Release Notes

General

This Release Notes file contains important information about changes and enhancements of DirX Audit 9.1 that are not described in the DirX Audit user documentation. Familiarity with the DirX Audit user documentation is recommended because it will make this Release Notes file easier to understand.

Licenses

The Product License Agreement must be accepted in order to use the DirX Audit software products. Please refer to the file license.txt on Windows systems or read the file license agreement with page resp. more on Unix systems.

DirX Audit Highlights

General Features

DirX Audit provides a platform for the central compilation and analysis of identity-based audit logs and snapshots of history entries. It includes collectors to retrieve or receive audit information from external source applications, workflows and connectors to import history entries, a database to store this information securely and the DirX Audit Manager to evaluate the stored audit events and history entries.

DirX Audit comprises these main features:

  • A set of collectors that allow importing audit messages from various sources.

  • A selection of relational databases can be used for persistent storage of the audit events, history entries and configuration data.

  • The audit events database schema is based on a customization of the RFC 3881 (Security Audit and Access Accountability Message XML Data Definitions for Healthcare Applications) standard.

  • DirX Audit Manager, web-based user interface components, that allow for comfortable retrieval of audit results.

  • Convenient correlation of events and activities from different IAM sources in a single online user interface with Dashboard, Audit analysis and History pages for different levels of analysis.

  • Standard identity audit key performance indicators (KPI) that provide statistical information about audit events or history entries over a period structured into online analytical processing (OLAP) tables for fast, interactive analysis and insight into IAM operations.

  • Dashboard page for analysis of KPI data, with slice and dice to more detailed audit event or history entry information as necessary.

  • Audit analysis page of audit events retrieved from the central database according to a given search filter and summarized for ease of use, providing auditors and security compliance officers with the answers to the when, where, who, what and why of user access and entitlements.

  • History page for searching and viewing the state of DirX Identity entries in the past, comparing their state between different points in time and checking the state of related entries. Also audit events relating to the history entry are visualized in the History page.

  • Configurable report templates in the Dashboard, Audit analysis and History pages for exporting selected audit data to file format.

  • Management of public and private dashboards on all attributes and over a time period.

  • Statistics evaluation based on the query result.

  • Display of the statistics result in various chart types.

  • Automated consolidation of identity-related audit logs with transformation to a standard format, giving DirX Audit users a unified presentation and analysis of audit events from a variety of sources.

  • Authentication and authorization against any Lightweight Directory Access Protocol (LDAP) directory to the DirX Audit Database.

  • Secure, persistent storage of audit logs in both their original and normalized format in a central database.

  • Query and report templates to make it easier to analyze audit logs. DirX Audit provides pre-configured reports based on the TIBCO JasperReports Library technology. Additionally, customers can download and use Jaspersoft Studio to customize them or create their own reports to meet specific requirements.

  • Configurable Dashboard layout and chart templates to analyze audit events and history entries according to several criteria.

  • Integration with archive solutions through purge/restore functionality.

  • Reporting service for scheduling jobs that can regularly and automatically generate and email user defined reports according to a schedule plan. Reports can be configured in a highly flexible way.

  • Persistent storage of DirX Identity history entries in a central database.

  • Persistent storage of contextual audit event relations and dependencies.

  • Risk assessment of users based on risk factors like the total number of active accounts, applications, group memberships, imported accounts, imported memberships, privileged accounts, and SoD exceptions. Single risk factors can be combined to overall risk.

  • Support for multi-tenant installation and configuration in all system components (Manager, Server, Message Broker, Tools).

  • Distinction of auditor roles Audit Administrator, (common) Auditor and Restricted Auditor with only limited access rights to selected reports.

Information about Discontinued Features

DirX Audit 9.1 does no longer support these features:

  • DirX Audit Manager Classic has been retired and replaced by DirX Audit Manager with a modern Angular-based user interface, and a RESTful API architecture for easier integration. The new product offers enhanced performance, and better usability.

  • Fine-grained access control for retrieving audit events from DirX Audit Database via DirX Audit Manager Classic.

