:22] the the event queue
+[26:24] Yeah.
+[26:25] And see if those that are the cancels will show up on the list here. They should if this is what's going on. So there are there are two options here. One of them is that the event is still in the event table for some reason, it is not getting cleared. The other option is this is just a tracking table issue.
+[26:42] So start with the event q and c if the ones that are still showing cancel, if they actually are here in the event queue as well.
+[26:50] Okay.
+[26:52] And if they are you know that I'll send you to support with that, obviously, because I cannot help with that. But before you go, just check to see if the event is still in play. I've seen a similar problem. So when you update it last time,
+[27:08] did it fail did it did the update work from the first time?
+[27:12] I'm sorry. Repeat the question. Sorry. When you updated ST the last time Mhmm. Did the update work from the first time or did you have to redo it twice?
+[27:26] I believe
+[27:28] in prod, it was fine.
+[27:31] I think in our test environment, I had to do it twice, but, it. I'm not seeing this in the test environment. I I think prod was fine. I I'll have to go back and look at my notes. The
+[27:42] reason I'm asking is because I had a very weird experience
+[27:46] with the server where the update failed,
+[27:49] but the but no one did the rollback. Instead, they did the update the second time immediately after that.
+[27:57] And it
+[27:59] was
+[28:01] Oh, you're cutting out again.
+[28:03] Showing
+[28:07] okay.
+[28:09] Is this better? Yeah. It's a little better, but
+[28:13] I'm sorry. I don't know what's going on today with all of my Internets.
+[28:19] I I so I was having a problem where an update failed.
+[28:23] It didn't throw back
+[28:25] and instead turn on the second update on top of the first, and that left some files in a weird shape.
+[28:31] And the tracking table was influenced that way.
+[28:34] Oh, okay. So that's why I asked.
+[28:36] Yeah. I'll go back and review my notes. I don't think that was the case in prod, but it I I I don't remember because it it was a couple months back. Actually, a few months back.
+[28:47] And this just started happening?
+[28:49] It happened when we went to the February patch.
+[28:54] Okay.
+[28:55] Prior to that,
+[28:57] I forgot what level we were on, but it was only about eight months. I mean, it wasn't like after a full year.
+[29:02] How often does it happen?
+[29:05] This is daily.
+[29:07] And it's not it's not particular to this one. It could be any any of our transfers.
+[29:14] You know, it almost feels like there might be an old file somewhere on the system from the from before the update. From like a completely failed Yeah. Cannot reconcile.
+[29:26] Okay. Okay.
+[29:34] Okay. Yeah. So I'll I'll look through that through the event queue and then yeah. And then go through support. Awesome. Thank you. Yep.
+[29:43] Yep.
+[29:45] I
+[29:46] have another question on the chat. Is it better security wise to request partner to authenticate their password or key? Always a key.
+[29:55] Security wise, keys are always more secure than passwords. And in ST, you can even do double key plus password to even make it more secure.
+[30:03] But passwords
+[30:05] rely on a user not using their birth date as part of their password or things like that. So it's a lot easier to steal someone's password
+[30:13] than a key. And I don't have a name for the person that asked that question.
+[30:18] Actually, it's yeah.
+[30:19] My name is Mark. So I guess the final question to that is yeah. Thank you for answering.
+[30:25] How do you set it up so that a partner can authenticate via password or SSH key?
+[30:31] Oh, that's you know, we're on the correct page to show you. So when you go to the login settings,
+[30:39] you can do oops. For the end users, see where it says optional for passwords?
+[30:45] So you leave it on optional for password.
+[30:47] For the keys, it's per protocol.
+[30:50] So when you go on the let's do
+[30:53] because that's what you are asking for originally.
+[30:57] Sorry.
+[30:59] When you go to the demo settings
+[31:03] nope. Wrong. It's the listener settings.
+[31:06] Always mess them up.
+[31:08] Over here,
+[31:11] see where it says client certificate?
+[31:13] Mhmm. If you do that optional,
+[31:16] that means that we'll first try to do a key, and if they don't provide the key or
+[31:22] or something, they can go for password. So if you keep both passwords and certificate on optional,
+[31:28] what will happen with the server is that the server will say, tell the customer that we want the key, but if they don't have a key, we'll allow them a password instead.
+[31:37] So they can use IDA.
+[31:40] Okay. Great. Thank you so much. Mhmm. It's and don't forget if you have edges, this setting is on the edge edges, not on the servers. The one for the passwords need to be set on the servers, but for the certificates, you go where the daemon is.
+[31:55] Okay. Got it. Thank you so Access? Yep. Okay.
+[31:59] And obviously, you also have required here, which will mean everyone needs to have key. And because it's on the listener, by the way, and because I know you are new, you can have two different listeners on separate ports.
+[32:11] And you can make one of them mandatory
+[32:14] certificate while the other one allows both or either. Any way you want to do it, if you want to do that.
+[32:21] Okay. Alright.
+[32:23] So and then you can make it a lot more secure that way. But also don't forget that you have dual authentication as well.
+[32:31] So if you want to
+[32:32] to to force your customers,
+[32:35] you can
+[32:39] to require you can my bad. You can actually have dual authentication for them,
+[32:46] which will require both password and certificate.
+[32:49] And in this case, it's certificate or key first. We cannot change the order. We always ask for the key first.
+[32:57] Okay.
+[32:59] Got it. Alright. Thank you. Mhmm.
+[33:09] Yeah. Olga, I can see the error. Get our support to look into that. I think it's Maverick and the open s s not liking each other.
+[33:17] Alright. Thank you.
+[33:19] Yeah. It's it's basically
+[33:21] the good news is that something is changing, which means that at least they are reading what you have. So it might be just a question of adjustments of what needs to be over there, and you might need to talk to your partner as much as when none of us like doing that occasionally.
+[33:36] Alright. But it's I I as I said, I've seen this kind of errors when one of the servers is trying to be too clever for its own good.
+[33:45] Mhmm.
+[33:48] Let me know how that goes. I'm Will do. Interested. Will But
+[33:53] yeah. And if
+[33:55] you talk to them first question that our support will ask you to know what they are running on the other end anyway. So
+[34:01] okay.
+[34:02] Okay.
+[34:05] I don't see anything else in the chat.
+[34:08] So
+[34:10] what else do we have?
+[34:17] I have a raised hand or is it older?
+[34:20] Nope. Oh, yeah. Hey. Hey, Ani. Hi, Kamish here from DNB.
+[34:25] We
+[34:26] had an issue recently
+[34:27] for a m in proc file wherein,
+[34:30] actually, support has suggested us to increase the partitions
+[34:34] to 10.
+[34:36] So just wanted to understand more on what the partition is doing and how that it handles the file processing there
+[34:43] When that is that is they have mentioned that there wouldn't be any deadlock situations happening.
+[34:48] On what protocol is that? It's for SSH.
+[34:53] Okay. And what was the which partition did they tell you to change? Because we have this a couple of cases. Partitions days to prebuild.
+[35:02] Oh, in the in for the database?
+[35:05] Yep.
+[35:08] So the
+[35:11] way
+[35:14] It is just a suggestion that we had received and we had The
+[35:18] what so with enterprise clusters.
+[35:22] It's yeah.
+[35:24] Yeah. An enterprise cluster.
+[35:26] Yep. So with the enterprise cluster, in order for us to be keeping more of the tracking table and the server lock, we need partitions in the database and they are based on days. So for every day, we'll need to build a new partition.
+[35:41] When
+[35:43] we switch to the next day and we need the next partition, if it is prebuilt,
+[35:48] then we can start immediately writing as opposed to taking resources to create the partition. And at this time, our TM gets a little hanged up because it cannot write anywhere.
+[35:59] So that that's the whole logic into it. It's a database thing. Okay. So in general, is it like this partition happens by default
+[36:09] by self or any certain time time frame in the morning or something like that? So that's where we have been seeing some letters in the file processing. Is it like, say, for example, it happens between 12AM to 1AM or something?
+[36:23] Is there a periodic Yeah.
+[36:25] It happens the moment we need to write into a new partition, which is at midnight, basically.
+[36:30] The moment when the clock switches,
+[36:32] we need the partition to be there to start writing. If it's not there, it's if it is not prebuilt,
+[36:38] we need to build it on the spot.
+[36:40] That's why having building multiples
+[36:43] at the same time helps because when the when we need to build when we need to write into the next day, it's already there.
+[36:50] Okay. Having the earlier partition being defined,
+[36:54] does that not consume any memory
+[36:57] for
+[36:58] ST?
+[37:01] No. It's in the database.
+[37:03] It's in the database. So will that that that
+[37:07] so just wanted to ensure that we do not have any DB logs that's happening on the partition, which is currently being written and others are
+[37:14] being free to write write it upon.
+[37:18] Yes. It it basically
+[37:21] so so the way it works is that in order so with the big databases, it doesn't apply for standard cluster because our baby database
+[37:30] doesn't need that. When you have the partitions,
+[37:33] this is for searching indexes purposes.
+[37:36] But because our partitioning is based on the date, the moment when you switch the date at midnight, we start building partitions. That's why I usually recommend not to have any maintenance jobs running at midnight on the application either because there is a lot of faster stuff happening at midnight. We rotate other files and so on. But when exactly the partitioning happens depends on your load. Literally,
+[37:58] the first record that needs to be written after midnight needs to have the partition already built. And if it's not there, it will start building on the spot which will slow down everything because everyone
+[38:09] is hanging and waiting for the partition to be built.
+[38:13] Okay. Now that yeah. You thanks for the details, Annie. And now one further clarification on the same point. When you say the partition numbers to be five or 10 or 14, whatever, what is those parameters
+[38:24] means?
+[38:27] How many days ahead of time are built so that you
+[38:32] need to take a break
+[38:35] to build it on the
+[38:38] spot?
+[38:40] Okay. Yeah. For us, the suggestion was for ten or fourteen. So when you say ten days, we will have a partition for ten days in advance. Is it?
+[38:52] There
+[38:54] and keep the partitions still waiting in the database or when midnight here, pause.
+[39:02] Sorry, Annie.
+[39:03] You're cutting. Your wife is cutting.
+[39:06] Yeah.
+[39:07] Kamesh, yes. That's exactly what it is. We just build them at the CRM. Hold on.
+[39:17] Okay. Is that better?
+[39:19] Yeah.
+[39:20] Yeah. Sorry
+[39:24] about that. Yes. So it they will be just built and stay in the database. That's all that is happening.
+[39:30] Having them there doesn't change anything for ASCII itself.
+[39:34] Okay. Got you. Thanks But what it helps is when you switch over when we need to switch over,
+[39:41] we don't need to do it on the spot exactly where everything else is happening.
+[39:47] Okay. Yeah. Thank you. Thanks.
+[39:52] Okay.
+[39:55] Okay.
+[39:59] I don't see raised hands. I don't see anything in chat. So anything else? And I have a live server. Oh, we have a question.
+[40:08] Mark Lee, when upgrading secure transport to the latest version, what are some common issues that you customers are encountering?
+[40:16] The
+[40:19] issue will be so it depends on how old your previous update was,
+[40:23] Mark.
+[40:24] If you are just
+[40:26] update or two behind, usually almost none.
+[40:29] When you have a huge leap, it's the security.
+[40:32] Cypher's max,
+[40:34] everything we had retired, but your customer base haven't
+[40:37] because of security concerns.
+[40:39] So you will have people that cannot connect to you and servers you cannot connect to anymore every time you switch.
+[40:45] We'll try to keep your configuration
+[40:47] the same as it was before the update.
+[40:51] But if it but sometimes we need to retire or completely
+[40:55] disappear a cipher, and that's where things are happening.
