Plan Qlik Sense Deployments

Plan Qlik Sense deployments
QlikSense
3.0
Copyright1993-2016QlikTechInternationalAB.Allrightsreserved.
Copyright 1993-2016 QlikTech International AB. All rights reserved.

Qlik, QlikTech, Qlik Sense, QlikView, Sense and the Qlik logo are trademarks which have been
registered in multiple countries or otherwise used as trademarks by QlikTech International AB. Other
trademarks referenced herein are the trademarks of their respective owners.
Contents
1 Introduction
1.1Conventions
Stylecoding
Environmentvariables
1.2Additionaldocumentation
2 Architecture
9
9
9
10
11
2.1Site
11
Singlenodesite
Multi-nodesite
2.2Node
11
12
13
2.3Services
13
QlikSenseRepositoryService
Paths
Metrics
RESTAPImetrics
Synchronizationmetrics
QlikSenseRepositoryDatabase
Paths
QlikSenseProxyService
Paths
Metrics
QlikSenseSchedulerService
Paths
Metrics
Tasks
Reload
Sync
QlikSenseEngineService
Paths
QlikSensePrintingService
Paths
QlikSenseServiceDispatcher
Paths
Servicedependencies
Repositorydatabase
Filesystem
Directoryservice
Startandrestartofservices
Start-upbehavior
Manualstart
Selectingthemetricstodisplay
2.4Clients
14
15
15
15
15
16
16
16
16
16
17
17
18
18
18
18
19
19
19
19
19
20
20
20
20
20
20
20
21
21
22
Hub
QlikManagementConsole
Plan Qlik Sense deployments - Qlik Sense, 3.0
22
22
Contents
QlikDeploymentConsole
2.5Apps
22
22
Defaultstorage
Portableformat
2.6Portsoverview
22
23
23
Portsusedinternallywithinanode
Portsusedbetweenuserwebbrowsersandproxies
PortsusedbetweennodesandQlikSenseservices
Minimumportsusedforcommunicationinmulti-nodesites
Portsusedbetweenmasterandslaveschedulers
Portsusedbetweenaproxynodeandanenginenode
Portsusedbetweenaproxynodeandtheprintingservice
Portsexample:Multi-nodesite
Portsexamples
Singlenodesite
Proxynodeindemilitarizedzone
Separateproxyandenginenode
Highavailabilityproxyandenginenodes
Separateschedulernodeandhighavailabilityproxyandenginenodes
Separateproxyandschedulernodesandhighavailabilityenginenodes
Genericscaleout
3 Deployment
24
25
26
26
27
27
28
28
29
29
30
30
31
32
33
34
35
3.1Deployingsinglenodesites
35
Services
3.2Deployingmulti-nodesites
35
35
36
36
Synchronization
Datatosynchronize
Entitydatasynchronization
Binarydatasynchronization
Services
Centralnode
Rimnodes
Master
Slave
Masterandslave
BrokerService
36
37
37
37
37
37
38
38
38
39
39
39
39
39
39
40
40
Contents
DataProfilingService
HubService
MigrationService
Guidelinesfordeployingmulti-nodesites
Planningyourdeployment
Amountofcontenttosynchronize
Numberofnodes
Deploymenttopology
Recommendeddeploymentprinciples
Dedicatedrolesperserver
Dedicatedhardwareforthecentralnode(largedeploymentsonly)
Appdevelopment
Synchronizeonlywhatisneeded
Networkspeedandgeographicdeployments
Deploymentsize
Exampledeploymentscenarios
Multi-nodescenario:Productiondeployment
Nodelayout
Servicesoneachnode
Configurationsteps
Multi-nodescenario:Productiondeploymentallowingdevelopment
Nodelayout
Servicesoneachnode
Configurationsteps
Multi-nodescenario:Developmentsite
Nodelayout
Servicesoneachnode
Configurationsteps
Multi-nodescenario:Geographicallydispersedsite
Nodelayout
Guidelines
4 Backing up and restoring
4.1Backingupandrestoringasite
Backingupasitemanually
Itemstobackup
Backupprocedure
Restoringasitemanually
Itemstorestore
Restoreprocedure
Knownissues
UsingtheRepositorySnapshotManager
Requirements
Systemdowntime
Location
40
40
40
40
40
40
41
41
41
41
41
41
42
42
42
43
43
43
43
44
45
45
46
47
50
50
50
51
51
51
53
54
54
54
55
55
56
56
57
59
59
59
59
59
Contents
User
Arguments
Backup
Restore
Procedures
Backup
Restore
Logfiles
Knownissues
Backupprocesscompletes"successfully"withwrongdatabasepassword
Backupprocesshangsduring"Creatinglogincredentialsfilefordatabase..."
Cannotstartserviceoncomputer
Logfilesstoredoutsidethedefaultlocations
4.2Backingupandrestoringcertificates
59
59
59
60
62
62
62
64
64
64
64
64
65
65
Backingupcertificates
Restoringcertificates
4.3Movinganode
65
75
85
5 Security
94
5.1Protectingtheplatform
94
Networksecurity
Serversecurity
Processsecurity
Ruggedsoftware
Threatanalysis
Appsecurity
5.2Authentication
94
96
97
97
97
97
98
Defaultauthenticationmodule
Certificatetrust
Architecture
Requirements
General
Communicationports
Unlockingdistributedcertificates
ConfirmingcertificatesusingMicrosoftManagementConsole
Handlingofcertificateswhenaservicestarts
Clientcertificate
Servercertificate
Rootcertificate
Definitionofinvalidcertificate
Maximumnumberoftrustedrootcertificates
Authenticationsolutions
Ticketsolution
Sessionsolution
Headersolution
99
99
99
100
100
100
101
101
101
101
102
102
103
103
103
104
105
106
Contents
SAML
HowSAMLworks
SAMLinQlikSense
Anonymoususers
5.3Authorization
107
107
107
107
107
Accesscontrol
Resourceaccesscontrol
Rules
Streams
Administratoraccesscontrol
Datareduction
5.4Securitysummary
108
108
108
109
110
110
111
Authentication
Authorization
Auditing
Confidentiality
Integrity
Availability
Securityexample:Openinganapp
6 Logging
111
111
111
111
112
112
112
114
6.1Newloggingframework
114
6.2Legacyloggingframework
114
6.3ReadingandanalyzinglogfilesinQlikSense
114
6.4Requirements
114
Securingthefilesystem
Synchronizingtime
Settingtimezone
6.5Storage
114
115
115
115
Logfolder
Archivedlogfiles
6.6Naming
115
118
118
6.7Rows
119
6.8Fields
119
Auditactivitylog
Auditsecuritylog
Servicelog
QlikSenseEngineServicelogfields
6.9Tracelogs
119
123
126
130
130
Storage
Naming
Rows
Fields
Commonfields
131
131
132
132
132
Contents
Additionalfields
Applicationlog
Auditlog
Licenselog
Performancelog
QIXperformancelog
QlikManagementConsolelog
Sessionlog
Systemlog
Taskexecutionlog
Trafficlog
6.10Configuringthelogging
135
135
136
137
137
139
140
140
141
142
142
143
Appenders
QSRollingFileAppender
Configuringtheappender
Converters
Built-inlog4netappenders
Example:EventLogAppender
Example:SmtpAppender
Locallogconfigurationfile
Requirements
XMLschema
7 Licensing
143
143
143
144
145
145
146
146
146
146
149
7.1LicenseEnablerFile
149
Increaseintokens
Decreaseintokens
7.2Accesspasses
149
149
149
Allocationofaccesspasses
Loginandlogout
Login
Logout
Removingaccesspasses
Useraccesspass
Loginaccesspass
Disconnectednode
Multi-deploymentsites
Developmentsite
Testsite
Anonymoususers
7.3Licensingmetrics
150
151
151
151
152
152
152
152
152
152
152
153
153
1 Introduction
Introduction
InordertomakethemostofQlikSense,itisrecommendedtotakethefollowingintoconsiderationwhen
planningyourdeployment:
l Architecture:QlikSensefeaturesadistributedarchitecturethatconsistsofoneormorenodes(thatis,
servermachines)thattogetherformasite.Onenodeassumestheroleofcentralnode,whichisused
asthecentralpointofcontrol.
l Deployment:QlikSensecanbedeployedindifferentwaystosuitdifferentneeds.Youcan,for
example,setupproductionsites,developmentsites,andgeographicallydispersedsites.
l Backupandrestore:ItisrecommendedtobackupyourQlikSensesiteandthecertificatesusedon
thecentralnode,sothattheyareavailableincasearestoreisneeded.
l Security:Sitescanbedeployedinanumberofways.QlikSensehasthereforebeendesignedto
supportsecurityinmanydifferentways.
l Logmessages:ThelogmessagesproducedbyQlikSenseprovideimportantinformationthatcanbe
usedtodetectsecurityincidents,operationalproblems,andpolicyviolations.
l Licensing:ThelicensinginQlikSenseisbasedontokens,whichareusedtoallocateaccesspasses
thatallowuserstoaccessQlikSense.Therearedifferenttypesofaccesspassestochoosefromand
eachtypecorrespondstoaspecificconsumptionmodelforaccessingQlikSense.
ThisdocumentisderivedfromtheonlinehelpforQlikSense.Itisintendedforthosewhowanttoreadparts
ofthehelpofflineorprintpageseasily,anddoesnotincludeanyadditionalinformationcomparedwiththe
onlinehelp.
1.1 Conventions
ThefollowingconventionsareusedinthedocumentationforQlikSense.
Stylecoding
l Menucommandsanddialogoptionsarewritteninbold.
l FilenamesandpathsarewritteninItalics.
l SamplecodeiswritteninLucida Console.
Environmentvariables
ThepathsusedinthedocumentationforQlikSensemayuseenvironmentvariables.Thevariablesandthe
equivalentpathsintheMicrosoftWindowsoperatingsystemarelistedbelow.
Environment variable
Microsoft Windows
%LocalAppData%
C:\Users\<username>\AppData\Local
%ProgramData%
C:\ProgramData
%ProgramFiles%
C:\Program Files
%UserProfile%
C:\Users\<username>
1 Introduction
1.2 Additionaldocumentation
Besidesthisdocument,thefollowingrelateddocumentationisavailableforQlikSense:
l InstallandupgradeQlikSense:DescribeshowtoinstallQlikSense.
l ManageQlikSensesites:DescribeshowtomanageaQlikSensesite.
l QlikDeploymentConsole(QDC):DescribeshowtodeployQlikSensesitesincloudcomputing
environments.
10
2 Architecture
Architecture
QlikSensefeaturesadistributedarchitecturethatconsistsofoneormorenodes(thatis,servermachines)
thattogetherformasite.Onenodeassumestheroleofcentralnode,whichisusedasthecentralpointof
control.
Eachnodeinasite:
l Hasalocalrepositoryandfilesetthatcontainsallthedatathatthenodeneedstofulfillitsrole
l Synchronizesitscontentwiththeothernodesinthesite
l Canperformadifferentrolewithinthesite
l Operatesindependently,whichincreasesthesystemresilience,reducesmaintenance,andincreases
thedeploymentflexibility
l DeploysasetofQlikSenseservices
2.1 Site
AQlikSensesiteisacollectionofoneormorenodes(thatis,servermachines)connectedtoacommon
logicalrepositoryorcentralnode.
InatypicalQlikSenseinstallation,thereisonlyoneproductionsite,whichcontainsasinglecentralnodethat
containsdatafortheentiresiteand,optionally,oneormorerimnodesthatmaybeusedtoincreasecapacity
andresilience.Allrimnodesconnectwiththecentralnode.Appdataandallnecessarymeta-dataare
synchronizedbetweenthecentralnodeandtherimnodesusingasynchronouscommunication.
Singlenodesite
Asinglenodesiteisthesmallestsitepossibleasitconsistsofasinglenode(thatis,asingleservermachine),
whichisalsothecentralnodeofthesite.
11
2 Architecture
See also:
p
Deploying single node sites (page 35)
Multi-nodesite
Inamulti-nodesite,thesiteisspreadoutacrosstwoormorenodesthatsharethesamesetofdataand
licensekey.Multi-nodesitescanbeusedformanypurposes:
l Addcapacity
l Addresilience
l Moveappsorworkloadontoaspecificnode
l Fitwithcustomernetworkdeployments
Inamulti-nodesite,eachnodehasalocalcopyofthedatathatitneedstofulfillitsrole,whichmeansthat
thenodecanoperateindependentlyintheeventofaserverornetworkfailure.Eachnodecanreadandwrite
itslocaldataandasynchronizationmechanisminQlikSensedistributesthechangestoothernodesinthe
site.
12
2 Architecture
Onenodeisconfiguredtobethecentralnode,whichisresponsibleforcontrollingthemulti-nodesite.The
centralnodeisalsothepointthroughwhichtheothernodesinthesitesynchronizetheirdata.
Thesynchronizationinamulti-nodesiteistwo-way:
l Thecentralnoderequestsupdatesfromtherimnodesevery15seconds.
l Eachrimnodeinitiatesasynchronizationsessionwiththecentralnodeevery15seconds.
Whenchangesaremadeoneachnode,theresultingtransactionsarerecordedinatransactionlog.During
thesynchronization,thelatestsetoftransactionsfromthelogissenttotheothernodesandreplayed.
Thesynchronizationisnotvisibletotheusers,whocancontinuetoworkintheirappswhilenewdatais
synchronizedinthebackground.
See also:
p
Deploying multi-node sites (page 36)
2.2 Node
AQlikSensesiteconsistsofthefollowingtypesofnodes:
l Acentralnode:Thisistheminimumconfiguration;asitealwaysincludesacentralnode
l Zeroormorerimnodes:Usedtoincreasecapacityandresilience
Aslongasthenodesinasitemeetthesystemrequirements,theoperatingsystemonthenodesmaydiffer.
EachnodeinaQlikSensesiterunsasetofQlikSenseservices.Byconfiguringwhichservicestorunona
node,itcanbesetuptoperformaspecificrole(forexample,asaproxynodeorareloadnode)withinasite.
2.3 Services
TheQlikSenseservices,whichrunontheMicrosoftWindowsoperatingsystem,canbedeployedindifferent
waysonanodetosuitdifferentdeploymentpurposes.
TheQlikSenseservicesinclude:
13
2 Architecture
l TheQlikSenseRepositoryService(QRS)managespersistenceandsynchronizationofappsand
licensing,security,andserviceconfigurationdata.TheQRSisneededbyallotherQlikSenseservices
torunandserveapps.Itattachestoarepositorydatabaseandmanagestherepositorydatabase
synchronizationinmulti-nodesites.Inaddition,theQRSstorestheappstructuresandthepathsto
thebinaryfiles(thatis,theappdatastoredinthelocalfilesystem).
l InadefaultQlikSenseinstallation,theQlikSenseRepositoryService(QRS)usestheQlikSense
RepositoryDatabase(QRD)servicetoreadandwritedataintherepositorydatabase.APostgreSQL
databaseisusedbydefault.
l TheQlikSenseProxyService(QPS)managessiteauthentication,sessionhandling,andload
balancing.
l TheQlikSenseSchedulerService(QSS)managesthescheduledreloadsofappsaswellasother
typesofreloadtriggeringbasedontaskevents.
l TheQlikSenseEngineService(QES)istheapplicationservice,whichhandlesallapplication
calculationsandlogic.
l TheQlikSensePrintingService(QPR)managesexportinQlikSense.
l TheQlikSenseServiceDispatcher(QSD)isaservicecontrollerthatisusedtolaunchandmanage
thefollowingQlikSenseservices:
l BrokerService:TheBrokerServiceactsasanintermediarybetweenservicesstartedbythe
QlikSenseServiceDispatcher(QSD).
l ChartSharingService:TheChartSharingServiceisusedtosharechartsbetweenQlikSense
users.
l DataProfilingService:TheDataProfilingServiceisusedtoaccessandmodifytheapplication
loadmodel.
l HubService:TheHubServicecontrolswhichcontentauserisallowedtosee.
l MigrationService:TheMigrationServiceensuresthatyourappscanbeusedinthecurrently
installedversionofQlikSense.
Examples: Deployment of Qlik Sense services on a node