DirX Audit 9.1 is the last version that supports the following features:

  • none

Previous Releases

Previous DirX Audit releases:

Version Release Date Notes

DirX Audit 9.0

Aug. 5, 2025

*)

DirX Audit 7.2

Jan. 13, 2023

*)

DirX Audit 7.1 SP2

May 20, 2022

*)

DirX Audit 7.1 SP1

Aug. 3, 2021

*)

DirX Audit 7.1

Jul. 31, 2020

*)

DirX Audit 7.0 SP1

Oct. 18, 2019

*)

DirX Audit 7.0

Jun. 29, 2018

*)

DirX Audit 6.0

Apr. 15, 2016

*)

DirX Audit 5.0

Jun. 19, 2015

*)

DirX Audit 4.0

Apr. 11, 2014

*)

DirX Audit V3.0B

May 17, 2013

*)

DirX Audit V3.0A

Mar. 30, 2012

*)

DirX Audit V2.0D

Dec. 13, 2011

*)

DirX Audit V2.0C

Oct. 20, 2010

*)

DirX Audit V2.0B

Apr. 30, 2010

*)

DirX Audit V2.0A

May 31, 2009

*)

DirX Audit V1.0C

Jan. 23, 2009

*)

DirX Audit V1.0B

Nov. 10, 2008

*)

DirX Audit V1.0A

Sep. 12, 2008

*)

*) See the History of Changes for a history of changes of previous DirX Audit releases.

Supported Platforms

DirX Audit 9.1 is available on the following platforms:

PC (Intel)

  • Microsoft Windows Server 2019 (x86-64)

  • Microsoft Windows Server 2022 (x86-64)

  • Microsoft Windows Server 2025 (x86-64)

UNIX

  • Red Hat Enterprise Linux 8 (x86-64)

  • Red Hat Enterprise Linux 9 (x86-64)

  • Red Hat Enterprise Linux 10 (x86-64)

  • SUSE Linux Enterprise Server 12 (x86-64)

  • SUSE Linux Enterprise Server 15 (x86-64)

Virtual Machine Support:

  • VMWare ESXi, in combination with the guest operating systems listed above and that are supported by VMWare ESXi.

Clients run also on Windows 11.

Note: You can install DirX Audit completely on Windows 11 for non-productive use (demos or PoCs). Do not use this configuration for productive use.

Java Requirements for DirX Audit

DirX Audit requires a customer-supplied Java SE installation. No embedded Java environment comes with DirX Audit. It is customer’s responsibility to download and install any Java SE security patches in time.

As described in the DirX Audit Installation Guide these are the options regarding the Java environment:

  • The product must be an implementation of the Java Platform, Standard Edition
    (Java SE).

  • The related version number must be 21.0.xx.

  • It must be a 64-bit distribution.

Supported Java product is for example:

  • OpenJDK 21

For details regarding said installation options, see the chapter “Installation Prerequisites” in “Installation Configurations” in the DirX Audit Installation Guide.

Supported Apache Tomcat Installations

DirX Audit Manager supports these Apache Tomcat versions running with Java SE 21:

  • Apache Tomcat 11 version 11.0.18 or higher

Use Java SE 21 with the latest security patches installed. It is customer’s responsibility to download and install any Java SE security patches in time.

Please consider also additional steps to secure Apache Tomcat beyond the default installation. We strongly recommend considering additional measures to secure the Apache Tomcat web container by following the guidelines in https://tomcat.apache.org/tomcat-11.0-doc/security-howto.html.

Supported Databases

Product

  • Microsoft SQL Server 2019

  • Microsoft SQL Server 2022

  • Microsoft SQL Server 2025

  • Oracle Database 19c

Supported JMS Messaging Servers

DirX Audit supports the following JMS messaging server:

  • Apache ActiveMQ 6.2.0 message broker (included in the installation)

If you consider upgrading the message broker, please contact the DirX support unit.

Supported integration container

DirX Audit supports the following applications runtime:

  • Spring Boot 3.4.11 (included in the installation)

If you consider upgrading the integration container, please contact the DirX support unit.

Delivery Packages

This section provides information about DirX Audit delivery packages on the distribution media. It contains:

  • Additions

    • Sample DirX Identity and DirX Access audit message data stored in XML files and DirX Identity history snapshots stored in LDIF files in Additions/Data/SampleData.

    • Sample Java code for Digest Producer and Tag Producer in Additions/Data/SampleJava.

    • Sample authorization policies in Additions/Data/SamplePolicies.