+[40:59] The other issues are usually coming from updated libraries.
+[41:03] If the customer had been using
+[41:05] something
+[41:06] which was either a side effect or
+[41:10] something usually on the weaker security set.
+[41:14] But other from that, it should be pretty small saving. As part of the update, we keep
+[41:20] all of the server configurations
+[41:22] as they were as much as possible.
+[41:28] And you're but and
+[41:30] and now show that you are coming from 2022.
+[41:33] First of all, you'll need to do a middle upgrade. You cannot jump directly into the 2024, so you know that I suspect.
+[41:39] So you'll need to go through
+[41:42] twenty twenty three January probably is the cleanest way. And then from there well, actually, you'll need to do two jumps because you cannot do more than 12 at the same time if you're more than twenty four months behind.
+[41:55] Or just alter for you is,
+[41:59] you expect
+[42:03] that 10%
+[42:05] of your customer base will have Cypher's or access that anymore.
+[42:10] Just from
+[42:12] general principle. And it depends on how how close they were monitored. The older the customer, the more likely there's the warning on old stuff.
+[42:21] Other from that,
+[42:23] not nothing clearly. I mean, it should be pretty straightforward unless you go straight into a bug somewhere, which happens.
+[42:31] But
+[42:36] other from that, are you are you just updating in place or are you doing a migration out?
+[42:41] Mark?
+[42:43] Just updating in place. Okay. That's good. Because with the update in place, all of your configurations will survive. So you are because the new servers, when you install them, their security is a lot tighter than it used to be. So if you're doing a migration,
+[42:58] you'll need to watch for that because you're in place. The only things to look at, first of all, read through all the readmiss
+[43:05] of all the releases between yours and the newest one because there are places where we specify what we retire
+[43:11] and so on. So anything on the list of retired ciphers,
+[43:15] retired kinds of max and so on, all of that will stop working with update.
+[43:21] But other from that, there haven't been that many major changes, and I don't want to say that there had been a lot of major
+[43:29] changes, but they had been new functionalities being called it as opposed to changing existing stuff for the most part.
+[43:36] Are you using any plugins,
+[43:39] especially transfer site plugins? No. We're not. No? Good.
+[43:43] Because some of them has changed
+[43:46] a lot since 2022.
+[43:48] The s three is brand new.
+[43:50] The SharePoint got a couple of updates. So if you're using just the standard set of protocol that comes with the product, it should be on the clear.
+[43:58] But,
+[43:59] for example, s three, we added quite a lot of new tanks into it.
+[44:04] Everything called should still be working unless it turns out that their configuration was actually set in a weird way.
+[44:11] So that's what I would watch out for. But it will be mostly ciphers and things like that.
+[44:17] But you still would recommend
+[44:19] not doing a complete jump to the latest version.
+[44:23] We should do a hop to twenty twenty three and then You need yeah. You you need two hops actually looking at your version. You cannot do more than twelve months hop because we don't test that.
+[44:35] So what you need to do is going from where you are, you are
+[44:39] February 22
+[44:40] to January 23,
+[44:42] then December 23, and then come into '24.
+[44:46] Okay.
+[44:48] Okay. Got it. Yep. So the official line is we support you for three years.
+[44:53] That's what the support is. However, the direct update is twelve months only.
+[44:58] Okay.
+[45:00] So
+[45:01] and, of course, you can always try, but it's a production environment and, you know,
+[45:06] if something fails, they'll tell you to do it anyway. So we never test more than those twelve months, and I try to keep it down to eleven. Just, you know, twelve is really talkative.
+[45:16] So that's why I'm saying with you in in February, I would just do January
+[45:21] and December 23, and then jump into whatever
+[45:25] you want in '24.
+[45:26] If you cannot find the older builds because we don't have them anymore,
+[45:31] ask support for that and explain to them where you are and what you are trying to achieve. Because they might give you a later '22 build instead of the January.
+[45:39] Just
+[45:40] you just need to jump through.
+[45:43] Okay. But it will be two jumps in this case for you.
+[45:46] Okay. Got it. Which is also why I keep telling people,
+[45:50] keep more updated, please.
+[45:53] Because there is such a huge amount of security changes between
+[45:58] for the last two and a half years that, as I said, you'll have customers that won't be able to connect.
+[46:05] Got it. One
+[46:07] other thing, by the way, and it is on the transfer sites and we got Kamesh, I can see you and someone else as well. But
+[46:16] one thing and then it's Christopher Duncan after that. So one thing to be careful, transfer site when you're pushing and pulling
+[46:23] and default settings.
+[46:25] So the default ciphers
+[46:27] that are on the server menu
+[46:30] will only kick in if the site doesn't carry its own.
+[46:34] So for any site and this is where you'll see a difference
+[46:38] between different sites that look the same,
+[46:41] but work differently. The ones that had been saved with the custom track with the custom ciphers
+[46:48] will keep working with whatever the list was over there. The ones that are saved empty will use the default ones and the default ones will change for you. So you might have some transfer sites not working out of the blue. Usually, all you need is to go and save them,
+[47:03] but just keeps an eye keep an eye on that. So I'll
+[47:07] I'll I'd say to just keep an eye for pushes and pulls that cannot connect anymore.
+[47:14] Makes sense. Yep. That makes sense. Okay.
+[47:18] Okay. Kamesh.
+[47:20] Yeah. Hey, Annie.
+[47:22] The question related to RHEL version.
+[47:25] So currently, we are on lawyer version of RHEL, which I think we will be getting
+[47:29] out of support. So wanted to know if we wanted to move on to the latest RHEL version,
+[47:35] is that we have to rebuild a server or we can upgrade the real alone? Will that be helpful?
+[47:44] It will depend on what your OS admins tell you. Don't forget that you cannot have the cluster with one server on nine and the other on seven.
+[47:52] I would not try in place upgrades between seven and nine just because if something goes horribly wrong, you don't have nowhere to go back to.
+[48:01] So Okay. My recommendation is built a new environment on the site and migrate everything.
+[48:06] Okay. So what would be in case of any custom practices that we have, so custom built things, so can that be carried forward?
+[48:15] Define custom.
+[48:17] Okay.
+[48:19] Say, as you know, for D and B, we have various custom components that we have built in. So just wanted to know if there is any custom components that is built
+[48:28] that can be just simply packed and taken to the new
+[48:32] Rails
+[48:33] server So
+[48:34] if we're talking about plugins, yes. It doesn't matter what the OS is. If it's something on the OS level and can be built on their own, you will need to talk to whoever build it to make sure you don't have dependencies.
+[48:46] Okay. Gotcha. Okay. But plugins don't care the OS.
+[48:51] Okay. Gotcha. Okay? Okay. Christopher, what can you come? Thank you.
+[48:56] Hey. Sorry about that. I guess I hit a key combo when I was in another window and it raised my hand. I don't have a question.
+[49:03] Oh, okay. Well, you sure you don't have to ask a question?
+[49:07] I'm sure.
+[49:09] Okay.
+[49:11] It's okay. Okay.
+[49:13] Anyone else?
+[49:19] Okay. I'm not even going to try to pronounce
+[49:22] Vitas, I think, name. Yes. Yes. Yeah. Yes. I'm Vitas from from Origins. So I have a question regarding
+[49:30] passive
+[49:30] Doctor environment installation.
+[49:32] So once you have, like, a shared database,
+[49:35] which is not writable, of course, in the Doctor,
+[49:38] is it possible to install the nodes simply by
+[49:41] copying
+[49:42] production
+[49:43] of, you know, like, installation folder into
+[49:47] corresponding
+[49:47] Doctor server and kind of, like, bootstrapping those servers that way, or it needs to go through kind of, like, a normal installation?
+[49:59] The
+[50:00] official answer is you need to go to an official installation,
+[50:03] and the reason for that is because we're doing a couple of weird things. We don't know how they'll break in the future.
+[50:09] So my recommendation
+[50:11] is
+[50:12] build it as a separate cluster somewhere against its own database,
+[50:17] follow the
+[50:18] instructions
+[50:19] to the letter.
+[50:21] I know it's annoying.
+[50:23] And then just point it to the correct database at the very end. You need to do that then.
+[50:29] Okay. So basically You cannot just
+[50:33] I see. So basically, install as a a totally independent cluster and then
+[50:38] later,
+[50:38] at the very end, switch to the shared database. Right?
+[50:42] Shared database and shared Yes. And and replicated file system. Okay.
+[50:49] Yes.
+[50:50] If you look at the mhmm. Go ahead. Sorry. Yeah. I was reading that documentation.
+[50:55] So, yeah, it seems to me kinda weird though. They're saying you need to install it, but how I can install it if if if I don't have, like, functional debt database. I only have, like, read only replica.
+[51:07] Yeah. So Yeah. Okay. Yeah.
+[51:09] It's the other way around. You basically install the Doctor as a totally separate cluster.
+[51:14] Then, you know, that step where you you replace the configuration IDs in the configuration file. This is the step where you tell it you are actually a Doctor of another environment.
+[51:24] Yeah.
+[51:25] And then after all of that is done, then you you either start the which is not realistic, or at this point, you just repoint this server to the actual replica.
+[51:36] Okay. So what to do then was, like, a clustered file system we we we use in our cluster of s so we can replicate. Can we use can I use it, like, from first
+[51:47] step when I install you know, can I sit on that replicated
+[51:51] file system while installing
+[51:55] Doctor environment?
+[51:56] Or, again, should I kind of
+[51:59] have, like, a separate file system?
+[52:02] So okay. So we support Gluster only for home folders, and it can be anywhere you want.
+[52:08] Yes. That's the yes. Okay. You can point to the same one. I I reply I would point to a replica just to be on the safe side, but it doesn't matter. The installation itself doesn't care where the home folder is Yeah. At all. But yeah. Understood. Okay.
+[52:24] Okay. Thank you.
+[52:26] Thank you.
+[52:27] And
+[52:28] when you need to update it, we actually have two parameters.
+[52:33] One of them to to tell the server
+[52:36] tell the update that you don't want to start the services and that the database is already updated.
+[52:42] So when it comes the time to update your Doctor,
+[52:45] that's
+[52:46] street pretty straightforward
+[52:48] without breaking the replication.
+[52:57] Okay?
+[52:59] Okay.
+[53:01] Okay. So for that purpose, you only run, like, admin services
+[53:05] to update? Or Not even that.
+[53:08] Oh, okay. You don't even need to run that because From the command line, do the update. Okay. Yes.
+[53:14] Yes.
+[53:15] Are are you using MSS? Which database are you using?
+[53:19] PostgresQL.
+[53:21] Okay. So when it gets to updates,
+[53:24] they are not in the documentation. We're working to putting them there. One one of them is called DST
+[53:29] DB update.
+[53:31] The other one is called start services.
+[53:34] They will show up in the documentation.
+[53:36] If they don't, before you try updating your gear, open a support ticket for them to give you the instructions.
+[53:43] Or I need to ask them that. Or or if they don't make it to the documentation next month or so, I'll just put them on an article in community. But there are two parameters on the installer. One of them is saying, don't update the database
+[53:55] because in a Doctor situation, you are running with a replica of the production. The moment your production is updated, the database that is also replicated is also updated.
+[54:04] All you need is to update the binary.
+[54:06] Yes. And then start services is a property that tells the servers don't start after the update, which happens automatically
+[54:14] because your database is read only, so it cannot even start.
+[54:18] Mhmm.
+[54:19] So we have we have the properties for that. The Okay. Yeah.
+[54:24] The official rule is that you need to break the replication before you start updating.
+[54:28] But we also know that some of the products that we use don't allow that. So
+[54:35] Okay. Thanks. Yeah. Yeah. Just follow the as weird as it sounds, just follow the admin guide on how to build the Doctor step by step. Forget about the replicated database. Just run against the plain database.