l Complete:AnodethatincludesallQlikSenseservices.
l Proxy:AnodethatmanagesQlikSenseauthentication,sessionhandling,andloadbalancing.The
QRSandQPSareinstalled.
l Engine:AnodethatprovidestheanalyticalpowerofQlikSensetotheclient.TheQRSandQESare
installed.
l Proxyandengine:AcombinednodethatincludestheQRS,QPS,andQES.
l Scheduler:AnodethatmanagesscheduledreloadsofQlikSenseappsandothertypesofreload
triggering.TheQRS,QSS,andQESareinstalled.InordertoperformreloadstheQSSrequiresthe
QEStoberunningonthesamenode.
TheQlikSenseRepositoryService(QRS)managespersistenceandsynchronizationofappsandlicensing,
security,andserviceconfigurationdata.TheQRSisneededbyallotherQlikSenseservicestorunandserve
apps.Itattachestoarepositorydatabaseandmanagestherepositorydatabasesynchronizationinmulti-
14
2 Architecture
nodesites.Inaddition,theQRSstorestheappstructuresandthepathstothebinaryfiles(thatis,theapp
datastoredinthelocalfilesystem).
Paths
ThefollowingtableliststhepathsusedbytheQlikSenseRepositoryService(QRS).
Executable
%ProgramFiles%\Qlik\Sense\Repository\Repository.exe
Data
%ProgramData%\Qlik\Sense\Repository
%ProgramData%\Qlik\Sense\Log\Repository
Logs
See:Logging (page 114)
InadefaultQlikSenseinstallation,therepositorydatabaseisaspecificinstanceof
PostgreSQLthatrunsitsowndatabaseclusterspecificallyfortherepository.
Repository
database
AllfilesrelatedtotherepositorydatabaseinadefaultQlikSenseinstallationarestoredin
thefollowingfolder:
%ProgramData%\Qlik\Sense\Repository\PostgreSQL
Metrics
ThissectionliststhemetricsrelatedtotheQlikSenseRepositoryService(QRS).
RESTAPImetrics
ThefollowingmetricsareavailableinthePerformanceMonitorinMicrosoftWindows:
l NumberofDELETEcalls
l NumberofGETcalls
l NumberofPOSTcalls
l NumberofPUTcalls
l NumberofHTTPstatus200(OK)
l NumberofHTTPstatus201(Created)
l NumberofHTTPstatus400(Badrequest)
l NumberofHTTPstatus401(Unauthorized)
l NumberofHTTPstatus403(Forbidden)
l NumberofHTTPstatus406(Notacceptable)
l NumberofHTTPstatus409(Conflict)
l NumberofHTTPstatus415(Unsupportedmediatype)
l NumberofHTTPstatus500(Internalservererror)
l NumberofHTTPstatus503(Serviceunavailable)
Synchronizationmetrics
ThefollowingmetricsareavailableinthePerformanceMonitorinMicrosoftWindows:
15
2 Architecture
l Numberofsynchronizationsessions
l Numberofsynchronizationclients
l Synchronizationclientqueue
See also:
p
Selecting the metrics to display (page 21)
QlikSenseRepositoryDatabase
InadefaultQlikSenseinstallation,theQlikSenseRepositoryService(QRS)usestheQlikSenseRepository
Database(QRD)servicetoreadandwritedataintherepositorydatabase.APostgreSQLdatabaseisused
bydefault.
Paths
ThefollowingtableliststhepathsusedbytheQlikSenseRepositoryDatabase(QRD)service.
InadefaultQlikSenseinstallation,therepositorydatabaseisaspecificinstanceof
PostgreSQLthatrunsitsowndatabaseclusterspecificallyfortherepository.
Executable
TheQRDspawnsthePostgreSQLexecutablethatislocatedinthefollowingfolder:
%ProgramFiles%\Qlik\Sense\Repository\PostgreSQL\<database version>\bin
Data
%ProgramData%\Qlik\Sense\Repository\PostgreSQL
Logs
TherearenologsfortheQRDservice.
TheQlikSenseProxyService(QPS)managessiteauthentication,sessionhandling,andloadbalancing.
Paths
ThefollowingtableliststhepathsusedbytheQlikSenseProxyService(QPS).
Executable
%ProgramFiles%\Qlik\Sense\Proxy\Proxy.exe
Data
%ProgramData%\Qlik\Sense\Proxy
%ProgramData%\Qlik\Sense\Log\Proxy
Logs
Metrics
ThissectionliststhemetricsrelatedtotheQlikSenseProxyService(QPS).Thefollowingmetricsare
availableinthePerformanceMonitorinMicrosoftWindows:
16
2 Architecture
l ActiveConnections:Thenumberofactiveconnections(inanyformorshape)fromtheclient.
Aconnectionisastream(thatis,asocket)betweenaQlikSenseclientandtheQlikSenseProxy
Service(QPS).Thisstreamisoftenconnectedtoanotherstream,whichrunsfromtheQPStothe
QlikSenseRepositoryService(QRS)ortheQlikSenseEngineService(QES).Thetwostreamsallow
theclienttocommunicatewiththeQRSortheQES.
l ActiveStreams:Thenumberofactivedatastreams(thatis,sockets),eitherfromthebrowsertothe
QPSorfromtheQPStotheQRSortheQES.
l ActiveSessions:ThenumberofactivesessionsintheQPS.
AQlikSenseusergetsaproxysessionwhentheuserhasbeenauthenticated.Thesessionis
terminatedafteracertainperiodofinactivity.
l LoadBalancingDecisions:Thenumberofuserswhocurrentlyhaveatleastoneenginesession.
l PrintingLoadBalancingDecisions:ThenumberofuserswhohavebeenloadbalancedtotheQlik
SensePrintingService(QPR).
l Tickets:Thenumberofissuedloginticketsthathavenotyetbeenconsumed.
l ActiveClientWebsockets:ThenumberofactiveWebSocketsbetweentheclientandtheQPS.
l ActiveEngineWebsockets:ThenumberofactiveWebSocketsbetweentheQPSandthetargetQlik
Senseservice.
The metrics are also available as entries in the Performance log for the QPS.
See also:
p
p
Performance log (page 137)