    • A set of generated sample reports in the PDF format partly based on the DirX Identity sample domain data in Additions/Data/SampleReports.

    • XML schema for DirX Audit messages, and report definitions in Additions/Schemas/DirXAudit.

    • SQL scripts for creation of tables and their indexes and views in Additions/Scripts. Subfolder common/adm contains useful queries which for example give an overview on indexes or allow to query history entries with given or duplicate dxrUid.

  • Documentation

    • for DirX Audit

  • Installation

    • DirX Audit 9.1 installers for all supported platforms.

  • Resources

    • modified sources of Mozilla LDAP SDK.

    • sources for other third-party software that require source delivery.

Distribution Media

Software packages for all platforms are usually distributed on DVDs. All platforms are delivered together on one DVD.

In addition to the distribution medium, you must purchase separate product licenses in order to use the software packages.

Please contact your local sales representative for details on product licenses.

Resources

Each DVD ships with modified sources of the:

  • Mozilla LDAP Java SDK 4.18 (see also: http://www.mozilla.org). You can find them - along with a brief documentation of the modifications - in the folder Resources of the DVD.

User Documentation

DirX Audit User Manuals

The following manuals are available in PDF format of Adobe:

Manual File

DirX Audit Installation Guide

installation-guide.pdf

DirX Audit Migration Guide

migration-guide.pdf

DirX Audit Introduction

introduction.pdf

DirX Audit Tutorial

tutorial.pdf

DirX Audit Administration Guide

administration-guide.pdf

DirX Audit Manager Guide

audit-manager-guide.pdf

DirX Audit Command Line Interface Guide

command-line-interface-guide.pdf

DirX Audit Customization Guide

customization-guide.pdf

DirX Audit Best Practices

best-practices.pdf

DirX Audit History Synchronization Guide

history-synchronization-guide.pdf

DirX Audit Installation Preparation Checklist

installation-preparation-checklist.pdf

You need Adobe Acrobat Reader (or a similar PDF viewer) to view PDF files. For a free copy of Adobe Acrobat Reader please refer to

http://www.adobe.com/prodindex/acrobat/readstep.html

or to

http://www.adobe.com

On Windows systems, files with the suffix *.txt or .pdf can be opened by double-clicking them.

The setup also provides each document.

DirX Audit Online Help

All manuals are also available as Web Help projects available in https://docs.dirx.solutions/dirx-audit-docs/latest/index.html.

Make sure that the browser is configured to allow ActiveX controls and plugins and considers ActiveX scripts as safe.

Third Party Documentation

Third party software is delivered with its documentation.

Hardware Requirements

This section provides information about hardware requirements.

Per default you can run DirX Audit on a single machine.

For better performance we recommend separating the database to a second machine.

For optimum performance you can distribute all components (Manager, Message Broker, Server and Database) on separate machines.

RAM

At least 8 GB RAM is recommended for DirX Audit.

Disk Space

The installation requires temporarily 2.0 GB of disk space. The complete DirX Audit installation requires 1.5 GB of disk space.

For data and log files additional space is required.

At least 10.0 GB of free disk space is recommended for DirX Audit.

Software Requirements

DirX Audit 9.1 requires:

  • See the DirX Audit Installation Guide file for more information.

The DirX Audit Manager supports these types of browsers:

  • Microsoft Edge 142.0 (64-bit) or newer

  • Mozilla Firefox 140.5.0esr (64-bit) or newer

  • Google Chrome 142.0 (64-bit) or newer

For JasperReports design use TIBCO Jaspersoft Studio, but set JasperReports 6.19.0 in Window / Preferences / Jaspersoft Studio / Compatibility / Version.

Browser settings

Set the Internet Options:

  • Check the settings of Local intranet and Trusted sites, address of DirX Audit Manager and DirX Audit Server should be there (Control Panel / Internet Options / Security / Sites)

Restrictions

DirX Audit has the following restrictions.

Audit message size

There is a limit on the maximal size of the input audit message that DirX Audit Server can handle. This limit cannot be explicitly calculated because it depends on the configured environment and form of the input. In general, the size of the incoming audit message should not exceed several megabytes in original form.

For example, adding a new group with 100,000 members in DirX Identity can produce such huge messages.

DirX Audit Server stores these messages into error storage.