+[54:48] Build the secondary cluster on the site, and then just switch them to point to the replicated database. That's the cleanest way. Okay.
+[54:56] Understood. Thank you. Mhmm.
+[54:58] Okay.
+[55:01] Okay.
+[55:02] Do we have anything else?
+[55:11] Hey, Annie. I actually do have something else.
+[55:14] Sure. So we are actually moving away from Oracle,
+[55:18] but we do have the option to migrate to Oracle RAC or
+[55:23] SQL Server.
+[55:24] Mhmm.
+[55:27] I know if we move to SQL server, we'd literally have to blow away our entire environment and start fresh. However, if we move to rack,
+[55:34] is that a better option to what we have existing?
+[55:39] And have you ever
+[55:41] gone through that process before? Because it it sounds painful.
+[55:46] It is painful,
+[55:47] and it will really depend on your DBA and what they're comfortable doing. From ST perspective,
+[55:53] if they can replicate the database behind the rack and they give you the scan address and you shut down ST endpoint to the nearest scan address, we really don't care
+[56:04] that database
+[56:05] moved on us, literally.
+[56:07] Because Oracle and Oracle Rack is the same database. Yeah. Yeah. It just it sounds like it'd be easier to move to Rack versus
+[56:14] move to SQL.
+[56:16] It's all
+[56:18] more like
+[56:21] Oh, you're cutting out again.
+[56:24] Okay.
+[56:31] Yep. There you are. Is
+[56:35] this better? Yeah. It's a little better. So what were you saying now?
+[56:39] Apparently, I just need to refer sorry.
+[56:43] Moving to Rack will be cleaner. Yes. Because for ST,
+[56:48] Oracle and Oracle Rack is still Oracle for us. So we don't care. With with Rack, we go against the scan address.
+[56:54] So for all intents and purposes, it's just a JWCR code connection is just moving to a different database.
+[57:00] What you just make sure you shut down as you completely before
+[57:04] you move,
+[57:05] because it cannot switch the database otherwise, but that's about it.
+[57:10] Okay. But
+[57:11] if your company's policies to go to a different type of server, MSS, SQL, and so on, it's not that hard. Yes. You need to blow everything and you'll lose the tracking table and so on. But the XML import will work. So all of your routes and accounts and certificates will come with you. So you might as well.
+[57:31] Yeah. I'm just trying to think of the the least painful way to do this. But yeah.
+[57:37] Okay. I would say
+[57:41] Uh-oh. You cut out again.
+[57:50] Because
+[57:52] the answer will count them. Yeah.
+[57:55] Okay.
+[57:57] Okay.
+[57:58] Awesome. Thank you. Back, I think. Is that better? Yeah. It's better now. I I I I you were cutting out with with your answer, but I I think I know where you're going with that. I mean, essentially, talk to the DBAs.
+[58:09] I was saying the PA.
+[58:11] Yeah. Mhmm. Okay. Yep.
+[58:14] Thank you.
+[58:17] Okay.
+[58:19] Do we have anything else?
+[58:39] Okay. Do we have any more questions or
+[58:43] comments?
+[58:49] Nope.
+[58:52] Well, it's been It's like we don't just an hour.
+[58:55] You wanna go back
+[58:56] unshare,
+[58:58] Annie?
+[58:59] Go back to sharing it anymore. Okay.
+[59:04] Let's see here.
+[59:11] Where the
+[59:12] why the screen is doing that?
+[59:19] Well, it's all of sudden, the
+[59:21] why the presentation went away. It was there before.
+[59:26] See here.
+[59:28] There. Do you see it now?
+[59:32] No. Not yet.
+[59:33] Let me go back to presenting.
+[59:36] I think it just kicked me out, so I'll go back in. It's coming back in. There
+[59:41] we go.
+[59:43] Okay. So
+[59:46] alright.
+[59:48] Well, sounds like I don't see any more comments or questions in the chat.
+[59:54] So
+[59:58] I'll just move
+[59:59] through, and then we'll give you guys a few minutes back to your day here.
+[60:02] Just a reminder
+[60:04] for online collaboration,
+[60:06] and you'll again get this presentation
+[60:09] by the end of today
+[60:11] when we end this call. But you can click on any of the links and get questions,
+[60:16] q and a forums, and different information with the different links. So in our Actsway community portal. So feel free to go there and
+[60:26] get more information
+[60:27] from what you need there.
+[60:29] And,
+[60:31] obviously, we have MFT videos on YouTube.
+[60:34] You're welcome to look at those.
+[60:37] And then we also do peer reviews
+[60:41] through our g two, and you can go to the website
+[60:44] listed here that, again, will be in the presentation. And as a thank you for your time, we will send you a $25 gift card. So just a little incentive there.
+[60:55] So if there's no more questions, thank you again on behalf of Annie and myself. Thank you so much again for joining this
+[61:02] secure transfer user group session,
+[61:05] and hope you have a great rest of your day and end of your and rest of your week. And we'll see you soon.
+[61:12] Thanks, everyone.
+[61:14] Bye, everyone. Thank you. Thank you so much. In
+[61:17] case you haven't seen, by the way, before everyone disappears,
+[61:21] Astrid and Jerome are doing zero downtime updates. Okay. Everyone is going. So but there will be more user groups this week. So if someone haven't seen them.
+[61:31] Yes. In the meantime, thanks everyone for joining.
+[61:34] Talk to you next time.
+[61:37] Bye bye.

out/981433083/transcript.txt

@@ -0,0 +1,987 @@
+# Transcript: 981433083
+# URL: https://vimeo.com/981433083
+# Duration: 4713s (78.6 min)
+
+[0:01] We are not recording yet. How's give us okay. Recording is on. Yep. Go ahead.
+[0:07] Yeah. Okay. We are creating an account
+[0:12] with the with the rest API and the subscription
+[0:15] and rules.
+[0:17] And,
+[0:18] if I do the subscription, I don't see immediately
+[0:21] the directory
+[0:22] on the server.
+[0:24] Yeah. I
+[0:26] found out the first time the logging
+[0:28] is done
+[0:30] by the customer, then the directory will be created.
+[0:34] Yep. It's either so subscriptions
+[0:38] will be created either when a user logs in to initiate them, or
+[0:44] alternatively,
+[0:45] if there is a pull
+[0:49] scheduler,
+[0:50] if any type or folder monitor, we will create it the first time we need to put the file into the folder.
+[0:57] So you are not missing a flag or anything, it's just how it works.
+[1:02] When
+[1:03] a user logs in, we will check
+[1:07] if all of their subscriptions
+[1:09] are existing on the file system, and we'll create the missing ones.
+[1:13] That's how it's supposed to work. And
+[1:16] yeah.
+[1:17] If if if if I put a file from the inside to the outside in out directory,
+[1:23] So the out directory be created as well before
+[1:27] before the the user
+[1:30] has done the first login.
+[1:33] How are you putting the file in? With a pull?
+[1:37] Yeah. With a to to to Yeah. No. From the inside with with a with a root.
+[1:42] Yes.
+[1:43] If you are so if you are doing publish to account, we will create the directory as well. Yes. Okay. Okay. So that's So if so when ST is knows that there is a file coming with a pull or publish to account, we will create what we need for it.
+[2:00] If we are having
+[2:02] if a user logs in, we'll also create everything. So the only corner use case is if you're doing something weird like putting files into the folder from the OS level,
+[2:12] which please don't do that. But if you're doing that,
+[2:15] then the folder will be missing because we don't know yet we need it.
+[2:19] Other from that, if ST is delivering, you don't need to worry about that.
+[2:25] And if you hold on a second. Let me just go very quickly on my server because I think we actually had the control for that somewhere.
+[2:32] I see raised hands will go in order. So just give me a second, guys.
+[2:38] And you're not seeing my screen, are you? Hold on. I forgot.
+[2:41] Let me share my screen.
+[2:44] Yeah. Not yet.
+[2:45] Coming.
+[2:46] Let me know when you see it.
+[2:48] We see it.
+[2:55] So over here on the publish to account, whatever folder you specify,
+[3:00] because it's folder to folder and we know it is, we will create this folder if it doesn't exist
+[3:06] always. Okay.
+[3:08] Okay. So you don't need to worry about it. It doesn't even so if you don't want to be created, see, we have a disable over here. The default is we always create. However,
+[3:19] if you don't want to be created because of typos and so on, if you click this checkbox on the published work out, it will not create a target folder.
+[3:29] Okay. Super. Yeah.
+[3:31] And when we say target folder, that also includes a home folder. So if the home folder is missing, we'll first create a home folder and everything and so forth. It's it's just we'll we'll make sure we have a place to put the file. So that that's so you don't need to worry about that.
+[3:46] Yeah. Okay. Thank you for the answer.
+[3:49] By the way, we, I have a customer that actually like that feature because it allows them to very easily find out how many users had never received the file yet.
+[4:00] Because if they it never had logged in. Because if an account logs in, they will see the folder. They it will create it. If we publish an account file for them, they will actually have the folder. But if someone still don't have the folder, that means they were never around and there were never files for them.
+[4:17] So
+[4:20] you know? Yep. Yep.
+[4:22] Okay. Thank you. Okay.
+[4:24] Absolutely.
+[4:26] Jort. Okay. I probably messed up your name.
+[4:32] That's pretty close.
+[4:34] I'm trying. I'm European. I'm trying.
+[4:39] Alright. Well, I have a question maybe you haven't heard
+[4:42] very much of, or at least I haven't heard very much of, relation to ST's external scripting.
+[4:49] Yay.
+[4:50] Yay. What I'm trying to do is to develop a sanity check, like, on an outbound file,
+[4:57] scan the file, determine if there's any data anomalies.
+[5:00] And then if there is, then I want to actually move the file out of the pipeline to sending to the client. So it's like, don't want it to go to a client or a vendor. I wanted to to quarantine that file, and that way we can, you know, have time to look at it later and fix whatever problems there are. So I kinda figured out how,
+[5:19] you know, to do general external
+[5:22] scripts is is so we're
+[5:24] we're hosting
+[5:26] ST on Red Hat.
+[5:29] And so the external script
+[5:31] itself is in Bash,
+[5:33] and then the decision making module is in Python. So Bash will call Python,
+[5:39] which will process the file and then
+[5:43] send some kind of signal, I guess, to to the Bash script, which will pass it on to
+[5:48] the next step in in the route.
+[5:51] So what would you recommend?
+[5:54] Yeah. You cannot really pass anything back besides
+[5:58] yes, no. So external scripts are very limited at what they can do. You really cannot pass a lot of information back out because both the Python and the Bash handlers are basically not in ST per se.
+[6:12] So the way the easiest way for something like that, and it's just a yes, no. Right? You either say that file is good to go or that file is not.
+[6:22] Speaker Correct. Speaker So you have two choices here. So let me ask one more question. When
+[6:30] you don't want to process the file, do you want still to move that file somewhere else, or do you just want to
+[6:38] stop doing anything at this point?
+[6:41] Well, I don't necessarily
+[6:43] need for ST to move the file. I mean, it it automatically
+[6:48] goes into it it well, I just wanna clarify. If if ST is moving in into
+[6:53] a location
+[6:55] to be scanned, right, a sandbox,
+[6:57] then that file is in the sandbox.
+[7:00] Should I move that file out of the sandbox using the Python or the or the JavaScript?
+[7:05] No.
+[7:07] Here here is what why I'm asking. So if you have an external step,
+[7:12] let me you can see my screen. Right? Yes.
+[7:15] So basically, do whatever you want here in the script. The end result from this step will be either a yes or no, success or failure.