TheQlikSenseSchedulerService(QSS)managesthescheduledreloadsofappsaswellasothertypesof
reloadtriggeringbasedontaskevents.
Paths
ThefollowingtableliststhepathsusedbytheQlikSenseSchedulerService(QSS).
Executable
%ProgramFiles%\Qlik\Sense\Scheduler\Scheduler.exe
Data
%ProgramData%\Qlik\Sense\Log\Scheduler
Logs
17
2 Architecture
Metrics
ThissectionliststhemetricsrelatedtotheQlikSenseSchedulerService(QSS).Thefollowingmetricsare
availableinthePerformanceMonitorinMicrosoftWindows:
l Numberofconnectedslaves
l NumberofQlikSenseEngineService(QES)instancesthatarerunningonaslave(thismetricisonly
availableonthenodewheretheQESinstancesrun)
l Numberofrunningprocesses
l Numberofrunningtasksasunderstoodbythemaster
l Numberofrunningtasksontheslave
l Numberoftaskmessagesthathavebeendispatchedbytheslave
l Numberoftaskmessagesthathavebeenreceivedbythemaster
l Numberoftaskretries
l Numberoftasksthathavecompletedsuccessfullywhenexecutedbytheslave
l Numberoftasksthathavefailedwhenexecutedbytheslave
l Numberoftasksthatthemasterhasacknowledgedascompleted
l Numberoftasksthatthemasterhasacknowledgedasfailed
l Numberoftimesthatthesettingshavebeenupdated
l Numberoftasksthathaveattemptedtostart
l Numberoftasksthathaveattemptedtostop
See also:
p
Tasks
Tasksareusedtoperformawidevarietyofoperationsandcanbechainedtogetherinanyarbitrarypattern.
ThetasksarehandledbytheQlikSenseSchedulerService(QSS)andmanagedintheQlikManagement
Console(QMC).
See:Qlik Management Console (page 22)
Reload
Thereloadtaskisusedtofullyreloadthedatainanappfromthesource.Anyolddataisdiscarded.
Sync
Withinamulti-nodesite,oneinstanceoftheQlikSenseRepositoryService(QRS)runsoneachnode.The
QRSrunningonthecentralnodeisconsideredtobethemaster.ThemasterQRShasdirectaccesstothe
centralrepositorydatabase,whereastheotherQRSsonlyhaveaccesstoalocalrepositorydatabaseonthe
nodewheretheyarerunning.ThemasterQRSsynchronizesthecentralrepositorydatabaseandthelocal
repositorydatabases.
18
2 Architecture
Thesynctaskisusedtoschedulethesynchronizationofthecentralrepositorydatabaseandthelocal
repositorydatabaseswithinamulti-nodesite.
TheQlikSenseEngineService(QES)istheapplicationservice,whichhandlesallapplicationcalculations
andlogic.
Paths
ThefollowingtableliststhepathsusedbytheQlikSenseEngineService(QES).
Executable
%ProgramFiles%\Qlik\Sense\Engine\Engine.exe
Data
%ProgramData%\Qlik\Sense\Engine
%ProgramData%\Qlik\Sense\Log\Engine
Logs
%ProgramData%\Qlik\Sense\Engine\Settings.ini
Configuration
ThisfilecontainstheQESsettings.Thefileiscreatedwhentheservicefirstruns.
TheQlikSensePrintingService(QPR)managesexportinQlikSense.
Paths
ThefollowingtableliststhepathsusedbytheQlikSensePrintingService(QPR).
Executable
%ProgramFiles%\Qlik\Sense\Printing\Printing.exe
Data
%ProgramData%\Qlik\Sense\Printing
%ProgramData%\Qlik\Sense\Log\Printing
Logs
TheQlikSenseServiceDispatcher(QSD)isaservicecontrollerthatisusedtolaunchandmanagethe
followingQlikSenseservices:
l BrokerService:TheBrokerServiceactsasanintermediarybetweenservicesstartedbytheQlik
SenseServiceDispatcher(QSD).
l ChartSharingService:TheChartSharingServiceisusedtosharechartsbetweenQlikSenseusers.
l DataProfilingService:TheDataProfilingServiceisusedtoaccessandmodifytheapplicationload
model.
l HubService:TheHubServicecontrolswhichcontentauserisallowedtosee.
19
2 Architecture
l MigrationService:TheMigrationServiceensuresthatyourappscanbeusedinthecurrentlyinstalled
versionofQlikSense.
Paths
ThefollowingtableliststhepathsusedbytheQlikSenseServiceDispatcher(QSD)andtheservicesthatare
launchedandmanagedbytheQSD.
l QSD:%ProgramFiles%\Qlik\Sense\ServiceDispatcher\ServiceDispatcher.exe
Executables
l ServicesthatarelaunchedandmanagedbytheQSD:
%ProgramFiles%\Qlik\Sense\ServiceDispatcher\node\node.exe
l BrokerService:%ProgramData%\Qlik\Sense\Log\BrokerService
l ChartSharingService:%ProgramData%\Qlik\Sense\Log\QlikSenseCharts
l DataProfilingService:%ProgramData%\Qlik\Sense\Log\DataProfiling
Logs
l HubService:%ProgramData%\Qlik\Sense\Log\HubService
l MigrationService:%ProgramData%\Qlik\Sense\Log\AppMigration
Servicedependencies
ThissectiondescribesthedependenciesrelatedtotheQlikSenseservices(forexample,dependencieson
theoperatingsystemandothersoftware).
Repositorydatabase
TheQlikSenseRepositoryService(QRS)connectstotherepositorydatabasetostoreandretrievedata
necessaryfortheQlikSenseservicesonthenodeonwhichtheQRSisrunning.InadefaultQlikSense
installation,theQlikSenseRepositoryService(QRS)usestheQlikSenseRepositoryDatabase(QRD)
servicetoreadandwritedataintherepositorydatabase.APostgreSQLdatabaseisusedbydefault.
Filesystem
ThefilesystemstoresthebinaryfilesfortheQlikSenseapps.
Directoryservice
TheQRSandQlikSenseProxyService(QPS)communicatewithaconfigureddirectoryservice(for
example,MicrosoftActiveDirectory)using,forexample,LDAPorODBC.
Startandrestartofservices
Normally,theQlikSenseservicesarestartedautomaticallyonanode.
Start-upbehavior
TheQlikSenseRepositoryDatabase(QRD)andQlikSenseRepositoryService(QRS)arestartedfirst.
WhenanyotherQlikSenseservicestarts,itcontactsitslocalQRStogetconfigurationparameters.Ifthe
serviceisnot(yet)configuredtorun,itperiodicallychecksbackwiththelocalQRS.
20
2 Architecture
Manualstart
Iftheservicesarestartedmanually,makesuretostarttheminthefollowingorder:
The user that installs and runs the Qlik Sense services must be local administrator on the
machine.
a. QlikSenseRepositoryDatabase(QRD)
b. QlikSenseRepositoryService(QRS)
c. QlikSenseProxyService(QPS),QlikSenseEngineService(QES),QlikSenseSchedulerService
(QSS),QlikSensePrintingService(QPR),andQlikSenseServiceDispatcher(QSD)innospecific
order
TheorderisimportantbecausetheQRSisdependentontheQRDandtherestoftheservicesaredependent
ontheQRS.
Selectingthemetricstodisplay
ProceedasfollowstoselectwhichmetricstodisplayfortheQlikSenseservicesinthePerformanceMonitor
inMicrosoftWindows:
1. SelectStart> Run.
2. EnterperfmonandclickOK.
3. ExpandMonitoring Toolsintheleftpanel.
4. SelectPerformance Monitor.
ThePerformanceMonitorisdisplayedintherightpanel.
5. Clickthe+(plus)iconinthetoolbaratthetopofthePerformanceMonitor.
TheAdd Countersdialogisdisplayed.
6. SelectthemachinetoaddcountersfromintheSelect counters from computer:drop-downlist.
TheAvailable counterslistispopulatedwithcounters.
7. LocatethefollowingcountersetsintheAvailable counterslist:
l QlikSenseProxyService
l QlikSenseRepositoryService-RESTAPI
l QlikSenseRepositoryService-Synchronization
l QlikSenseSchedulerService
8. Clickthe+(plus)signnexttoacountersettoexpandtheset.
9. SelectthecounterstodisplayinthePerformanceMonitor.
10. ClickAdd >>toaddthecountersinthePerformanceMonitor.
TheaddedcountersarelistedintheAdded counterslist.
21
2 Architecture
11. ClickOK.
TheaddedcountersaredisplayedinthePerformanceMonitor.
2.4 Clients
TheclientsareusedtocommunicateandinteractwithQlikSensesites.
Hub
ThehubisusedtoaccessandpublishappsinQlikSense.Thehubrunsinawebbrowser,sonosoftware
installationisrequired.
Onceestablished,thehubtrafficonlyinvolvesarimnode(unlessthesiteisasinglenodesite)andthehub.
QlikManagementConsole
TheQlikManagementConsole(QMC)isusedforconfigurationandadministrationofaQlikSensesite.
TheQMConlycommunicateslogicallywiththecentralnode.Thismeansthat:
l TheQMCalwaysusestheQlikSenseProxyService(QPS)onthecentralnode.
l Formaximumperformancewithinamulti-nodesite,itisrecommendednottoallowanyusertrafficon
thecentralnode.
QlikDeploymentConsole
TheQlikDeploymentConsole(QDC)isusedtocreateandmanageQlikSensesitesthataredeployedin
cloudcomputingenvironments.
UsingtheQDC,youcan:
l CreateandmanageQlikSensesites
l IncorporateexistingsitesforuseintheQDC
l Create,manage,clone,anddeletenodesinQlikSensesitesthataredeployedincloudcomputing
environments
2.5 Apps
AQlikSenseappisacollectionofreusabledataitems(measures,dimensions,andvisualizations),sheets,
andstories.Itisaself-containedentitythatincludesthedatatoanalyzeinastructureddatamodel.
TheappsreplacethedocumentsthatareusedinQlikView.
Defaultstorage
Bydefault,appsarestoredasfollows:
l Repositorydatabase:Containstheappstructure,includingthepathstothebinaryfilesinthelocalfile
system.Thisdataisreferredtoasentitydataandisusuallysmallinsize.
22
2 Architecture
l Localfilesystem:Storestheappdataasbinaryfiles.Thesefilesarereferredtoasbinarydataandthe
datamodelelementofthefilescanbelargeinsize.Thefilesarebydefaultstoredin
%ProgramData%\Qlik\Sense\Apps.
Portableformat
AnappcanbestoredinthelocalfilesystemintheproprietaryQVFformat,whichisaportableformat.
Asingleappisstoredas<App name>.qvf.
For an app to run in Qlik Sense, it must be stored in the repository database.
2.6 Portsoverview
QlikSenseusesportsforcommunicationbetweenwebbrowsers(users)andproxies,andbetweenservicesin
bothinternalandmulti-nodedeployments.
ThissectionprovidesanoverviewoftheportsthatareusedinQlikSense.
23
2 Architecture
Portsusedinternallywithinanode
TheportsinthefollowingtableareusedbetweenQlikSenseservicesthatrunonthesamenode.Theports
donothavetobeopenthroughanyfirewalls.
Service
Port
Direction
Purpose
QPS
4243
Inbound
QlikSenseProxyService(QPS)RESTAPIlistenport.
Ifwebticketingisusedforsecurity,thisportisusedbythesoftwareor
servicethatrequeststicketsforusers.I fthesoftwareorserviceisremote,
thisportneedstobeopentothelocationfromwhichitiscalled.
QRD
4432
Internal
DefaultlistenportfortheQlikSenseRepositoryDatabase(QRD).
TheportisusedtolistenforconnectionsfromtheQlikSenseRepository
Service(QRS).
24
2 Architecture
Migration 4545
Service
Internal
ThisportisusedbytheMigrationServiceforappmigrationpurposes.
TheserviceislaunchedandmanagedbytheQlikSenseService
Dispatcher(QSD)whenrequired.
TheMigrationServiceonlyrunsonthecentralnode.
Chart
Sharing
Service
4555
Internal
ThisportisusedbytheChartSharingServiceforchartsharingbetween
QlikSenseusers.TheserviceislaunchedandmanagedbytheQlik
SenseServiceDispatcher(QSD)whenrequired.
ThisportusesHTTPSforcommunication.
QRS
4570
Internal
Certificatepasswordverificationport,onlyusedwithinmulti-nodesitesby
QlikSenseRepositoryServices(QRSs)onrimnodestoreceivethe
passwordthatunlocksadistributedcertificate.Theportcanonlybe
accessedfromlocalhostanditisclosedimmediatelyafterthecertificate
hasbeenunlocked.Thecommunicationisalwaysunencrypted.
QES
4748
Internal
ThiscallbackportisusedbytheQlikSenseRepositoryService(QRS)for
sendingHTTPeventstotheQlikSenseEngineService(QES).
Broker
Service
4900
Internal
DefaultlistenportfortheBrokerService.
Hub
Service
9028
Internal
DefaultlistenportfortheHubService.
Portsusedbetweenuserwebbrowsersandproxies
ThedefaultportsareexposedtotheQlikSenseusersandneedtobeopenthroughanyfirewallstoeachQlik
SenseProxyService(QPS)inthesite.
Service
Port
Direction
Purpose
QPS
443
Inbound
InbounduserwebtrafficwhenusingHTTPS.
QPS
4244
Inbound
AuthenticationportwhenusingWindowsauthenticationoverHTTPS.
QPS
80
Inbound