If all available free memory is exhausted, the DirX Audit Server can even crash. You can manually assign more memory to the DirX Audit Server container or process this input manually.

See also Known Issues section for detail on specific collectors.

Data not updated immediately

In some cases, the data is not updated immediately. For example, DB maintenance tool purges history entry data, but it is still visible in DirX Audit Manager in the History view. The reason is that the purged data is removed from the primary table, but DirX Audit Manager presents data originated in database materialized views. These views must be refreshed to reflect the change in the primary table. It is usually done automatically on a daily basis.

Compatibility

This chapter notifies about compatibility issues compared to the previous DirX Audit version.

Database Schema

Config Database

  • Database tables for storing DirX Audit Manager Classic configuration data are removed from the standard deployment.

Data Database (Audit events)

  • No database schema changes.

History Database (History entries)

  • No database schema changes.

Report Templates

Modified report templates

  • There are several modified report templates with extensions and improvements.

See the section “Update Scheduled Report Jobs” in “Manual Migration” in the Migration Guide for required steps to update scheduled report jobs when you upgrade from previous versions.

Installation

Follow the DirX Audit Installation Guide.

Upgrade installation is supported only from DirX Audit 7.1, DirX Audit 7.1 SP1, DirX Audit 7.1 SP2, DirX Audit 7.2 and DirX Audit 9.0. Please see DirX Audit Migration Guide for all required steps.

When upgrading from previous DirX Audit versions (DirX Audit 7.0 SP1 or earlier), it must be fully uninstalled, and DirX Audit 9.1 must be installed from scratch.

When the installer is started in the silent mode it runs in the background. If you need to wait for it to finish (for example in an automated script) you can achieve it by calling the installer in a separate script or by instructing the command shell to wait for the process to finish – on Windows by calling with START /WAIT, for example:

START /WAIT dirxaudt.exe [-i silent]

Documentation Changes

This chapter contains the latest documentation updates that are not contained in the official documentation on the installation media.

There is no documentation update that is not contained in the official documentation on the installation media.

Known Issues

This chapter contains already known issues.

General Issues

Services on Linux do not behave correctly

Description: Services do not behave correctly, for example graphics are incomplete and DirX Audit Manager does not work correctly.

Solution: Check permissions on installed and created files and folders. Run all DirX Audit services on Linux platforms under root account if the problem still exists.

System services do not start on Linux

Description: There are at least two system services typically installed and automatically started in default installations: DirX Audit Message Broker and one or more DirX Audit Server tenant services. The DirX Audit services on Linux might not start correctly after they have been stopped unexpectedly before, for example if process or system crashed or on power failure. The reason is that several files containing PIDs of the running processes are not deleted in such cases.

Solution: To fix the problem you must follow these steps.

Check if the related processes are not running, for example using ps command - check for java and wrapper binaries pointing to or referencing the DirX Audit installation path.

Remove the following PID files if existing for the selected service that does not start:

DirX Audit Message Broker service:
install_path/message_broker/bin/service/dirx-audit-messagebroker.pid

DirX Audit Server services:
install_path/server_container/tenants/tenant_id/bin/dirx-audit-server-tenant_id.pid

Start the relevant services.

Installation and Configuration

SSL configuration for DirX Audit Message Broker

Description: DirX Audit Message Broker does not start if SSL listener is enabled and the SSL broker was not configured correctly. SSL configuration must be prepared manually.

Solution: Do not enable SSL connector on DirX Audit Message Broker configuration page unless the SSL support is configured properly. See DirX Audit and Apache ActiveMQ documentation for the SSL configuration procedure.

The installation and uninstallation not started correctly on some newer Windows systems

Description: The installation and uninstallation are not started correctly on some newer Windows systems. After executing the installer an error window with title "Fatal Application Error" is displayed containing text "This Application has Unexpectedly Quit". If details are expanded the following text is displayed on top: "Flexeraaw2$aaa: Windows DLL failed to load".

Solution: This is a known issue in the software used for creating the installer. To fix it a new environment variable must be set to force the compatiblity with older Windows for Java applications:

JAVA_TOOL_OPTIONS="-Dos.name=Windows 7"

This variable can be set either globally for the user (via Control Panel) or only on a command-line before starting the installer
(SET JAVA_TOOL_OPTIONS="-Dos.name=Windows 7").