+[7:23] If you do zero, it will be a success. If you do a minus one, whatever, it will be a failure. So when you go to the next step from here, and let's imagine it's a publish to account,
+[7:34] it will either receive a success or a failure based on what the script would get.
+[7:38] And that's where you can communicate with that. All you need to do is to not proceed on exit on failure.
+[7:45] And then if you come with the failure from the sandbox,
+[7:48] from the previous step, from the external script, it will just not go into the next step.
+[7:54] And that's it. That's all we want to do.
+[7:57] Okay. Well, if we're not moving the file out of the sandbox,
+[8:02] and then we wanna fix the file and send the exact same file name and everything's different except for maybe the timestamp on it, We send it back through. Won't that file that's in the sandbox interfere with it, or is it automatically self cleaning after?
+[8:15] So the the moment the routing finishes for this file, destroy the sandbox immediately. So the moment you exit the route, the sandbox is gone. Nothing will interfere anymore.
+[8:25] So you don't have to worry at all. And the reason I ask what you want to do is because your other option,
+[8:31] it might be even easier than that. So
+[8:35] If you find that the file is not good,
+[8:38] you can just delete it from the Sandbox so it disappears from the Sandbox. It will still be out in the subscription folder, so you still have the file outside. That's why I ask you if you want to deliver it. Because if you want to deliver it from the Sandbox out
+[8:51] to somewhere else, then you can do one proceed on failure, one on success, and you can do both of them and on failure send it somewhere else.
+[8:59] But if you all you want is to discard it,
+[9:02] you can just delete in your script so that on the next step, and don't forget here to uncheck this after an external script because external script cannot pass files,
+[9:11] so always uncheck that. So what it will happen is when you go to the next step,
+[9:16] and if this is unchecked,
+[9:18] the process only results from the preceding step, it will just look at what is still in the sandbox.
+[9:23] And if you have deleted the file from the sandbox, there is nothing. It will say, don't have files to process. It will exit. Always done. We're done with that.
+[9:31] So there's two ways to do it. How you want to. Yeah. Yes. Yeah. So I can just check the process only the result from the preceding step. And if it returns a one a minus one,
+[9:41] then it just will ignore the file that's in the sandbox. So it's that's the same result. Right? Yeah. Yeah. You can you probably we can probably find out three more ways
+[9:51] on top of that. There is a lot of ways to do it.
+[9:54] No.
+[9:54] ST is very flexible.
+[9:57] So I'm just get I'm just breaking into the, you you know, the whole thing. I've I've written a couple of things that we're using in production right now, external script wise, but Yeah. This is by far the most common or it's going to become the most common type of sanity check process. Yeah. Yeah, don't forget now you also have the condition over here where you also can see the preceding step exit status, see if it is success, sex, or failure as opposed to going with the proceed. Sorry.
+[10:22] I misspoke, and I apologize. The proceed over here is actually for what to happen after this step. For what we're talking, you need this this expression over here on the top. I'm sorry. My brain just
+[10:34] hit a little bit of a problem.
+[10:37] So what you actually want is to do this.
+[10:40] If it is a success, only then continue.
+[10:44] Okay.
+[10:45] So that's the step that needs to happen. So that that guarantees that nothing in the sandbox will go if the preceding step has returned a minus one or whatever Yes. Or failure. Yes. I'm sorry. I was on the wrong side of the step. Because Oh. This at the bottom is for
+[11:03] for what to happen after this step. And external scripts don't have disconnect disability because they always get out, basically.
+[11:13] But this new expression is how you want to do it.
+[11:17] Okay. Well, thank you very much. That that helps a a great deal. I'm sorry for the extended time on the on the question. Oh, no. That's okay. I I just went the wrong way and my brain just just caught up with me.
+[11:29] But yes,
+[11:31] if you ask me what I would do, I would actually delete the file from the sandbox from your script.
+[11:37] I like cleaning up things.
+[11:40] But part of this is because this part over here is new. We just added it about a year ago.
+[11:46] While the other way with the deleting of the file had existed since advanced routing had existed.
+[11:51] So
+[11:52] I might do both just for extra measure of security.
+[11:56] Yeah. You can. You always can. And I and I actually might take the to use the Python piece to just, like, say, if this file is good, hey. Let it go on. If it's bad, hey.
+[12:07] Copy it to an error directory and then delete it. And then that way, you know, just pass on the minus one to the
+[12:15] the calling bash file.
+[12:17] So You can do that. Keep in mind that just that way, this copy will not be visible in tracking table and so on. And perform depending on the size of the file, the performance can suffer because we have now an invisible
+[12:31] transfer that is adding to your timelines
+[12:34] that you might need. So I don't like using scripts to move files around. So if you want to move it, what you can do is leave it there, do one step which is on success, do this, and do another step after that, which is on failure,
+[12:49] do that. Yeah. That and then use a publish to account or send to server or something else to move the file wherever. That's why I asked you if we want to move the file because that's where I was going with that. Because if you So that that adds transparency
+[13:04] to the process. That way, it's auditable.
+[13:07] Yes. And and it's not a black box. Okay. Great. Great. Great. Thank you. And you can learn reporting, and you can get you can see who is sending you wrong files, and you can go scream at them and tell them, guys, every second of your files is going into processing.
+[13:22] Can you Oh, that's always my bigger part of the day is when I can go yell at somebody for something like that.
+[13:28] Hey. Why are you messing up the files? Yeah. And you will not have and you will not have other people screaming at you because their files are moving slow because you need to copy them three times around in the script and you don't have visibility into it. So Yeah. That's true.
+[13:44] Okay.
+[13:46] Okay. Where did my ping go? Okay.
+[13:51] Okay. I will mess up another name now. Gavaskar?
+[13:55] Yeah. Hi, honey. Yeah. You can call me Gav.
+[13:58] Okay. It's easier. Hey.
+[14:02] My
+[14:03] question is regarding ad hoc transfer.
+[14:05] So currently,
+[14:07] for any ad hoc transfer, we are using kind of a account. We create, like, account template,
+[14:13] and then
+[14:15] we provide,
+[14:16] you know, access to that account template to users
+[14:20] to do the ad hoc transfers.
+[14:23] Is there any better way to do this? I see there's some ad hoc settings which I've
+[14:28] gone in there, but I don't quite understand.
+[14:31] So is there any quicker way
+[14:34] to
+[14:35] do ad hoc transfers, you know, by using,
+[14:38] I don't know, email addresses or temporary
+[14:44] users and things like that? So in order to be doing ad hoc, you either need to have a account
+[14:51] or
+[14:52] you can map into a template at real time.
+[14:57] So the ST template accounts can be used for two separate things. One of them is onboarding so that we create an account for the people,
+[15:07] but they also can be used
+[15:09] for people to log into them. So what are you using, actually? Are you creating accounts for everyone, or are you just using the standing template?
+[15:18] So we we're using LDAP for authentication. So we we don't create accounts for users.
+[15:26] So
+[15:27] we create the account template and then, you know, give the LDAP account
+[15:31] access
+[15:33] to that,
+[15:35] you know, user class account template like that.
+[15:38] Just a single template or or so do you have how many accounts?
+[15:43] How many templates do have?
+[15:45] For ad hoc, we have five. So we kind of rotate between,
+[15:49] you know, we have five available ad hoc accounts, then we kind of use them
+[15:55] as and when it's required.
+[16:00] I'm not sure what the question is, Gav. I'm sorry. Because Is there a better way to do this ad hoc No. Than
+[16:09] You either need a template, and when you have l dApp, that's the clean way,
+[16:14] or you need an account. You just we we need an object in ST to hold the credentials
+[16:20] or the rules for it.
+[16:23] So
+[16:24] with template, you already have the better option.
+[16:28] So as long as you're not creating experience yeah.
+[16:32] Because I've seen setups, there's some ad hoc settings.
+[16:36] When I go in there, I don't quite understand what the settings We can go through them.
+[16:42] So
+[16:43] I can go through them very quickly.
+[16:45] Right? So
+[16:47] the
+[16:48] manager base over here is where all the files will go. So the way it works with ad hoc is that we don't keep the packages inside of the user's folders. The user's folders only have links,
+[16:59] and instead, all of them will be in this folder.
+[17:03] So it doesn't make using account when we're using account template,
+[17:06] it has its own home directory. Right? So what is this? And no. No. No. No. Okay. So
+[17:12] the template and account home directory has a subfolder
+[17:17] called underscore mailbox usually. This is where you specify the name of the folder
+[17:22] where there will be links to the packages that this user can use,
+[17:26] but all of the data files are in the base folder.
+[17:31] So in the regular SD server, when you upload the file for user gulf, it goes into the folder that belongs to GAF. That's how the FTPSSH
+[17:40] servers work. Right?
+[17:42] With ad hoc,
+[17:44] when AMI sends a message to GAF with a file or without the file, it might be just a message,
+[17:51] the file
+[17:52] doesn't go into the GAF folder. Instead, it goes to the package into this base folder
+[18:00] and get linked
+[18:02] into Annie and GAF's folder. So there is one package with two access points.
+[18:07] This is for ad hoc messages.
+[18:09] If you are asking about sharing files, that's different. So which part of ad hoc are you using mostly?
+[18:15] Is it messages or files?
+[18:18] Early files. We only use file transfers.
+[18:22] Okay. So so you
+[18:24] don't
+[18:25] use packages where you can type things and so on. You're just using sharing files. Right?
+[18:32] Correct. Yes. So in this case, this part is irrelevant for you. This is for the other part of ad
+[18:38] So ad hoc in SD has two features. One of them is like a mail like system
+[18:44] where you can send the package, and we can save it in the package folder and so on. But when we're talking about files, shared files, what you are doing,
+[18:53] all they are doing is we just basically create the links on the fly in the folders, in the STFS folders actually,
+[19:01] and that's it. So that part over here is irrelevant for you. We never use it.
+[19:07] Oh, okay. Alright.
+[19:09] And that's why they don't make sense to you because
+[19:13] they belong to the other system.
+[19:17] Okay. Alright.
+[19:19] I thought this is just for
+[19:22] secure transport is for file transfer. I don't know I don't know what messaging and things work. So okay. Anyway, that's for another time.
+[19:29] It's it's just it's just another way to send files. So it allows you to basically send a message to someone that contains an attachment or is just a message saying, hey. Where is my file?
+[19:41] And they will receive a notification and then can go into ST. There is a mailbox
+[19:46] alongside.
+[19:47] If it is enabled and it's not on my server, or I will log in and show you. But if it was enabled, you'll see it. It's on the web client. It basically opens a second UI over there, a second tab,
+[19:58] where you can it's almost like a mail
+[20:01] kinda thing.
+[20:02] You can have attachments, and we can enroll people.
+[20:06] So if anything, the shared fault files that you are using are actually the secondary feature to that one.
+[20:13] We just tie them together at one point.
+[20:16] Okay.
+[20:17] Alright. But that's why
+[20:19] I think that's why it's a little confusing for you because whenever you say ad hoc, everyone thinks messages, and that's where I went as well, obviously.
+[20:28] So whenever you ask support or anyone about your ad hoc mention that it is file sharing and not ad hoc itself
+[20:37] so that they know Okay. What what to explain. And that's why this whole halting doesn't make sense because
+[20:43] it's So how are you how are you doing it now then is is the only way. Right? Account templates and things. Yes. You're actually doing it the better way.
+[20:53] Okay.
+[20:53] Alright. That's fine.
+[20:55] Alright. Thank you for that. I got a couple of more questions, but I'll ask after the next question. I don't wanna wait. Okay. Well, we have Mark Lee, and then I'll come back to you.