InbounduserwebtrafficwhenusingHTTP(optional).
QPS
4248
Inbound
AuthenticationportwhenusingWindowsauthenticationoverHTTP
(optional).
25
2 Architecture
PortsusedbetweennodesandQlikSenseservices
TheportsinthissectionareusedforcommunicationbetweentheQlikSenseservices.
Inasinglenodesite,allportslistedinthissectionareusedbythevariousservices,butdonotneedaccess
throughfirewalls.
Inamulti-nodesite,theportsinusevarydependingontheservicesinstalledandrunningoneachnode.The
portsneedtobeopeninanyfirewallsbetweenthenodes,butdonothavetobeopentotheQlikSenseusers.
Minimumportsusedforcommunicationinmulti-nodesites
Thefollowingportsmustalwaysbeopenbetweenthenodesinamulti-nodesite.Theportsmustbeopento
allowforsynchronization,servicehealth,andsomespecificoperations.
Service
Port
Direction
Purpose
QRS
4241
Bi-directional
betweenall
nodes
Communicationportwithinmulti-nodesitesforQlikSenseRepository
Service(QRS)-to-QRSsynchronization.
ThisportusesHTTPSforcommunication.
QRS
4242
Bi-directional
betweenthe
centralnode
andallproxy
nodes
Thisportisusedforanumberofoperationsincludingnewuser
registration.
QRS
4444
Betweenthe
centralnode
andallrim
nodes
Thisporthastwofunctions:
l Securitydistributionport,onlyusedbyQlikSenseRepository
Services(QRSs)onrimnodestoreceiveacertificatefromthe
masterQRSonthecentralnode.Thecommunicationisalways
unencrypted,butthetransferredcertificatepackageis
password-protected.
l QlikSenseRepositoryService(QRS)stateport,usedtofetch
thestateofaQRSinaQlikSensesite.Thestateisfetched
usinghttp://localhost:4444/status/servicestate.
Thereturnedstateisoneofthefollowing:
l 0:Initializing.Oncethenodehasbeeninitialized,the
nodestatechangesintooneoftheotherstates.
l 1:Certificatesnotinstalled.Therearenocertificates
installedonthenode.Thenodestaysinthisstateuntil
ithasreceivedthecertificateandthecertificate
password.
l 2:Running.ThenodeisupandrunningandallAPIs
havebeeninitiated.
26
2 Architecture
Portsusedbetweenmasterandslaveschedulers
TheportsinthefollowingtableareusedwhenaslaveQlikSenseSchedulerService(QSS)isused.
Service
Port
Direction
Purpose
QSS
5050
Inbound(from
schedulernodes
only)
ThisportisusedbythemasterQSSonthecentralnodetoissue
commandstoandreceiverepliesfromslaveQSSnodes.
QSS
5151
Inbound(fromthe
centralnodeonly)
AslaveQSSrunsonaslaveschedulernodeandisaccessedonly
bythemasterQSSonthecentralnode.
Portsusedbetweenaproxynodeandanenginenode
Theportsinthefollowingtabledefinetheminimumneededtoallowregularusertrafficandloadbalancing
betweenaproxynodeandanenginenode.
Service
Port
Direction
Purpose
QES
4747
Inbound
(from
proxy
nodes)
QlikSenseEngineService(QES)listenport.Thisisthemainportusedby
theQES.
TheportisusedviatheQlikSenseProxyService(QPS)for
communicationwiththeQlikSenseclients.
27
2 Architecture
QRS
QRS
4239
4242
Data
4949
Profiling
Service
Inbound
(from
proxy
nodes)
QlikSenseRepositoryService(QRS)WebSocketport.
Inbound
(from
proxy
nodes)
QlikSenseRepositoryService(QRS)RESTAPIlistenport.
Inbound
(from
proxy
nodes)
ThisportisusedbytheDataProfilingServicewhenaccessingand
modifyingtheapplicationloadmodel.Theserviceislaunchedand
managedbytheQlikSenseServiceDispatcher(QSD)whenrequired.
TheportisusedviatheQlikSenseProxyService(QPS)bytheQlikSense
hubtoobtainappsandstreamlists.
ThisportismainlyaccessedbylocalQlikSenseservices.However,the
portmustbeopentoallproxynodesinamulti-nodesitetodeliverimages
andstaticcontent.
TheportisaccessviatheQlikSenseProxyService(QPS).
Portsusedbetweenaproxynodeandtheprintingservice
TheQlikSensePrintingService(QPR)maybeinstalledonthesamenodeasotherservicesoronaseparate
node.TheportsinthefollowingtablemustbeaccessiblebetweenaQPSandallQPRstowhichtheQPS
canloadbalancetraffic.
Service
Port
Direction
Purpose
QPR
4899
Inbound(from
proxynodes)
QlikSensePrintingService(QPR)port.
ThisportisusedforprintedexportinQlikSense.Theportis
accessedbyanynodethatrunsaQPS.
Portsexample:Multi-nodesite
Thefollowingisanexampleoftheportsthatareusedinamulti-nodesitethatconsistsoffivenodes.
28
2 Architecture
Portsexamples
ThissectionprovidesexamplesoftheportsthatareusedindifferentQlikSensedeployments.
ThefollowingiconsrepresenttheQlikSenseservicesdeployedoneachnode:
Singlenodesite
Thisexampleshowstheportsthatareusedinasinglenodesite.
See:Single node site (page 11)
29
2 Architecture
Proxynodeindemilitarizedzone
Thisexampleshowstheportsthatareusedinamulti-nodesitewhendeployingaproxynodeina
demilitarizedzone.
Separateproxyandenginenode
Thisexampleshowstheportsthatareusedinamulti-nodesitewhendeployingaseparateproxyandengine
node.
30
2 Architecture
Highavailabilityproxyandenginenodes
Thisexampleshowstheportsthatareusedinamulti-nodesitewhendeployingmorethanoneproxyand
enginenode.
31
2 Architecture
Separateschedulernodeandhighavailabilityproxyandenginenodes
Thisexampleshowstheportsthatareusedinamulti-nodesitewhendeployingaseparateschedulernode
andmorethanoneproxyandenginenode.
32
2 Architecture
Separateproxyandschedulernodesandhighavailabilityenginenodes
Thisexampleshowstheportsthatareusedinamulti-nodesitewhendeployingseparateproxyandscheduler
nodesandmorethanoneenginenode.
33
2 Architecture
Genericscaleout
Thisexampleshowstheportsthatareusedinamulti-nodesitewhenscalingthesitebyaddingadditional
proxy,engine,orschedulernodes.
34
3 Deployment
Deployment
TheQlikSensearchitectureisbasedontheconceptofsites.AQlikSensesiteisacollectionofoneormore
nodes(thatis,servermachines)connectedtoacommonlogicalrepositoryorcentralnode.
QlikSensecanbedeployedinmanyways.Thissectiondescribesdifferentdeploymentscenarios.
3.1 Deployingsinglenodesites
Inthisdeploymentscenario,allQlikSenseservicesrunonasinglenode.Thiskindofdeploymentworksbest
inasingletimezone,wherereloadsofdatacanbedoneduringthenight.
See also:
p
Single node site (page 11)
Services
ThissectiondescribeshowtheQlikSenseservicesbehavewhendeployedinsinglenodesites.
Withinasinglenodesite,thereisonlyoneinstanceoftheQlikSenseRepositoryService(QRS)runningand
ithasdirectaccesstothecentralrepositorydatabase.
35
3 Deployment
Whendeployedinasinglenodesite,theQlikSenseSchedulerService(QSS)actsasbothmasterandslave.
See:Master and slave (page 39)
3.2 Deployingmulti-nodesites
Inamulti-nodesite,thesiteisspreadoutacrosstwoormorenodesthatsharethesamesetofdataand
licensekey.
Thebasicstepsfordeployingamulti-nodesiteareasfollows:
1. Planthenodesthatareneededinthedeployment.
2. Installthefirstnodeinthesite.Thisnodebecomesthecentralnode,whichcontainsallappsthatare
needed.
See:InstallandupgradeQlikSense
3. Installanadditionalnodeasarimnode.
4. IntheQlikManagementConsole(QMC)onthecentralnode,addthenewnodetothesite.
See:ManageQlikSensesites
5. Waitforthefirstsynchronizationtocompleteandthentestthenewnode.
6. Continuetoinstalladditionalrimnodesoneatatimeasdescribedinstep3untilthemulti-node
siteiscomplete.
If you are installing custom connectors in a multi-node setup, the custom connectors must be
installed on each node.
See also:
p
Multi-node site (page 12)
Synchronization
Thesynchronizationinamulti-nodesiteistwo-way:
l Thecentralnoderequestsupdatesfromtherimnodesevery15seconds.
l Eachrimnodeinitiatesasynchronizationsessionwiththecentralnodeevery15seconds.
Whenchangesaremadeoneachnode,theresultingtransactionsarerecordedinatransactionlog.During
thesynchronization,thelatestsetoftransactionsfromthelogissenttotheothernodesandreplayed.
Thesynchronizationisnotvisibletotheusers,whocancontinuetoworkintheirappswhilenewdatais
synchronizedinthebackground.
36
3 Deployment
Datatosynchronize
Therearetwotypesofdatathatneedtobesynchronized:
l Entitydata:Therepositorydatabasecontainsthesystemconfigurationandallmetadataaboutapps.
Thisdataisreferredtoasentitydataandisusuallysmallinsize.Therepositorydatabaseiscontrolled
bytheQlikSenseRepositoryService(QRS).
l Binarydata:Theappdatafilescontainthedatamodelsandappdefinitions.Thesefilesarereferred
toasbinarydataandthedatamodelelementofthefilescanbelargeinsize.Theappdatafilesare
controlledbytheQlikSenseEngineService(QES).
Entitydatasynchronization
Ifthetransactionlogonlycontainsentitydata(thatis,changesintherepositorydatabase),anentitydata
synchronizationisperformed.Thechangesareappliedimmediatelyintherepositorydatabaseonthe
receivingnode.Ifaconflictoccurs,thelatesttransactionisused.
Example:
Auserconsumesalicenseonarimnode.Therecordiscommittedtotherepositorydatabaseanda
transactionisrecordedinthelog.Duringthenextsynchronization,thecentralnodeaskstherimnodeforits
latesttransactionsandappliesthemtoitslocaldatabase.Therestoftherimnodesgetthesameupdate
fromthecentralnodeduringtheirnextsynchronization.
Binarydatasynchronization
Ifthetransactionlogcontainsbinarydata(thatis,changestoappdatafiles),abinarydatasynchronization,
duringwhichthereceivingnodeobtainstheupdateddata,isinitiated.Theentireappdatafiledoesnothave
tobecopied,justthecomponentsthathavechanged.Thismeansthatsmalledits(forexample,anewsheet
inanapp)aresynchronizedquicklyandindependentlyfromalargeedits(forexample,adatamodelthatis
synchronizedafterareload).Duringbinarydatasynchronization,thenodesusepeer-to-peerreplicationto
speedupthesynchronizationoflargeappsandpreventnetworkbottlenecks.
Example:
Anappisreloadedonarimnode.Duringthenextsynchronization,thecentralnodechecksthetransaction
logandinitiatesabinarydatasynchronization.Therestoftherimnodesgetthesameupdateduringtheir
nextsynchronizationwiththecentralnode.However,therimnodescanobtainthebinarydatanotjustfrom
thecentralnode,butfromanyrimnodethatalreadyhastheupdates.
Services
ThissectiondescribeshowtheQlikSenseservicesbehavewhendeployedinmulti-nodesites.
TheQlikSenseRepositoryService(QRS)behavesdifferentlydependingonifitisdeployedonthecentral
nodeoronarimnode.
37
3 Deployment
Centralnode
Withinamulti-nodesite,oneinstanceoftheQlikSenseRepositoryService(QRS)runsoneachnode.The
QRSrunningonthecentralnodeisconsideredtobethemaster.ThemasterQRShasdirectaccesstothe
centralrepositorydatabase,whereastheotherQRSsonlyhaveaccesstoalocalrepositorydatabaseonthe
nodewheretheyarerunning.ThemasterQRSsynchronizesthecentralrepositorydatabaseandthelocal
repositorydatabases.
WhenthemasterQRSstarts,itconnectstothecentralrepositorydatabase.Ifnodatabaseexists,themaster
QRSbuildsthedatabaseandpopulatesitwithinitialdata.InadefaultQlikSenseinstallation,therepository
databaseisaspecificinstanceofPostgreSQLthatrunsitsowndatabaseclusterspecificallyforthe
repository.
Rimnodes
WhentheQlikSenseRepositoryService(QRS)onarimnodestarts,itconnectstothelocalrepository
databaseonthenode.Ifnolocalrepositorydatabaseexists,theQRSwaitsuntilitcommunicateswiththe
centralnode.
InadefaultQlikSenseinstallation,therepositorydatabaseisaspecificinstanceofPostgreSQLthatrunsits
owndatabaseclusterspecificallyfortherepository.
Onthecentralnodeinamulti-nodesite,itisrecommendedtohaveadedicatedQlikSenseProxyService