After this variable is set and applied the installer starts correctly.

DirX Audit Database

DirX Audit Database does not support full-text queries on Microsoft SQL Server 2025 after upgrade from previous SQL Server versions

Description: Full-text queries on Microsoft SQL Server 2025 does not work after upgrade from previous SQL Server versions. SQL Server 2025 contains rebuilt components for full-text search. Full-text search is used for searching in audit messages on the Event Detail field.

Solution: The recommended way to continue using indexes is to rebuild them with the newer components.

ALTER FULLTEXT CATALOG dxt_catalog REBUILD;

The only method to upgrade the fulltext index without rebuilding the entire catalog is to drop and recreate it.

/****** Object:  FullTextIndex [DAT_AUDITEVENTS(DETAIL)] ******/
IF EXISTS (SELECT * FROM sys.fulltext_indexes where object_id = object_id('DAT_AUDITEVENTS'))
    DROP FULLTEXT INDEX ON DAT_AUDITEVENTS
GO

CREATE FULLTEXT INDEX ON DAT_AUDITEVENTS(DETAIL) KEY INDEX PK_DAT_AUDITEVENTS
GO

DirX Audit Server

DirX Audit Server freezes during Error Handling

Description: DirX Audit Server might stop processing audit messages if an already stored error message (due to a database disconnection) fails to persist again due to a different problem.

Solution: Stop the DirX Audit Server service, move the stored error messages to a different folder, clear the error storage folder (delete it) and start the DirX Audit Server service again. The moved error messages can then be processed later by the file collectors after investigating and resolving the reason leading to the persistence error.

DirX Audit Server stops to deliver scheduled reports

Description: DirX Audit Server might stop sending generated reports due to a different problem.

Solution: Restart the DirX Audit Server service.

Collectors, scheduled jobs or fact population not started

Description: Collectors and the scheduler for jobs and fact population run within the same server container (running under DirX Audit Server service). Under some rare conditions it can happen that either collectors or scheduler (for jobs and fact population) do not start correctly, while the other one is started and runs. Fact population is enabled only when Dashboard feature is licensed.

Solution: Stop DirX Audit Server service if started. Start DirX Audit Server service. Wait approximately two minutes and check if both collectors and the scheduler (including fact population when enabled) service components were initialized and started correctly.

If this procedure does not help, repeat it.

InputStreamZippedJarVisitor warnings in the DirX Audit Server log file

Description: DirX Audit Server occasionally records an InputStreamZippedJarVisitor warning.

Solution: This record does not indicate any dysfunction. You can ignore its occurrence in the dirxaudit-server.log file.

DirX Audit Server DB connectivity is not refreshed when DB configuration is modified with the Tenant Configuration Wizard

Description: In certain cases, when DirX Audit Server service is running and a tenant’s DB configuration is modified with the Tenant Configuration Wizard, DirX Audit Server DB connectivity is not refreshed and uses the original DB connection settings.

Solution: When DB configuration is modified with the Tenant Configuration Wizard, include also the Collectors Configuration in the performed steps to force DirX Audit Server to refresh the DB connectivity.

SQL scripts are not executed when any of their predecessors fails

Description: When DirX Audit Server executes a list of SQL scripts and any of them is terminated with an exception, the execution of the rest of scripts is not started.

DirX Audit Server service does not start when database server is not available

Description: DirX Audit Server service does not start due to database connection errors. Server log contains usually the following errors in this case:

com.zaxxer.hikari.pool.HikariPool$PoolInitializationException: Failed to initialize pool: The TCP/IP connection to the host ... has failed
…
org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'reportController'

Solution: Make sure that the database server is running and the configured authentication is correct. Start the DirX Audit Server services again.

Running the history update job on an empty database for the first time logs an error message mentioning a missing DIM table

Description: When running the history update job on an empty database for the first time an error message is logged mentioning a missing DIM table.

Solution: Run the fact population job. When the history update job runs next time there are no more error messages.

DirX Audit Manager

Reports do not work on Linux

Description: A report is not created and sent or is not correctly displayed. The problem might be caused by using a font that is not available on the system, for example Microsoft core true-type fonts.

Solution: Check used fonts in the report template and use either generic types like Serif or Sans-Serif or install the required font, for example Microsoft core true-type fonts.