+[21:05] Alright. Oh, hi.
+[21:07] Hi. Thank you for taking my taking my question.
+[21:10] So I'm pasting these in the chat session. So there's two error messages that I'm seeing in the server log. I was just wondering,
+[21:17] generally speaking, what can I do to resolve these errors?
+[21:22] So the first one, protocol commands, batch size,
+[21:27] you basically
+[21:29] will need probably need to increase it.
+[21:32] It is let's see.
+[21:36] Let's see if I can find it quickly for you. So for the first one,
+[21:42] if you had never worked with that, you can always call our support.
+[21:48] Okay. I'm not sharing my screen, am I? Hold on.
+[21:53] If you are transported.
+[21:55] So
+[21:57] the first one is basically this setting in the server configuration.
+[22:02] Okay.
+[22:03] You can increase that one a little bit that the fact that it's complaining that for performance that tells me that your server was a little busy.
+[22:14] Are you enterprise cluster or standard cluster?
+[22:17] Standard cluster.
+[22:19] Yeah. Open a ticket to support about that one. Because on standard cluster, if you increase the batch too much,
+[22:26] it will degrade in a different way.
+[22:29] So you can talk to them to see what value. But, basically, what is happening is that you have way too many protocol commands that need to be written into the database at the same time,
+[22:39] and the value is too small, so they get hanged up. And that's why the server is telling you, by the way, you have way too many of those things.
+[22:47] So you might want to increase because, for example, you have a thousand of them and this mean 10 batches. If you increase to 200, it will be five batches, so it'll go faster.
+[22:57] But
+[22:58] depending on how often you see it,
+[23:00] that might be that detrimental.
+[23:03] Because if you increase it too much
+[23:06] and you don't have load all the time, everything else will might slow a little bit. So it's this fine tuning part of it. And that's why I asked what database you're using because with enterprise clusters, usually, you have a lot more data.
+[23:19] So it's more likely for that to happen. But that's that's what it is all about. It's basically pointing you to that one. You might want to check that one. If it's not a 100, if you had changed that,
+[23:29] set it back to 100, restart, and see what happens if it stops. If it is already 100, get support, see what their advice will be.
+[23:37] Okay. Got it. Okay. And the second one,
+[23:40] file archiving retention period is not an integer.
+[23:44] Oh,
+[23:45] you have a misconfiguration
+[23:47] somewhere.
+[23:48] So it might be
+[23:52] server again.
+[23:54] So under setup,
+[24:00] there is multiple places where this might be coming from.
+[24:05] My my guess is it's actually coming from the
+[24:10] account main file maintenance application,
+[24:14] which
+[24:15] have too many application.
+[24:18] Not
+[24:20] the account maintenance.
+[24:28] Oh, well, let me just create it. I might not have it.
+[24:33] So there is the file maintenance application
+[24:37] that determines
+[24:38] how old the days need to be before you delete them.
+[24:43] Mhmm. And it's possible that you have a weird value over here. So the good news is that it's just a warning, so it will go with I'm not going to delete anything.
+[24:53] So maybe
+[24:54] you put a too big of a value,
+[24:57] and it doesn't recognize it as an integer. Maybe someone mistyped
+[25:01] something, can put a commas there or dot or something like that. And don't forget that this also can be overwritten on the account levels as well, so it might be somewhere else. So start with the application and chase it down and see if you can find it,
+[25:15] but it's just a misconfiguration.
+[25:17] If you look at the message, it basically tells you because I don't know what to do, I'll use minus one, which means don't clean anything.
+[25:25] Mhmm.
+[25:27] So that's Now
+[25:29] this one, even though it can be set in a different in a few places, actually,
+[25:34] I think let me just check quickly. So we're configuration.
+[25:39] Yep. Hold on. Share. Share. Share.
+[25:43] I keep me sharing. So
+[25:45] so over here, it's also over here. You cannot edit from here because it's in a different pace usually,
+[25:52] but start from here. My guess is you'll see something weird here instead of the server. Maybe it's empty. Maybe it's it's just a misconfiguration
+[26:01] of the server, and most likely you just mistyped something.
+[26:04] I'm not going to tell especially
+[26:06] because in a lot of those fields, we don't have control and there is no checks and balances, so it will allow to save pretty much anything or maybe someone used an API. I don't know. But that's what it is all about. So from the two errors you see,
+[26:21] if you don't want to do file retentions anyway and you rely on it, I would just ignore the second until you find it and see where it's mistyped.
+[26:30] The first one,
+[26:32] see if it's 100 at the moment, if it is not restored to 100 unless support told you to lower it and just see with them what they'll say.
+[26:42] And how often do you get the first error?
+[26:46] Every day.
+[26:47] Once per day? Or There's a I I see multiple
+[26:52] entries of this. I check the logs every day and I see I've been seeing it for the past
+[26:57] week or so. So
+[27:00] yeah. Yeah. That's that's why My
+[27:03] my guess is that
+[27:04] you either have a little bit more volume this week or someone changed something they shouldn't have or something like that. So start with checking the value, and if it if it's not changed, get with support to see where to increase it or
+[27:18] increase it to 150, see what happens. You know? But it's a production system.
+[27:23] Alright? And I don't like changing things on the production system without checking things first. So Right.
+[27:29] Okay. Yeah.
+[27:30] But it's
+[27:31] we have been trying to to get those
+[27:35] messages better. So when you read them, we actually tell you what to do. And when you see by the way, whenever you see something like that that says value of and then some name with dot in it, always grab the copy this thing and put it in server configuration. You saw where I went, right, on the server configuration because 90% of the cases, it's one of those. If it is not there, then it is one of the configuration files. Right? Like the
+[28:02] pulls of the database and so on. But when it's one of those, and then if it is editable from there, obvious what you can do. If it is not, then there is another page somewhere on the server from where you're editing it,
+[28:14] like the second one.
+[28:17] Okay. Alright. That was very helpful. Thank you. Okay.
+[28:21] Gav, we'll get back to you in a second.
+[28:24] I see that you raised hand. So, Arpit?
+[28:27] Yeah. Hi.
+[28:29] So we have a new use case that for all of the user initiated
+[28:35] uploads, we
+[28:37] want to have
+[28:38] a total
+[28:40] volume limitation or a size limitation of the folder that they are subscribed to. So is there a way that we can do it at the account level or at the subscription level to limit the amount of storage
+[28:50] that they have for their folder by any chance?
+[28:54] No. Unfortunately unfortunately,
+[28:57] we don't have a good way to do it because we are multithreaded.
+[29:01] Mhmm. It's not even easy to implement
+[29:04] even if you want to build something. So
+[29:07] for the most part, the we
+[29:11] so there is a idea in the portal you might in the ideas portal. You might want to vote for that. I also know that they had been looking to see what they can do later this year or next year about that. So there might be something coming, but it's not committed yet.
+[29:26] Okay. Not completely.
+[29:28] But the the way the moment the server stands at the moment,
+[29:33] we do not have
+[29:35] any capability
+[29:36] to restrict people how much data they can send us. We can restrict the bandwidth they're using.
+[29:43] But that's about it.
+[29:45] Understood.
+[29:46] Thank you. The
+[29:48] way to do it, by the way, if you want to do something outside from ST,
+[29:52] if you have Sentinel or any other monitoring or
+[29:55] you have folder based monitoring on OS level. And the moment when
+[30:00] you reach the quota, you can disable the account or lock them or something like that. You know, it's ugly, but that's pretty much all the options. Understood.
+[30:08] Send send a warning at at at a certain threshold Yeah. Then maybe disable or block the account. Yeah. Understand. And you can do that either through the OS level monitoring if you are receiving but not deleting. But and it also depends on do you care how much data is received or how much is saved? If you're looking for the received, you'll need to calculate from outside, either through the APIs or if you have Sentinel, I will do a correlation a correlation rule in Sentinel.
+[30:35] That would be my solution, and that's what I usually built when I have this use case. And then I just sent a note, this guy already sent 50 gigabytes today. Someone needs to talk to them, and then an admin can decide what to do. Understood. But nothing kind of dramatic, I'm afraid. Okay. No worries. Yeah. And and as I said, they are in there looking into what to do, but the server is just built for get us as much data as fast as possible. So it's kind of counterintuitive,
+[31:02] but we have this request quite often.
+[31:04] And that's why, as I said, go to the ideas portal. There is an idea for that. I'm I'm sure because I I know a few customers that already put it in. And
+[31:15] yeah. Mention your use case. Yep. Definitely.
+[31:18] Definitely. So I just have another
+[31:21] question actually that's
+[31:23] a follow-up to one of the previous
+[31:25] Sure. Sessions I attended with you. So I talked about the partition days to prebuild option that's available in our server configuration now. Yep. And we use it for transfer log maintenance.
+[31:37] So in in our particular use case, we run the transfer log maintenance every
+[31:41] seven days.
+[31:43] When I say weekly once, actually, on on Saturdays,
+[31:46] instead of doing it daily as recommended by by Xway. That's that's the history around it that since in the older
+[31:52] versions of SecureTransfer when we were running,
+[31:57] we
+[31:58] did not have the partition partition capability within within Xway
+[32:02] to
+[32:03] so we just had one partition and to clear it out every day used to hamper the file transfers around that time. So then we moved that to happen on the weekday, that's
+[32:13] weekends, and that's the same setting we followed onto the new implementation five dot five. And now we got to know there's a partitioning capability available that we can use use and
+[32:23] and then do it. So coming to the question
+[32:26] so in in the last session, we spoke about how the partitioning happens, and then then you showed there is setting
+[32:32] or the time at which the partitioning happens once we set that setting, for example, say twenty or twenty five days.
+[32:40] And then it creates that many number of partitions.
+[32:43] And based upon the transfer log maintenance, it should drop as many number of partitions as possible
+[32:49] based upon the days we we have set in in that setting. So when when speaking with the with the support on on that which we're
+[32:57] working with them to implement this in our lower environment, and then we'll do it in the the production environment.
+[33:02] So they explained that
+[33:04] the number of partitions that it creates for the days that depends upon when you run your transfer log maintenance.
+[33:10] So that if you're running it every seven days,
+[33:13] so one partition will still hold the data of of of of of seven days worth and there won't be seven partition that it drops the older partition. So how
+[33:23] would you explain? Because this contradicts
+[33:26] with what we discussed in the last session or I may have understood it incorrectly.
+[33:30] So I just wanted to bring it up again and and and and
+[33:34] and then see what what you explained to that.
+[33:37] Honestly,
+[33:38] I here the answer will be, I don't know. I'll need to come back to you because I
+[33:43] had never
+[33:45] run
+[33:45] that application
+[33:47] not running every day. Mhmm. I I will play with how many days I'll keep, but I will always run it daily.
+[33:55] On a daily basis. So that's why my explanation on the partitioning and so on had always been the daily one. So
+[34:04] I don't know if when we're doing seven days, if the partitions are per period or are they
+[34:12] per day.
+[34:13] My understanding
+[34:15] historically
+[34:15] was that we're doing the daily.
+[34:18] But, again, I'm not sure if it is because we're doing the daily or because I always had had it set on the daily because that's always had been our recommendation,
+[34:26] and that's how it works and because it makes it easier to do the with Oracle, especially when you talk Oracle to do based on days because then the searches are easier inside of a day. Right? So
+[34:39] I will need to go back and talk to r and d and
+[34:42] support and see where we're standing on that. It's an unusual use case to say the least. Yeah. Definitely. And actually, we are trying to go back to the usual one to run it on a daily basis. But since the situation we are in, we want to assess it and then and then get it rightfully done in the lower environment that you're working with the support anyways.