(QPS)thatisusedspecificallyfortheQlikManagementConsole(QMC)andnotforthehub.
See also:
p
Clients (page 22)
38
3 Deployment
Dependingonthetypeofdeployment,theQlikSenseSchedulerService(QSS)runsasmaster,slave,or
bothonanode.
Master
ThereisonlyonemasterQlikSenseSchedulerService(QSS)withinasiteanditisalwayslocatedonthe
centralnode,wherethemasterQlikSenseRepositoryService(QRS)runs.Thismeansthatthecentralnode
musthavetheQlikSenseSchedulerService(QSS)installedevenifmoreQSSnodesareadded.Thisis
becausetheQSSonthecentralnodecoordinatesallQSSactivitieswithinthesite.
ThemasterQSShandlesalltaskadministration(forexample,whichtaskstoexecuteandwhentoexecutea
specifictask).Whenthetimecomestoexecuteatask,themasterQSSsendsthetaskIDtoaslaveQSS
withinthesite.WhichslaveQSStodistributethetaskIDtoisdeterminedbyaloadbalancingoperation
performedbythemasterQSS.
WhenaslaveQSScompletesatask,itreturnsthetaskstate(successfulorfail)tothemasterQSS.The
masterQSSusesthetaskstatetoperformtaskchaining,whichmeansthatitusesthetaskstateto
determineifothereventsareaffectedbythestateofthecompletedtaskandneedtobeexecuted.Thiscan
beconfiguredintheQlikManagementConsole(QMC).
IftheslaveQSSfailstoperformthetask,themasterQSSrepeatedlyrequeststhesameoranotherslave
QSStoperformthetaskuntilithasbeencompletedoruntilthemaximumnumberofattemptshasbeen
reached.
Slave
IfaQlikSenseSchedulerService(QSS)runsonarimnode,theQSSisconsideredtobeaslaveQSS.
WhenreceivingataskIDfromthemasterQSS,theslaveQSSreadsthetaskfromthelocalrepository
databaseandexecutesthetask.
WhenaslaveQSScompletesatask,itreturnsthetaskstate(successfulorfail)tothemasterQSS.
Masterandslave
Withinasinglenodesite,themasterQlikSenseSchedulerService(QSS)alsoactsasaslaveQSS.
Onthecentralnodeinamulti-nodesite,itisrecommendedtohaveadedicatedQlikSenseEngineService
(QES)thatisusedspecificallyfortheQlikManagementConsole(QMC)andnotforthehub.
Withinamulti-nodesite,oneinstanceoftheQlikSensePrintingService(QPR)runsoneachnode.
Exportrequestsfromclientsaredirectedtotheprintingservicesinthemulti-nodesiteusingroundrobinload
balancing.Forexample,ifthefirstexportrequestisloadbalancedtotheQPRonnode1,thesecondexport
requestisloadbalancedtotheQPRonnode2,andsoon.
39
3 Deployment
BrokerService
TheBrokerServiceactsasanintermediarybetweenservicesstartedbytheQlikSenseServiceDispatcher
(QSD).
TheserviceislaunchedandmanagedbytheQlikSenseServiceDispatcher(QSD)whenrequired.
DataProfilingService
TheDataProfilingServicecommunicatesdirectlywiththeQlikSenseEngineService(QES)onthenode.
HubService
TheHubServicecontrolswhichcontentauserisallowedtosee.
MigrationService
TheMigrationServiceonlyrunsonthecentralnodeinasite.
Guidelinesfordeployingmulti-nodesites
Thissectionprovidesguidanceonwhattoconsiderwhenplanninganddesigningmulti-nodesites.
Planningyourdeployment
Whenplanningthedeploymentofamulti-nodesitetheareasdescribedinthissectionneedtobe
investigated.
Amountofcontenttosynchronize
Eachnodethatservesanappneedsacopyoftheentiredatamodellocallybeforeitcanallowusersaccess.
Eachtimetheappisreloadedthechangeddataissynchronized.
Thismeansthatthefactorsthataffectthetotalvolumetosynchronizeare:
l Thenumberofapps
l Thesizeoftheapps
l Thereloadfrequencyoftheapps(andspreadovertime)
Multipleappscanbesynchronizedsimultaneously.Ifanappisreloadedfasterthanitcanbesynchronizedto
theothernodes,thesynchronizationiscanceledandstartsover.
Basedontheinformationabove,itispossibletocalculatetheamountofdatathatneedstobesynchronized
eachhour.Thishastobecomparedtotheamountofdatathatcanbemovedeachhour,whichisaffectedby
factorssuchasnetworkspeed,thenumberofnodes,andtheQlikSensesoftwareitself.
40
3 Deployment
QVD files are not included in the synchronization and should not be considered as part of the
total.
Numberofnodes
Thenumberofnodesneededinamulti-nodesitedependsonwhetheryouwanttospreadtheloadover
fewer,butlarger,serversorovermore,butsmaller,servers.BecauseofthesynchronizationinQlikSense
usingfewer,butlarger,serversrequireslesssynchronizationtraffic.Theroleofeachserveralsoneedstobe
considered.
Deploymenttopology
QlikSenseisflexiblewhenitcomestohowthenodesarelaidoutandsupportsdifferentneedsforscale,
security,geography,andresilience.Inaddition,thesynchronizationrulescanbeusedtoconfiguretheroleof
eachnodeandthecontentthatitservestotheusers.Therequirementsforthisshouldbeidentifiedwhen
planningthetopologyofthedeployment.
Recommendeddeploymentprinciples
Itisrecommendedtoconsidertheprinciplesdescribedinthissectionwhenplanningthedeploymentofa
multi-nodesite.
Dedicatedrolesperserver
Itisrecommendedtogiveeachnodeaspecificrolewithinthedeploymentasthisallowsforbetterplanningof
resourcesandensuresconsistentperformancefortheusers.Forexample,specifyifanodeistorun
scheduledreloadsorservecontenttousers.
Dedicatedhardwareforthecentralnode(largedeploymentsonly)
Inlargemulti-nodesites,thecentralnodetakesontheloadofdistributingcontenttotherimnodes.
Dependingontheusage,itmaybegoodtodedicateresourcesforthecentralnode,sothatitdoesnothave
tocompeteforresourceswithuserorreloadtraffic.Theserverusedforthecentralnodecouldalsobea
candidateforvirtualization.
Appdevelopment
AppscanbedevelopedusingQlikSenseDesktoporinaQlikSenseserverenvironment.Thelatterprovides
advantagesintermsofdatagovernance,security,performance,andcollaboration.
Thedevelopmentofappsinvolvesbuildingloadscriptsandrunningreloadswhilebuildingthedatamodeland
assemblingtheuserinterface.Aseachiterationofchangesmadetoanappissynchronizedtotheother
nodes,asignificantloadcanbegeneratedonthesynchronizationprocess,especiallyiftheappislargeor
reloadedoften.Itisthereforerecommendedtocarefullychoosethenodesusedfordevelopmentandavoid
synchronizationofcontentthatdoesnotneedtobeprocesseduntiltheappisfinalized.
Therearetwowaystohandleappdevelopmentinamulti-nodesite:
l Isolatethedevelopmentactivitiesontoadedicateddevelopmentnodewithinaproductionsite.
l Specifyadedicatedsitefordevelopmentactivities.Theadvantageofthisapproachisthatitallowsan
organizationtofollowtheirpreferredprocessfortestingandreleasingnewapps.
41
3 Deployment
Iftheappdevelopmentisespeciallyintensive,itisrecommendedtouseadedicateddevelopmentsite.
It is primarily the reload of apps in development that needs to be considered. Adding the user
interface elements only has a minor effect on the synchronization of content.
Synchronizeonlywhatisneeded
Synchronizationrulescanbeusedtosignificantlyreducetheamountofdatatraffic.Forexample,an
unpublishedappthatisonlyusedbyadeveloperdoesnothavetobesynchronizedtonodesthatonlyserve
publishedappstoendusers.Inaddition,appsthatonlyreloadQVDfilesdonotneedtobesynchronized.
Networkspeedandgeographicdeployments
Theabilitytomoveappcontentinareasonabletimeisaffectedbythenetworkspeed.Thebetterthe
throughput,thefasterthesynchronizationcanbe.Forbestresults,thenodesshouldbeonthesamenetwork
or,ifinseparatedatacenters,connectedbyLANlikenetworkconnections.
Ifthenodesaregeographicallydispersedandonslowernetworks,thesynchronizationwillbeslower.This
mayalsoslowdownthesynchronizationofnodesthatareonfasterconnections.Inthiscase,thevolumeand
frequencyofthedatatosynchronizeneedtobeconsidered.
If the data is changed faster than the network or software can synchronize it to other nodes (for
example, by reloading again before the synchronization completes), the synchronization is
canceled. This may lead to nodes never being updated or synchronization queues that may
affect the user experience.
Deploymentsize
Thesize(thatis,thenumberofnodes)ofadeploymentdependsofthefollowingfactors:
l Theamountofdatatomove(perhour)
l Thenumberofnodesthatneedtoreceivethedata
l Thenetworkspeedavailabletotransferthecontent
l SomeoverheadforthesoftwareandavailableCPU
Itcanbedifficulttodefinethenumberofnodesorpossibledatatransferability,butthefollowingshouldbe
considered:
l Lessdata+fastnetwork=Youcanhavemorenodesandthesynchronizationtimewillbeshort
l Morenodes+slownetwork=Lessdatacanbesynchronizedwithoutdelays
Examples:
l Moving5GBofcontent(forexample,reloadedapps)orlessinanhourbetweeneightserversona
typicalcorporatenetworkshouldresultinquickupdatestothecontent.
l Movingasingle12GBappbetweentennodesonatypicalcorporatenetworkmaytakeupto30
minutes.Thismeansthatappsofthissizeshouldnotreloadfrequently.
42
3 Deployment
Exampledeploymentscenarios
Thissectionprovidesexamplesofhowmulti-nodesitescanbedeployed.
Thefollowingtermsareusedinthescenarios:
l Centralnode:Thenodethatisresponsibleformanagementactivitiesandsynchronization.
l Reload/schedulernode:Anodethatreloadsappsonaschedule,butservesnocontenttousers.
l Consumenode:Anodethatservesappstousers,butisnotusedtocreate,process,orreloaddata.
l Developmentnode:Anodethatallowsuserstocreateandreloadnewapps,butdoesnotserve
normalconsumertraffic.
l Proxynode:Anodethatprovidesloadbalancingofusertraffictoothernodes.Thisnodedoesnot
containaQlikSenseEngineService(QES).
An alternative to use a proxy node is to have a proxy installed on each consume node
and balance the traffic using a hardware load balancer.
Multi-nodescenario:Productiondeployment
Thisscenariodescribeshowtosetupatypicalinternalproductiondeployment,whichprovidestheabilityto
scaleupbothreloadsanduserload.
Nodelayout
Eachnodewithinthesiteonlycontainstheservicesanddatathatitneedstoperformitsrole.
Servicesoneachnode
ThetablebelowliststheQlikSenseservicesthataredeployedoneachnodeinthesite.
43
3 Deployment
Qlik Sense
Qlik Sense
Engine
Scheduler
Service
Service
Reload/scheduler x
node(s)
Consumenode
(s)
Proxynode
Qlik Sense Repository
Node name
Service (mandatory)
Centralnode
Qlik Sense
Proxy Service
The table does not list Qlik Sense services that are deployed automatically on nodes, for
example, the Qlik Sense Printing Service (QPR) and the Qlik Sense Service Dispatcher
(QSD).
Configurationsteps
Basic installation
Proceedasfollowstoperformthebasicinstallation:
1. Startingwiththecentralnode,installtheQlikSensesoftwareandservicesasdescribedinthetable
above.
2. AddeachrimnodeviatheQlikManagementConsole(QMC)onthecentralnode.
Specify the consume nodes to be Production nodes.
The DNS names used must be correct.
3. Whenallrimnodeshavebeenadded,checkthattheyaredisplayedasbeingonlineintheQMConthe
centralnode.
Load balancing
Proceedasfollowstoconfiguretheloadbalancing:
1. SelectVirtual proxiesintheQlikManagementConsoleonthecentralnode.
2. Editthesettingsfortheproxynode.
UnderLoad balancing nodes,specifythattheconsumenodesshouldbeused.
3. Checkthatthehubisaccessibleontheproxynode.Inaddition,checkthatthehubliststheapps.
44
3 Deployment
Qlik Sense Scheduler Service
ProceedasfollowstoconfiguretheQlikSenseSchedulerService(QSS):
l ConfiguretheQSSonthecentralnodetorunasmasteronly(thatis,donotrunreloadsonthecentral
node).Thereloadnodeshouldbesetasslave,whichmeansitwillhandleallreloads.
License Monitor and Operations Monitor