Audit analysis / History: Different total numbers of events could be displayed in the Audit analysis view and the History view in results

Description: Different total numbers of events could be displayed in the Audit analysis view and in the History view for the same time range and corresponding filters. This stems from the fact that History view search is based on the entry’s dxrUid matches while the Audit analysis view search is based on the entry’s name searching.

Authentication fails with many groups in LDAP

Description: When many groups are to be compared for a user’s membership, the authentication fails for exceeded limits.

Solution: Create LDAP groups used for DirX Audit application role mapping in a separate subfolder with a restricted search base.

# krb5.ini / krb5.conf
[libdefaults]
dns_lookup_kdc = false
…
[realms]
my-company.com = {
  kdc = ads.my-company.com:88
}
[domain_realm]
my-company.com = MY-COMPANY.COM
.my-company.com = MY-COMPANY.COM

Reports

Big report in the text format (txt) and plain template is not generated

Description: Huge reports configured for text format (TXT) and using plain template are not generated. An exception ArrayIndexOutOfBoundsException is logged into the log file.

Solution: Set a smaller number of rows or change the output format (use for example csv or rtf).

Picklist shows also records without a UID

Description: The picklist in the report configuration dialog can contain also records that are not stored with a UID in the database. These records are not transferred to the Selected section.

Solution: Configure your Identity Store thoroughly to prevent operations on records without providing their UID.

Picklist duplicates records for objects with different combination of descriptive attributes

Description: When an object is present in the database with more combinations of values of descriptive attribute, more records for the same object are shown in the picklist’s Found section of the report configuration dialog. Only one of them is transferred to the Selected section.

Unlocalized selection of history entry types

Description: There is an unlocalized selection of history entry type in the History Entries by Entry Type report scope configuration screen.

Overview charts are not included in HTML format reports

Description: Several reports contain an overview chart. But it is not included when the HTML format is used.

Solution: Use an alternative report format like PDF.

Warnings in the DirX Audit Server log file when generating report in XLS format

Description: DirX Audit Server records warnings when setting DocumentSummaryInformation, SummaryInformation and codepage property in generated XLS file.

Solution: These records do not indicate any dysfunction. You can ignore its occurrence in the dirxaudit-server.log file.

Collectors

DirX Identity: Huge audit messages

Description: DirX Identity can produce huge audit messages. An example is the creation of a new target system group with 100,000 members. This results in one huge audit message. You should avoid producing this type of messages.

Solution: Define account-side memberships in all target systems that shall be audited on the DirX Identity side. If this is not possible remove temporarily the relevant member attributes from the audit policy.

Valid audit messages data is considered invalid when it is a part of a set containing also invalid audit messages data

Description: When several collected audit messages have invalid xml structure, for example for a missing element attribute, the whole set, by default 10 audit messages, is directed to the 250-nonrecoverable-xml subfolder. No audit message of the set is persisted.

Solution: You can prevent this behavior by specifying the send_count = 1 in the tenant’s configuration.cfg file in the specific LDAP or File collector section.

For example, navigate to the install_path/conf/tenants/tenantid/configuration.cfg file and extend the following section with the configuration parameter send_count value set to 1.

  [server.apps.collector.file.dxi]
  …
  send_count = 1

Missing What – Lifecycle value in most DirX Identity audit messages

Description: The What – Lifecycle field is empty for most DirX Identity audit messages. It is not filled by intention as no corresponding data is provided by DirX Identity.

Fact Population

Very slow fact population for history entries and Oracle Database

Description: The fact population on the History DB deployed at the Oracle Database has low performance.

Solution: Carefully schedule the fact population out of common business hours.

Population of fact tables on history entries can be restricted only with the VALIDFROM input parameter.

Description: The fact population SQL scripts for the history entries support only the VALIDFROM input parameter. There is no support for the VALIDTO input parameter.

History Synchronization

Distinguished name value could not be synchronized by modify jobs in some specific cases

Description: When a referenced entry is moved in the directory structure, this is not reflected as a modification of the referencing entry and the modifyTimestamp attribute value is not changed for the referencing entry by DirX Directory. If there is no other modification in the referencing entry, the change is not recognized with a modify job, as modifyTimestamp value is not updated, and the new distinguished name value is not synchronized.

Solution: Execute also delete jobs on a regular basis.