+[35:00] So Yeah. Hopefully, we are able to find the answers to that. Okay. Can you yeah. Can you send me a mail
+[35:08] just to remind me not to I'm I will not forget. I took a note, and I'll try to chase down the answer.
+[35:15] Okay. I think
+[35:17] I I know what they are saying, and I understand where you're coming from. Because if we're if if you're running every seven days and we're building the partitions based on the seven day window as opposed to the one day window,
+[35:29] if you change the window, what happens with the old partitions and how we'll handle all that. Right? That's the two questions here. Right? So I
+[35:36] and I don't know the answer to that,
+[35:39] but I will try to chase it down. Because as I said, usually,
+[35:44] what we will do in
+[35:46] what I'll do in other customers and what I had done historically, I'll play with the number of days that we keep, but I'll never change the running schedule. The running schedule is always daily for me. Mhmm.
+[35:59] So
+[36:00] okay. I will try to chase it down for you. That's I like questions I don't know the answers for. Believe it or not, it actually gives me something to play with. Okay. I'll try to figure out what's gonna come. Thank you. Yep.
+[36:13] Okay. As I said, I don't know everything.
+[36:16] Okay.
+[36:17] Antoine?
+[36:20] Hey. Hi. We
+[36:21] have
+[36:22] a
+[36:23] customer connecting to us, and we wanna restrict
+[36:27] the folders that they see.
+[36:29] And we tried with the aspect restriction,
+[36:32] and then
+[36:33] we're I don't know if we're not setting up right or something. Like, could you talk to that a bit? So
+[36:40] when they log in, you want to risk that you don't want them to see all the folder in their home folders?
+[36:46] Correct.
+[36:48] Yeah. Or or they could see or they could see it but not be able to access it.
+[36:53] And when you say access, you mean not able to upload, not able to download, or not able to even open?
+[37:00] All three.
+[37:01] All three. Okay.
+[37:04] So the first question, can we restrict what they see? The answer is no. We basically will show them everything that is in their home folder.
+[37:12] Okay.
+[37:14] It's we there is no extensibility.
+[37:16] You can write an authorization
+[37:18] plugin
+[37:19] that does something else eventually
+[37:22] with the list type, but that's pretty much it. So that's the usual way to do it. You only need to do a pluggable.
+[37:28] But once they're in the folder,
+[37:35] what you can do is if you go to the restrictions menu,
+[37:39] and you see I've been playing Quick Links here,
+[37:44] You have when you're doing a
+[37:48] for the folders you don't want them to see,
+[37:52] you can restrict the access the the access to the file directory,
+[37:57] which will mean that it will give them act if you set it up properly, it will give them access denied
+[38:03] if they click on it, which is ugly, but that's pretty much all we can do.
+[38:09] So
+[38:10] you can restrict
+[38:11] them, but you cannot
+[38:14] what so you what you can
+[38:16] are they using SSH or HTTP?
+[38:21] Or both?
+[38:22] SSH. That's that's better, actually. Because HTTP has a little bit of a wrinkle because of the way we're loading directories there. But what you can we so
+[38:33] you will not be able to restrict this. If you restrict them access to directory,
+[38:38] that means that they cannot do anything inside of that directory either.
+[38:42] And that's
+[38:43] kinda logical,
+[38:44] but we had that problem with another place. So you will not be able to say, don't allow the directory, but still allow me to download files from inside. That won't be doable.
+[38:55] But if you want to restrict them on the directories, you specify the path over here. This is a relative path
+[39:01] to the home folder.
+[39:03] Okay. And the class, you know how it works. You can have as many classes as you want, obviously.
+[39:10] So and you also can do a depending on what you want to do, if you want them only to be able to risk to get
+[39:17] into one directory and nothing else,
+[39:21] then
+[39:22] you can do a blanket. You cannot access anything and then allow them to access.
+[39:27] So here is another question for you. Why do they have folders they shouldn't be able to to go into? Just out of curiosity.
+[39:35] Well, when they log in, they see, like, the subscription folders,
+[39:39] and we don't want them to look at those at all.
+[39:45] Okay. And this is SSH?
+[39:47] Yes.
+[39:49] Okay. I will give you another trick. It won't help. So you still need to do that. But in addition, you might want to also
+[39:57] what happens if your subscription folder start with a dot?
+[40:03] Because those would be Yeah. We we don't we don't have any with dots, but okay. So please Or you can try. Well, SSH is a little weird that way because it will still allow them to see them if they know what they are doing, but it might stop the
+[40:17] some of the.
+[40:18] You know? K. I okay. I I see where you're going. Okay. But it doesn't mean you shouldn't do the restrictions. So you still need to come here and do the restrictions.
+[40:28] But I also will say if all you want is to you do use those folders to process anyway,
+[40:35] you might as well and you don't care what the subscription folder is because you don't because you don't want people to go in, you might as well use the fact that dot folders are hidden by default by most by most clients.
+[40:46] So Okay. I would do it both ways. But yes. So what you want to do if you don't give want to give them access is to access file directory from here
+[40:55] and just
+[40:57] don't allow them to. And I would also make sure that make a directory is also forbidden
+[41:03] so they don't create their own directories. That's a generic thing I do on most of my servers
+[41:09] unless you want them to be able to create the directory and so on,
+[41:13] and that's about it. The other option is if you don't mind them looking into the folder, but you just don't want them to upload download,
+[41:20] you can play with upload download restrictions instead.
+[41:24] So Yeah. The thing the thing that was happening is they were putting the files where we wanted we're expecting it, and they were putting in this subscription folder.
+[41:31] So nothing was triggering because the file was not supposed to be there. So
+[41:36] okay.
+[41:37] Okay. Well, if that's your problem, I would probably do upload restrictions instead of the file system restrictions just because
+[41:44] it looks uglier when when they do CD and give them permission denied, they'll or or access denied. It will usually come to you and tell you I cannot get into my folder, and you have a hard time explaining,
+[41:57] you know, you're not supposed to be there.
+[41:59] So up to you, but you can either do access from here or just put upload restrictions on the folders.
+[42:08] Yeah. Okay. Thank you. Mhmm. And if you use the dot
+[42:12] as a start, that also gives you the ability to do a easier recognition of those folders.
+[42:19] You know? Yep. Yeah. I I think we're gonna try that out. Thanks. Yeah. Again,
+[42:25] it won't help completely,
+[42:26] especially because it's SSH and some of SSH clients are space are are specifically tied to see the dot folders.
+[42:33] But I've been doing this historically
+[42:35] because especially for
+[42:37] less what's the word? Less technical people, they will not even see those folders anymore.
+[42:43] But again, do
+[42:44] both things
+[42:46] as usual. So Okay.
+[42:49] Thank you.
+[42:50] Mhmm. Okay.
+[42:53] And
+[42:54] back to Gaf.
+[42:58] Yeah. Hi again. Yeah. My questions again
+[43:01] is around notification.
+[43:03] So
+[43:04] we
+[43:05] have notification
+[43:07] when we route the file, right?
+[43:11] But is there any notification that we can set? So
+[43:16] when
+[43:17] there's
+[43:18] a failure to pull the file in the first place?
+[43:22] Is there any notification?
+[43:28] There it is. Let me get on the server.
+[43:33] So
+[43:36] when you go to your
+[43:39] subscription
+[43:42] Yeah.
+[43:44] And
+[43:47] it needs to be advanced
+[43:49] routing. It cannot be basic app. Yeah. But over here,
+[43:54] see where it says
+[43:58] on failure.
+[44:01] This part over here, smack in the middle of the screen, not at the very bottom. So you have so you have three sections here.
+[44:09] So let's ignore it's let's forget about that because so it doesn't matter. So the first section four sections, the triggering the you have the on success,
+[44:19] which is if the file
+[44:20] goes into routing.
+[44:23] Yeah.
+[44:26] You have on failure,
+[44:28] which is if there is a problem during the arrival of the file, which is usually applicable to both sets and set both client and server. And you have the post download, which is if a user downloads a file, and the bottom is the post routing, which is after at the end. But for your case, if you're doing a pull,
+[44:45] so you have couple of places where you can do something. Number one, it depends on the failure. If the failure is we didn't find any files,
+[44:55] this is actually a success scenario.
+[44:57] But Yeah. What you can do is to execute a route
+[45:02] when the remote server returns no files. So this will send you into routing, and then you can do a conditional route that says if the wildcard pool was empty,
+[45:12] and we'll go I'll go and show you where to set up that, and then you can do a mail notification at this point.
+[45:18] Or if it is an actual failure, we try to pull a file but something went horribly wrong, then it will throw you into this section over here on failure
+[45:27] where, again,
+[45:29] you can execute a route.
+[45:32] And, again, if it was a failure and it didn't find file as files as well,
+[45:38] you can also check on that. It it depends on how you had set up your servers. Right?
+[45:43] But that's how you set it up.
+[45:47] Go
+[45:50] ahead. Yes.
+[45:51] So
+[45:52] what we want notification is for, so
+[45:55] we try to connect, there's a connection failure, right? If there's no files,
+[46:00] if this connection is successful and there's no file, that is fine, we don't need to know. Okay. Then you- Okay. You should see.
+[46:09] Okay. Yeah. In this case, uncheck this one.
+[46:13] Uncheck this one because we don't want to check if there is no files.
+[46:17] And you just do on failure over here and you send it into routing.
+[46:22] And then in your routing package,
+[46:28] so you usually have your route which are always and so on. This is the positive case. Right?
+[46:34] So you have so what you create is a new route
+[46:37] that runs
+[46:38] on,
+[46:41] and here the oops. The trigger will be a transfer trigger pull and transfer status is failure.
+[46:49] So there was a server pull,
+[46:51] but it failed.
+[46:53] See? Okay.
+[46:54] You do that,
+[46:57] and then over here you notify
+[47:00] on
+[47:02] route triggering,
+[47:04] and that's it. And you save that one.
+[47:07] Yeah. You
+[47:08] know, I'll just put some
+[47:15] that's
+[47:17] the wrong one. Where is my failure one?
+[47:19] Routing failed. Let's say it like that. And save. I didn't put a name.
+[47:30] And save.
+[47:34] So now you have two of them.
+[47:37] And if all matching, this will always run. This is not what you want. You switch that to first matching.
+[47:43] For example, you reorder them. You put that one first,
+[47:48] and then you save. So if it comes with a failure, it will hit on this one. If it comes as a success, it will come from this one. Or if you want to do all matching, you'll need to make this one conditional as well.
+[47:59] K.
+[48:00] That's it.
+[48:03] In
+[48:05] the subscription, need to select any failed or something?
+[48:09] Yes. Then on the subscription, let me just save that one so we don't close it. Then on the subscription itself,
+[48:16] you need to send the oops. I clicked on the wrong thing.
+[48:21] On the subscription itself,
+[48:23] you watch it. So by default, arriving files go into routing automatically,
+[48:28] but you also control what else goes into routing.
+[48:31] And in this case, you want on failure over here to go into routing.
+[48:37] Okay.
+[48:38] But
+[48:39] how do you select the any
+[48:43] failed route?
+[48:47] It's already preselected.
+[48:48] It's basically Okay. It's all within the within the route. Okay. Sorry. Yeah. Yeah. Yeah. It's always the same package. That's one of that's why you need a secondary route inside of the same package. So at the top, when you select the package that that you use for the routing of the positive files,
+[49:04] you just will need to have a route inside of the same inside of the same package. You cannot select a different one. So anything you want to do, any of those checkboxes and sending things into routing from here will be you'll need to be inside of the same package.
+[49:20] Okay. Understood.
+[49:21] That's why you want it conditional.
+[49:23] And you can play with that because there is a lot of other things. You have the post download stuff as well. So for example, if a user downloads a file, you can do something as well, like, someone. Oh, someone picked my file. Yay.