Inmulti-nodeenvironments,theLicensemonitorandOperationsmonitorappscanbereloadedonanynode.
Proceedasfollows:
1. SharetheQlikSensefolderonthecentralnode.
Thedefaultlocationis%ProgramData%\Qlik\Sense.
2. UpdatethedataconnectionsServerLogFolderandArchivedLogFolderbyreplacing
%ProgramData%\Qlik\Sensewiththepathtothesharedfolder.
3. Reloadtheappsontherimnodes.
Becauseofthewaymulti-nodeenvironmentsaresynchronizedandthewaylogsarearchived,theresultsof
reloadsmaynotbecompletelycurrent.ReloadsincludealllogsfromtheArchivedLogFolderfolderonthe
centralnodeandtheactive.txtlogfilesstoredintheSense\Logfolderonthecentralnode.
Multi-nodescenario:Productiondeploymentallowingdevelopment
Thisscenariodescribeshowtosetupatypicalinternalproductiondeploymentthatallowsappdevelopment
ondedicatednodesandusessynchronizationrulestoreducethesynchronizationtraffic.
Bothreloadsanduserloadcanbescaledup.Additionaldeveloper,reload,consume,andproxynodescanbe
addedaslongasthetotalnumberisinlinewiththerecommendations.
The synchronization rules described in this section are just examples. The exact approach
depends on the deployment needs.
Nodelayout
45
3 Deployment
Servicesoneachnode
Qlik Sense
Qlik Sense
Engine
Scheduler
Service
Service
Reload/scheduler x
node(s)
Consumenode
(s)
Proxynode
Development
node
Node name
Centralnode