+[49:35] We find that I find that very useful, for example, if I do publish to account
+[49:40] so that I can then notify someone that the recipient actually picked up the file.
+[49:45] But it's just usually, people, when they think about this page, they think about the bottom, the post routing after you came out of the route. But before that, ahead of that, there is a lot of settings that allow you to do things if something goes weird, including,
+[49:59] you know, no files found or errors or successes or anything like that. And then you can once you're in a route, you can set mail notification,
+[50:08] but you also can run a route that basically calls something. You know? There is no file, so there is nothing to push out,
+[50:15] but you can call an external script or
+[50:18] something.
+[50:20] So Okay.
+[50:21] Yeah. That's good. Thank you. Yep. So just play with that a little bit.
+[50:26] It's it's pretty straightforward.
+[50:29] It's actually working nice. The biggest
+[50:32] challenge I think people see with that is what they are forgetting the order of the routes over here.
+[50:38] So just make sure that your positive route doesn't run on errors because then it gets a little weird because it's erroring out because there is no file. So it's like, I don't have a file to work on. What are you doing here?
+[50:49] So
+[50:51] but
+[50:52] it's up to you how to handle it. Now I would usually either do a force matching,
+[50:57] which always will do the trick.
+[50:59] But because there is so many other possibilities
+[51:02] in this case,
+[51:03] I actually will do this one conditional as well. I will just do it
+[51:08] on
+[51:13] just on success. Transfer status is success.
+[51:17] Oh, and by the way, for the empty files, this is the condition. If you want to catch if you have empty files, if you're expected
+[51:23] to have files, but there aren't any, You can check if it was a wildcard pool, if it was empty or not empty, you know, the other checkbox over there. But here, what you can do is on the positive one is to do something like that. Oops.
+[51:37] Just transfer
+[51:39] status, it will success.
+[51:41] This way, if any of the error conditions come in, it will not trigger on that one in case you forget to create one, but it's up to you.
+[51:50] Okay. Yeah. Understood. Thank you.
+[51:53] Yep. All good. Thanks. K. And don't forget that a lot of that also can be on the steps level.
+[52:00] So there is also the possibility to run a single route, and then on the steps, just run them if it was a success. But that's just ugly and very hard to troubleshoot. I find the setting kit up that way
+[52:12] with a separate route that
+[52:15] that does whatever and naming it properly. Don't call it any failed, obviously. But it's easier to find for me. I write a description and so on, and that's about it. And, also,
+[52:26] don't forget you still have the template routes. So if it turns out that you want to do that for every one of your routes, you can also just stick it on the template instead of creating it inside.
+[52:38] So it doesn't matter if it is on the template or What what do you mean template prior to what is that? So
+[52:44] anytime when you create a new package,
+[52:47] you know, when you start building
+[52:49] route,
+[52:51] you need to select a template at the top, right, which is what is the basics.
+[52:55] So most people, a lot of people just use an empty template.
+[52:59] But you can have routes inside of your template as well, and they will both work together with the ones from the local.
+[53:06] So if you have things that need to be enabled for everyone and usable for everyone, instead of building them inside of the account, you can build them in the template route,
+[53:16] and then they will be just coming into the inheritance.
+[53:20] Where'd you create the template route?
+[53:26] Over
+[53:26] here.
+[53:30] Those are called template route or route packages or whatever. And you usually have at least one,
+[53:37] which is either empty or not. And using templates We have an empty one. Yeah. Yeah. But if you want to so one good thing about the template route is if you have something repeatable like this one, you can put it on the template route itself.
+[53:52] And then when you create the package inside of the account,
+[53:56] you can actually disable or enable the package level. So if you have let me let me just create one very quickly so can show you what I mean. So if I create a route here,
+[54:08] and I won't do anything, I'll just do a empty route just oops. Just so I can show you. So if you have an empty route here,
+[54:17] save.
+[54:18] Right? When you go to the account to create,
+[54:27] my route one zero one,
+[54:30] See how it shows up automatically.
+[54:34] You can decide if you want it to run or not. So at this point, you can either enable or disable, and that way you don't need to create that one everywhere because it already comes through the inheritance.
+[54:45] Okay.
+[54:46] And this is a useful thing to do, especially for things like that because then you when you're assigning the route locally, you know, oh, this one will need to have the route the the the checkbox done out on the subscription. So let me keep it enabled, but you can always just disable it. If you disable it, it is as if it never was here.
+[55:07] If it's enabled, it will just run, but you don't need to create it inside of every single account.
+[55:13] Okay. So if I go and create it now, it will apply to all
+[55:16] routes
+[55:17] within user
+[55:20] accounts and account templates?
+[55:22] Yes.
+[55:24] Okay. Account template is operational at all times. So if you go and create it in your empty route now, it will automatically
+[55:33] populate
+[55:35] for
+[55:36] inside of all of the preexisting packages that were already created in the accounts.
+[55:42] Okay. The
+[55:45] default
+[55:46] selection will be all matching
+[55:48] routes?
+[55:50] Yes. But because this one is let me open one of the old ones. See the one we were looking at earlier? See, I changed it, so it now showed up. It the default over here so there are two separate roles rules here because this one is on a separate rule set, and it was when you create it in the template, this is where you specify.
+[56:09] And then there is a second point over here. So they can all be all matching and so on. But because it's coming from the template
+[56:16] and it's conditional,
+[56:18] so mine, I make it always. Obviously, this shouldn't be always, but it was just an example.
+[56:23] But it's so if it is enabled or disabled by default, depends on how you set it up in the template. So if you don't want it to be enabled by default, when you go to your template to create it,
+[56:34] you can set it as disabled there, and then you can just enable it when needed. So if you want to do it on your current template,
+[56:42] what you can do is go to your template. Oops. Sorry.
+[56:46] Disable it here.
+[56:50] So now it will always show as disabled. So if as if nothing happened, and you can enable it on the local local routes wherever it's needed.
+[56:58] Makes sense?
+[57:00] Okay. Or you can select first matching route there?
+[57:04] Yes. But again, it's a separate list, so there are two of them.
+[57:10] But by default, it will be
+[57:13] Even if you select even if you select first matching here, this is not the same as on the account because on the account route template on the composite,
+[57:22] you have two separate maps. One coming from the inheritance and one coming from
+[57:27] the template from the local itself.
+[57:31] And with first matching, you have two first matchings. You can have both of them still running even on the first matching. That's what I'm trying to say.
+[57:38] Alright.
+[57:39] Alright. I'll test it out anyway. Thanks. Yep. But if you already have the template, that's what I would do. I would create it inside of the template in disabled state
+[57:49] so that it automatically shows up everywhere, and then I'll go play with an account. Because if it's disabled,
+[57:54] it's like it's not there, so nothing will change. But it will be there. And once you know how it works, then you can start enabling by just doing the checkbox
+[58:03] on all the accounts where it's needed. So
+[58:06] Yeah. Okay.
+[58:07] So one thing
+[58:09] that is you need to be careful about with that, and you want to test very carefully, is what happens if it coming from the template,
+[58:17] but the positive one is on the local.
+[58:20] Because
+[58:22] in this case, you will need to make the local conditional
+[58:25] because otherwise,
+[58:27] they both will run on error,
+[58:30] which is what you don't need.
+[58:31] That's
+[58:32] what you always, When you have both template routes and local routes on the composite,
+[58:38] you always need to remember that first matching
+[58:41] now has two answers. So both of them first matching in both sections will run.
+[58:48] Okay. Yep. Thank you. Yeah. And that's why I would just make all of them conditional and be done with that. That's why, you know, earlier how I said that when I do that, I usually will switch the positive on conditional as well just with transfer success.
+[59:01] That's the reason.
+[59:03] So I don't need to worry who is running. If you are controlling who is running when, you don't worry about always.
+[59:10] Makes sense? Yep. Yep. Good. Thank you. Don't play with that. And by the way, for anyone on the call that had never used templates, look at those things, guys. They're very, very powerful, and they gives you a lot of flexibility of what you can do with those servers without needing to do it on every account separately.
+[59:29] And when your management ask you to change something, it's a single place to change. But, again, it will change everything for everyone already deployed,
+[59:38] so
+[59:40] careful.
+[59:41] Okay.
+[59:44] Okay.
+[59:45] Other questions?
+[59:46] I don't have any raised hands left.
+[59:51] I have a question.
+[59:53] Sure. Annie, so for
+[59:56] there's a new
+[59:58] feature
+[59:59] introduced which
+[60:00] the subscriptions where we have to
+[60:03] do an auto pull from a remote from a transfer site, and there is a call keep pull history for
+[60:09] for some days. So how
+[60:13] intrusive that setting do you think has has been and how much do you recommend recommend using this? Because we do a lot of pull operations and
+[60:20] many a times when the remote server doesn't allow us to do the housekeeping of the file, either delete or rename or move it,
+[60:27] we end up downloading the same file again. And
+[60:30] this may seem to to be a good feature to use, but just want to
+[60:35] check how intrusive that is, how performance intensive it is, and because it will keep the the file names or some some some information somewhere in the database or in cache where it will keep on referring each time the transfer site is is called for or the subscription is called for.
+[60:50] Yeah. Actually, it's not in the database. It in it is in the SDFS folders.
+[60:54] You know how
+[60:56] so it's locally on the file system. So if you have a lot of files,
+[61:01] the transfer operations for this specific subscription might slow down a little bit while we are figuring out the list of the files because we need to read and so on. But the way pulls are working is that
+[61:13] we get the list of the files
+[61:15] from
+[61:16] the from the server that says here are the 10,000 files I have. And now we start working one by one to see to to create the pools for them in the database to pull them one by one. Right? That's how ST works. Right. When you enable pool history,
+[61:32] what happens is that before we create this small pool thing into the database to pull the individual file, we'll also check, Oh, by the way, do I actually want this file or not? That's
+[61:44] all the addition to that. So if you have a huge amount of files in the pull history,
+[61:49] that process of deciding which files to pull may be a little slower
+[61:54] because we need to check through the list. Right? And it's a file based list.
+[61:58] But
+[61:59] once this is done,
+[62:00] we don't check anything else. And, obviously, when we pull the file, we'll write into the file to tell it, oops, we got the file and there is a cleanup operation.
+[62:09] So
+[62:11] I haven't
+[62:12] seen performance
+[62:13] degradation because of that. I had seen it again slowing down on a huge lists just Mhmm. You know, just because with a long list, it's obvious, but it doesn't influence other customers.
+[62:25] It doesn't really slow down the transfer itself. It's just the decision process if we want to file or not.
+[62:31] And it happens early on. So and it's but it is but I I also can point out that compared to how much time you're losing at the moment downloading the same files over and over,
+[62:44] it will actually speed up your server. Because if you need to grab the same 10 files every hour as opposed to knowing, oh, I don't want them Mhmm. You know, the check if we want the file will run considerably faster than actually getting the file. That I can guarantee you. Understood. So,
+[63:02] yeah, it's useful. That's why we added it. But also,
+[63:06] as you know, pull history is not for all protocols.
+[63:09] We couldn't get it to work for most protocols. So hopefully, it's if it is SSH, obviously, it's there. Yeah. For all. SSH. Yeah. Okay. That's right. That's right. Yes, that's what exactly what it was created for. So you don't need to download
+[63:22] all every single file
+[63:24] Okay. Every
+[63:26] So as you mentioned that it keep it keeps that
+[63:29] the history in the SDFS folder. And so generally, what we do is we we download a file, deliver it to wherever it has to go, either publish to account or send to partner and just delete the local copy.