Service (mandatory)
Qlik Sense
Proxy Service
(QSD).
46
3 Deployment
Configurationsteps
Basic installation
above.
Specify the consume nodes to be Production nodes and the development node to be a
Development node.
centralnode.
Load balancing: Consume nodes

UnderLoad balancing nodes,specifythattheconsumenodesshouldbeused.
3. Checkthatthehubisaccessibleontheproxynode.Inaddition,checkthatthehubliststheapps.
Load balancing: Development node

Inthisexample,avirtualproxyisusedtoroutetraffictothedevelopmentnode.Themeansthataslightly
differentURL,https://<server address>/DEV/hub,isusedaccessthedevelopmentsectionofthesite.The
DEVprefixalsomeansthatthedevelopmenttrafficcanbehandleddifferentlycomparedtothenormaluser
traffic.
1. SelectProxiesintheQlikManagementConsole(QMC)onthecentralnode.
3. SelectVirtual proxies,clickAdd,andthenselectCreate new.
4. ProvideadescriptionandtheDEVprefix.Ascookienameshavetobeunique,addDEVtotheendof
thesessioncookiefield.
5. UnderLoad balancing nodes,specifythatthedevelopmentnodeshouldbeused.
47
3 Deployment
6. CheckthatthedevelopmentnodeisavailableusingthefollowingURL:
https://<server address>/DEV/hub
Configuring custom properties
Custompropertiescanbeusedinthesynchronizationrulestodictatethenodestowhichtosynchronizeapps.
Proceedasfollowstoconfigurethecustomproperties:
1. SelectCustom propertiesintheQlikManagementConsole(QMC).
2. Addthefollowingcustomproperty:
l Name:NodeType
l Resource types:Nodes
l Values:Dev,Consume,Reload
3. SelectNodesintheQMC.
4. Foreachnodeinthesite,settheappropriatevalueforNodeTypeunderCustom properties.
Configuring synchronization rules

Thesynchronizationrulesareusedtosynchronizetheappstotherightnodes.
Proceedasfollowstodisablethedefaultsynchronizationrule,whichallowsallappstobesynchronizedtoall
nodes:
1. SelectSync rulesintheQlikManagementConsole(QMC).
2. Disablethedefaultsyncrule,ResourcesToNonCentralNodes.
Afterafewseconds,allappsdisappearfromtheproxynodeastheyareonlyavailableonthecentral
node.
Newrulesareneededtosynchronizetheappstothecorrectnodesandpreventunnecessarysynchronization.
Forexample,eventhoughuserscannotseeanunpublishedapp(thatis,anappunderdevelopment)untilitis
published,theunpublishedcopyisbydefaultsynchronizedtoallnodes.Inthisexample,rulesaresetupto
stopunpublishedappsfrombeingsynchronizedtothenodesusedbyconsumerusersandtoensurethatthe
reloadnodesonlygetwhattheyneedfortheirworkload.Ideally,theappsshouldbedistributedasfollows:
l Reloadnodes:Appstoreload
l Consumenodes:Publishedapps
l Developmentnode:Unpublishedapps
Proceedasfollowstoconfigurethenewsynchronizationrules:
1. Createaruletosynchronizeunpublishedappstothedevelopmentnode:
a. CreateanewsynchronizationruleintheQMC.
b. Namethenewruleunpublished apps to dev nodesandthenselecttheAdvancedoption.
c. EnterthefollowingintheConditionsfieldandthensavetherule:
(node.@NodeType="Dev" and resource.stream.name.Empty())

Theconditionstatesthatiftheappisnotinastream(andthusisnotyetpublished),
48
3 Deployment
synchronizeittoanodewiththeNodeTypesettoDev.
d. Browsetothedevelopmentnodeproxyandchecktheresults.
2. Createaruletosynchronizepublishedappstotheconsumenodes:
b. Namethenewrulepublished apps to consumer nodesandthenselecttheAdvancedoption.
(node.@NodeType="Consume" and !resource.stream.name.Empty())

Theconditionstatesthatifthestreamvalueisnotempty(meaningthattheappispublished),
synchronizetheapptoanodewiththeNodeTypesettoConsume.
d. BrowsetothemainproxyserverURLandchecktheresults.
3. Createaruletosynchronizeappstothereloadnodes:
b. Namethenewruleapps to reload nodesandthenselecttheAdvancedoption.
(node.@NodeType="Reload")
TheconditionstatesthatiftheNodeTypeissettoReload,allappsaresynchronizedtothe
node.
Tolimitthetraffictothesenodes,applycustompropertiestotheappsthatshouldbe
synchronizedtothenodes.Forexample,createacustompropertycalledapptypeandusea
rulelikethefollowing:
(node.@NodeType="Reload" and (resource.@AppType="QVDLoader" or
!resource.stream.name.Empty()))
ThisrulesynchronizesallpublishedappsandappstaggedasQVDloaders(thatis,alltheapps
torunscheduledreloadson)tothereloadnodes.
Qlik Sense Scheduler Service
ProceedasfollowstoconfiguretheQlikSenseSchedulerService(QSS):
l ConfiguretheQSSonthecentralnodetorunasmasteronly(thatis,donotrunreloadsonthecentral
node).Thereloadnodeshouldbesetasslave,whichmeansitwillhandleallreloads.
License Monitor and Operations Monitor