+[63:41] So the SFS entry will still be available, right, for the full history to to be to be There is no requirement for the file to physically still be in the subscription folder. We don't check the subscription folder itself. We check our record of it. Now if you delete the subscription folder or the account or move the home folder and not move everything and so on, we might lose the history
+[64:02] because it's in the file system. But as long as you don't do something weird like that,
+[64:07] we don't care if the file is still there or not. When we go an hour later, we know we pull that file an hour ago. We know that it's not new enough to pull again. We we check the size and the time, you know, so that if it's a newer file with the same name, we'll still grab it because we check all of them. But if it is the same file, same time stamp,
+[64:27] same size, same file name, we're just going to say, yep. We got that one. We'll skip it next.
+[64:32] We don't care if the subscription file is there.
+[64:36] Okay. Okay. That sounds promising
+[64:38] actually because we are thinking of starting to test it and then see if how it works for us and then maybe actually start utilizing it in production. So thank you for explaining that. So so one thing you need to set up, as you know, is the number of days to keep. Right. What it what it what it does is essentially for how long to keep the list of the files. If you make this value too big and there is a lot of data, this file will keep growing.
+[65:04] The the data, the SDFS data about how what files are in. So if you keep sixty days worth of
+[65:11] files and you're running a thousand files per day, that's 60,000 files. Right? Oh, yeah. Or 60,000,000 if you millions. But and that's why you and you'll need to play with that. And the way it works is that if if you keep seven days of records and the same file arrives on day eight,
+[65:27] we'll still grab we'll grab it again. Because for us, we never grab that file because we are only keeping seven days.
+[65:35] That's true. So yep.
+[65:38] And
+[65:39] mhmm. Sorry. Please go ahead. Go ahead.
+[65:42] No. I was going to say it's pretty useful exactly for the use case you have,
+[65:45] which is my partner doesn't allow me to delete or move the file after I grabbed it. So that's why we build it.
+[65:52] Understood. Yeah. Thank you. That's promising. And just to reassure what the
+[65:57] example that you gave in the beginning
+[66:00] about
+[66:01] how SD functions to pull the files of sales, say, thousand files available on the remote side and we have set
+[66:07] in the in the subscription on the transfer side to pull ten ten transfers parallelly.
+[66:12] So for each of the file it downloads, will it will open a new SFTP connection, download the file, and close it. That's what the right understanding is or can it download four files in just one connection? How does that Okay.
+[66:25] So
+[66:27] the default answer is yes. It will be one file per connection.
+[66:30] However,
+[66:31] for SFTP,
+[66:32] we actually have a new parameter
+[66:34] that allows us to reuse the connections.
+[66:38] Okay.
+[66:39] What is that? So Show
+[66:41] me. Yep. Getting there.
+[66:46] It's one of our other partners has this concern that we open too many connections in a short period of time to download all the files.
+[66:53] Nope. That's not the one. What's the name of this parameter now?
+[67:05] I'm drawing a blank.
+[67:07] Does anyone on the code remember the name of my parameter?
+[67:13] Should do something with reuse
+[67:15] by any chance or SSH?
+[67:26] Well, that's embarrassing.
+[67:33] So there is a parameter.
+[67:35] I'll find it if I cannot find it now. That basically says
+[67:39] pull. Maybe under pull.
+[67:48] Here it is.
+[67:49] SSH SIP connection pool enabled.
+[67:55] K.
+[67:56] Hold on. Let me just pull them.
+[67:59] See, I told you I don't know everything, but I usually know
+[68:03] how to find it. So SSH connection pool enabled, when you enable that is the that's the reusability of the SSH connections during a poor push operations.
+[68:12] And you specify how long to keep the connection. So if this is enabled, and for example, you tell us on the site or on the subscription no more than 10 per,
+[68:22] then we'll open the first 10 connections for the first 10 files. But for file number but when we are done with the file, instead of closing the connection, we'll just leave it in the pool. If file 11 comes immediately after that, it can reuse the existing connection to send it out, which can speed up things considerably on a huge amount of files.
+[68:42] K. Okay. Understood. But And it is Sorry.
+[68:45] Please go on. But it it is harmless if you have a low number of files. So if you only have five files and we never reach the threshold of the pool, then we'll never use anything. They'll just close a little slower
+[68:59] because we'll keep them open just in case there are more files coming.
+[69:03] But in fifteen seconds or something, so your close operation will be a little slower, but the file transfers will not be negatively
+[69:10] impacted performance wise.
+[69:12] But if you have a lot of files going in the same direction or coming from the same direction, this will actually save you time because we will not do open and close all the time.
+[69:21] Understood.
+[69:22] But whatever the number of panel transfers we set in the in the transfer site, so that will still open that many number of Yes. Connections and then the reusability will be applicable in in the in the further Yes. Downloads that we do. Understood.
+[69:38] It will be the maximum number because
+[69:41] if, for example, we have five files
+[69:44] and then the sixth file arrives whilst yours and the one of the five have just finished, we will reuse the connection immediately because it's still in the pool.
+[69:53] But if there is enough files to open the 10 connections, we'll still open them. We're just not going to open one. So if you say 10 connections on the transfer side, we will open up to 10 connections.
+[70:04] When the new files come in, our first job will be, is there an open connection by any chance for me? If there isn't and
+[70:11] there is one still not open from the top from the max, it will open it. But if there is 10 open connections that are moving
+[70:19] Mhmm. Then this one will be waiting for one of the others to finish the file and then we'll reuse
+[70:25] and so on. So that's how it works. We're not going to just wait for files. If there is a connection connection being able to be open, we'll open it immediately.
+[70:33] So what that does is just not to close the connection as fast
+[70:37] so that if there are more files to go, it can use reuse it.
+[70:43] Makes
+[70:44] sense.
+[70:45] And but and the reason why I'm explaining it's harmless
+[70:49] if there isn't enough files is because it's a server side property. So once we enable it, it will be valid for all the SSH sites, not just for the problematic customer. Right.
+[70:59] Alright. I understand. But it's again and what
+[71:03] you'll see is a little slower closing,
+[71:06] but that's about it. And we actually have some intelligent controls that actually can look into the event queue and see if there are actually files stacked up waiting for that specific place.
+[71:16] So they might even close on time. They are working on some of the performance consideration. But in my experience, it's pretty harmless to actually enable it to leave
+[71:25] it enabled, and I recommend people that know that they might have a lot of files to keep it enabled. The only reason it comes disabled by default is because it's a new feature and we don't enable new feature. But my recommendation usually is to have it enabled for the most part because it's helpful.
+[71:42] Okay. Okay. That's again a promising feature I discovered today. Thank you for that. Yes.
+[71:48] By the way, this one and the history, the pull history were created exactly because of those big pulls coming from SAPS
+[71:56] and
+[71:57] had been things people had been asking forever about. So
+[72:01] Mhmm.
+[72:03] Okay? Yep. Thank you.
+[72:06] Okay.
+[72:07] We have about ten more minutes before Nicole tells me that we are overtime. So
+[72:12] time for last questions.
+[72:20] No?
+[72:22] Nicole,
+[72:23] we're on time.
+[72:26] Okay, everyone.
+[72:29] So I'll get back to her because she has some other things to finish the call with. I just want to tell everyone or remind everyone that we'll have an s t APIs meeting in two weeks,
+[72:41] and I'll be happy to see most of you or all of you or whoever wants to listen in.
+[72:48] And other from then, thanks everyone for joining.
+[72:51] Back to Nicole for finishing touches.
+[72:53] And if you
+[72:55] you know how to reach us through the community portal if you need us,
+[72:59] I'll be very happy to see all of you either on the ST API virtual group in two weeks or in August on the next ask Annie.
+[73:09] And,
+[73:10] Nicole, back to you.
+[73:13] Yes. Thank you very much, Annie.
+[73:16] Great session again.
+[73:19] So, yeah, as usual,
+[73:22] I just wanted to
+[73:25] share with you and remind you
+[73:27] about
+[73:29] our
+[73:30] community portal
+[73:31] and the different
+[73:33] assets that you can get from there.
+[73:36] So you can post
+[73:38] your ideas
+[73:39] to enhance
+[73:41] the
+[73:43] secure transport
+[73:44] product,
+[73:45] suggest
+[73:46] some evolution
+[73:47] of it.
+[73:49] There are also
+[73:50] all the upcoming user groups that are posted there and you have the link
+[73:56] there to register.
+[73:58] If
+[74:00] you missed the email
+[74:02] that I'm sending to invite you, you can catch up there.
+[74:06] And also, you'll see
+[74:08] under the user group entry at the bottom of the page,
+[74:12] you'll have all the
+[74:16] previous
+[74:17] sessions
+[74:18] and the
+[74:20] link to the
+[74:22] article where the recording and the presentation
+[74:26] were posted.
+[74:27] So
+[74:29] you know,
+[74:30] You
+[74:31] can access from the community portal also to the roadmaps
+[74:36] of the product.
+[74:39] And you have also
+[74:41] the
+[74:42] forum where you can post your questions and the community can answer either your peers
+[74:49] more and more, this is what happened and it's great,
+[74:52] or
+[74:54] our experts
+[74:55] use
+[74:57] and abuse of it.
+[75:00] What else do we have? Yeah. You have the, what's new video
+[75:05] on YouTube.
+[75:07] So don't hesitate to connect there, to,
+[75:11] subscribe
+[75:13] and follow.
+[75:14] Now
+[75:16] for
+[75:17] each new update
+[75:20] on ST that are
+[75:22] delivered,
+[75:24] there is
+[75:25] what's new video
+[75:27] where it is presented what you can benefit from this last update.
+[75:36] And the platform, the G2 platform,
+[75:39] if you want to post your review there
+[75:43] about Secure Transport,
+[75:46] it helps
+[75:47] people that are searching
+[75:52] for this
+[75:54] kind of product.
+[75:57] It helps to know
+[75:59] your
+[76:01] what you think of the product. So don't hesitate to post.
+[76:06] And
+[76:07] to encourage you
+[76:09] to do so and to encourage
+[76:11] and to thank you if you do, it is anonymous,
+[76:16] but the process give you a $25
+[76:21] card,
+[76:25] same, don't hesitate.
+[76:27] And with that, as
+[76:30] Annie mentioned,
+[76:32] our next
+[76:33] user group on
+[76:36] Secure Transport
+[76:37] is planned
+[76:39] for the July
+[76:41] 23,
+[76:42] and it will be about the APIs
+[76:46] of ST.
+[76:48] And then
+[76:51] the next session,
+[76:52] the next ask any session
+[76:54] is planned for August
+[76:56] 22,
+[76:57] and there will be one in September also
+[77:03] in September 12.
+[77:06] And it will continue
+[77:08] also
+[77:08] later
+[77:09] in the year.
+[77:11] So
+[77:12] I hope you enjoy
+[77:15] summer.
+[77:16] And if you have some vacations plan,
+[77:18] I hope it will be great.
+[77:22] But for that,
+[77:25] we
+[77:27] no. Actually, I won't be hosting
+[77:29] the one. I have one week of vacation plan,
+[77:34] July
+[77:35] 22.
+[77:36] So
+[77:37] I won't be hosting this one. It will be
+[77:40] my colleague.
+[77:42] So thank you very much. I hope you enjoyed the session again.
+[77:46] Bye bye.
+[77:49] Yeah. Bye bye. Thank you, guys. That was a wonderful session as always.
+[77:53] Thank you so much. Will you be sending the recording, or do we have to check-in the portal for the recording?
+[77:59] No. I will send an email with the link to the article posted on the community. Yep. And it will be also on the portal. So you'll get the mail, and you can get it from the portal. So it's not either or. We do both.
+[78:13] Thanks, everyone. Thank you. Bye.