Inmulti-nodeenvironments,theLicensemonitorandOperationsmonitorappscanbereloadedonanynode.
Proceedasfollows:
1. SharetheQlikSensefolderonthecentralnode.
Thedefaultlocationis%ProgramData%\Qlik\Sense.
2. UpdatethedataconnectionsServerLogFolderandArchivedLogFolderbyreplacing
%ProgramData%\Qlik\Sensewiththepathtothesharedfolder.
3. Reloadtheappsontherimnodes.
49
3 Deployment
Becauseofthewaymulti-nodeenvironmentsaresynchronizedandthewaylogsarearchived,theresultsof
reloadsmaynotbecompletelycurrent.ReloadsincludealllogsfromtheArchivedLogFolderfolderonthe
centralnodeandtheactive.txtlogfilesstoredintheSense\Logfolderonthecentralnode.
Multi-nodescenario:Developmentsite
Thisscenarioplacesthedevelopmentofappsontodedicatedresources.Thenumberofnodescanbe
adjustedtosupporttheamountofdevelopmentactivity(forexample,asinglenodecanbeused).
Ifmorethanonedevelopmentnodeisused,theycanbeloadbalancedusingaproxynode.However,when
creatinganewapptherecanbeashortdelaybeforetheappisaddedonallnodes,whichmeansthatthe
usersmayberoutedtoanodethathasnotyetreceivedthenewapp.
Nodelayout
Servicesoneachnode
Node name
Centralnode
Qlik Sense
Service (mandatory)
Engine Service
Qlik Sense
Scheduler
Service
x
Qlik Sense
Proxy Service
x
50
3 Deployment
Node name
Qlik Sense
Service (mandatory)
Engine Service
Development x
node(s)
Qlik Sense
Scheduler
Service
Qlik Sense
Proxy Service
x
(QSD).
Configurationsteps
Basic installation
above.
centralnode.
Load balancing
UnderLoad balancing nodes,specifythatthelocalQlikSenseEngineService(QES)shouldbe
usedforeachproxy.
3. Checkthatthehubisaccessibleonthedevelopmentnodes.Inaddition,checkthatthehubliststhe
appsonthenodesandthatnewappscanbecreated.
Multi-nodescenario:Geographicallydispersedsite
Thisscenarioprovidesguidelinesforhowtoplangeographicallydispersedsiteswheresynchronizationhasto
beperformedacrosstwoormoreregions.
Nodelayout
Inthisexample,thegeographicallydispersedsiteissetupasfollows:
51
3 Deployment
l Thesiteconsistsofnodesintwogeographicalregions.ThecentralnodeislocatedinregionA.
l Usersfrombothregionsaccessappsinthesite:
l Greenappsareaccessedbyallusers.
l BlueappsareonlyaccessedbyusersinregionB.
l Yellowappsareaccessedbyallusers.
l Theappsarecharacterizedbythefollowing:
l Greenandblueappsarelargeappswherethesourcedataislocatedintherespectiveregion.
l Yellowappsareeithersmallorfairlystatic(thatis,theyarenotreloadedoften).
Green apps
Thegreenappsarelargeenoughtoimpactthenetworktrafficduringthesynchronization.Itisthereforea
goodideatoplacethemclosetothedatasourcetoavoidsynchronizationacrossregions.Whenusersfrom
regionBaccessthegreenapps,theyareroutedthroughtheproxytotheAregion.
Blue apps
Thegreenandblueapps-thelargeapps-shouldbeplacedonnodesclosetothedatasourcetoavoid
synchronizationacrossregions.However,asallappsmustbeavailableonthecentralnode,some
synchronizationacrossregionsisneededfortheblueapps.
ThetotaltimeneededfortheblueappstobecomeavailableonthenodesinregionBwillbelongerthanthe
timeneededforthegreenappstobecomeavailableonthenodesinregionA.Thisisbecauseofthewaythat
thesynchronizationworks:
52
3 Deployment
1. Asynchronizationoftheupdateddataisinitializedwhenareloadoperationfinishes.
2. Assoonassomesegmentsoftheupdateddataareavailableonthecentralnode,thenodesinregion
Bcanfetchthosesegments.
3. Assynchronizationacrossregions(forexample,betweenEuropeandNorthAmerica)takeslonger
timethanfetchingdatafromnearbynodes,thetimeneededtosynchronizeanappincreasesandthe
centralnodebecomesabottleneck.
Thisisnotaproblemwhensynchronizingthegreenappsasalldatasegmentstosynchronizeare
availableonnearbynodesinthesameregion.
Yellow apps
Thetimeneededtosynchronizetheyellowappsisshortastheyareeithersmallornotreloadedveryoften,
whichmeansthattheirimpactonthenetworktrafficislow.Theyellowappscanthereforebelocatedon
nodesclosetotheusers,minimizingthetimeittakestoaccesstheapps.
Guidelines
Dependingonthenetworkcapacityandtheappreloadfrequency,thebestconfigurationmaydiffer.
However,thefollowingguidelinesshouldbetakenintoconsiderationwhendeployingageographically
dispersedsite:
l Sendaslittledataaspossibleoverthenetworkandtrytoavoidbottleneckswhenthenetworkcapacity
orbandwidthislow.
l Appsthataresmallorarenotreloadedtoooftencanbelocatedonanyorallnodesastheydonot
significantlyimpactthesynchronizationperformanceortheuseraccesstotheapps.
l Performreloadswherethesourcedatais.
l Ifanappisverylargeorneedstobereloadoften,keeptheappclosetoitsdatasourceandonthe
localnetwork.Directanyusertrafficfromaremoteproxyacrossthewideareanetwork.
l Inessence,configurethesitesoaslittleaspossiblebinarydataisshuffledaroundinthenetwork.
53
Backingupandrestoring
ThissectiondescribeshowtobackupandrestoreQlikSensesitesandcertificatesandhowtomoveanode
toanewmachine.
4.1 Backingupandrestoringasite
ThissectiondescribeshowtobackupandrestoreaQlikSensesite.Thiscanbedonemanuallyorusingthe
RepositorySnapshotManager(RSM):
l Manually:SeeBacking up a site manually (page 54)andRestoring a site manually (page 56)
l UsingtheRSM:SeeUsing the Repository Snapshot Manager (page 59)
These instructions define the minimum steps required. The use of specific backup software
may further extend the options for backup and restore.
Inasinglenodesite,thesinglenodeisreferredtoasthecentralnode.
Inamulti-nodesite,thecentralnodeisthemasterrecordthatcontainsalldataaboutthesite.Therimnodes
inthemulti-nodesitecontaineitherafullcopyoralimitedsubsetofthedata,whichismaintainedbythe
synchronizationmechanism.Thismeansthatthecentralnodeistheonlynodethatneedstobebackedupin
ordertokeepthedataandconfigurationsafe.Therimnodescanberestoredbysimplyre-addingthemas
newnodes,sincetheywillhavetheirdatarestoredbythesynchronizationmechanism.
Rimnodesmaintainlocallogfilesthatmaybeworthbackingupinordertoidentifyandinvestigateissues.It
mayalsobeworthbackingupanygeneraloperatingsystemdatathatmayberequired.
See also:
p
p
Single node site (page 11)

Multi-node site (page 12)
Backingupasitemanually
ThissectiondescribeshowtobackupaQlikSensesiteinadefaultinstallationwhereaPostgreSQL
databaseisusedastherepositorydatabase.
The instructions in this section are only applicable to the central node of a Qlik Sense site.
See: Backing up and restoring a site (page 54)
TheproceduredescribedinthissectioncanalsobeperformedusingtheRepositorySnapshotManager
(RSM).
See:Using the Repository Snapshot Manager (page 59)
54

Itemstobackup
Thefollowingitemsneedtobeconsideredwhenbackingupasite:
l Repositorydatabase:Thedatabasecontainsallconfigurationdataforthesite.
l CertificatesfortheQlikSenseservices:Thecertificatesareusedtoencryptthetrafficbetweenthe
servicesandtheusers.Makesuretobackupthecertificatesinordernottoloseanyencrypteddata
(forexample,passwordsfordataconnections).
l Logdata
l Applicationdata:ThedatamodelsintheQlikSenseapps.
l Anycontentthatsupportstheapps(forexample,QVDfiles)
Backupprocedure
ProceedasfollowstobackupaQlikSensesite:
1. MakeabackupofthecertificatesusedtosecuretheQlikSenseservices.Thisonlyneedstobedone
once.
See:Backing up certificates (page 65)
2. StopallQlikSenseservicesexcepttheQlikSenseRepositoryDatabase(QRD).
3. Makeabackupoftherepositorydatabase:
a. OpenaCommandPromptwithadministratorprivilegesinMicrosoftWindows.
b. Produceadumpfilefortherepositorydatabase(thatis,asinglefilefortheentiredatabase):
i. Navigatetotheinstallationlocation:
cd "<Path>\Qlik\Sense\Repository\PostgreSQL\<database version>\bin"
ii. pg_dump.exe -h localhost -p 4432 -U postgres -b -F t -f "c:\QSR_backup.tar" QSR
IfyouarepromptedforthePostgreSQLsuperuserpassword,enterthepasswordthat
wasgivenduringtheinstallationofQlikSense.
To avoid being prompted for the password (for example, if you want to
automate the Qlik Sense backup process), you can use the pgpass
functionality in PostgreSQL. See the PostgreSQL documentation for
more information.
iii. Makeabackupofthedumpfilefortherepositorydatabase.
4. Makeabackupofthefollowingfolders:
l %ProgramData%\Qlik\Sense\Log
l %ProgramData%\Qlik\Sense\Apps
l %ProgramData%\Qlik\Sense\Repository\Content
l %ProgramData%\Qlik\Sense\Repository\Extensions
l %ProgramData%\Qlik\Sense\Repository\AppContent(ifavailable)
55

5. MakeabackupofanylocationswherecontentthatsupportstheQlikSenseenvironmentmaybekept
(forexample,QVDfilescreatedbyloadscripts).
6. StarttheQlikSenseservices.Iftheservicesarestartedmanually,starttheminthefollowingorder:
The user that installs and runs the Qlik Sense services must be local administrator on
the machine.
a. QlikSenseRepositoryService(QRS)
b. QlikSenseProxyService(QPS),QlikSenseEngineService(QES),QlikSenseScheduler
Service(QSS),QlikSensePrintingService(QPR),andQlikSenseServiceDispatcher(QSD)
innospecificorder
TheorderisimportantbecausetheQRSisdependentontheQRDandtherestoftheservicesare
dependentontheQRS.
See also:
p
Backing up and restoring certificates (page 65)
Restoringasitemanually
ThissectiondescribeshowtorestoreaQlikSensesiteinadefaultinstallationwhereaPostgreSQLdatabase
isusedastherepositorydatabase.
The instructions in this section are only applicable to the central node of a Qlik Sense site.
See: Backing up and restoring a site (page 54)
TheproceduredescribedinthissectioncanalsobeperformedusingtheRepositorySnapshotManager
(RSM).
See:Using the Repository Snapshot Manager (page 59)
Itemstorestore
Thefollowingitemsneedtobeconsideredwhenrestoringasite:
l QlikSensesoftware
l Repositorydatabase:Thedatabasecontainsallconfigurationdataforthesite.
l CertificatesfortheQlikSenseservices:Thecertificatesareusedtoencryptthetrafficbetweenthe
servicesandtheusers.Makesuretobackupthecertificatesinordernottoloseanyencrypteddata
(forexample,passwordsfordataconnections).
l Logdata
l Applicationdata:ThedatamodelsintheQlikSenseapps.
l Anycontentthatsupportstheapps(forexample,QVDfiles)
56

Restoreprocedure
When performing the procedure below you must log on using an account that had the root
admin role in the site when it was backed up. If you log on using a local admin account and the
machine name is different, your permissions will not follow through.
ProceedasfollowstorestoreaQlikSensesite:
1. InstalltheQlikSensesoftwareonthemachinetargetedfortherestore.
A restore can occur onto a machine with a different name than the one from which the
data was backed up. However, if the machine is a central node in a multi-node site,
changing the machine name requires all rim nodes to be reset, which means that the
nodes will have to be re-added.
Make sure to deselect Start the Qlik Sense services when the installation has
completed during the installation setup. If the services are started, new certificates and
a new repository database are created and they must be removed before proceeding
with the restore procedure.
2. RestorethecertificatesusedtosecuretheQlikSenseservices.
See:Restoring certificates (page 75)
Do not start the Qlik Sense services at the end of the Restoring certificates (page 75)
procedure.
3. StarttheQlikSenseRepositoryDatabase(QRD).
4. Restoretherepositorydatabase:
a. Placethebackeduprepositorydatabaseonthemachinetargetedfortherestore.
b. OpenaCommandPromptwithadministratorprivilegesinMicrosoftWindows.
c. Runthefollowingcommandstorestoretherepositorydatabase(adjustthepathsasneeded):
i. cd "C:\Program Files\Qlik\Sense\Repository\PostgreSQL\<database version>\bin"
ii. createdb -h localhost -p 4432 -U postgres -T template0 QSR
Ifthecommandfailsbecauseadatabasealreadyexists,runthefollowingcommand
andthenrepeatthecreatedbcommand:
dropdb -h localhost -p 4432 -U postgres QSR
iii. pg_restore.exe -h localhost -p 4432 -U postgres -d QSR "c:\QSR_backup.tar"
5. Restorethecontenttothefollowingfolders:
57

l %ProgramData%\Qlik\Sense\Apps
l %ProgramData%\Qlik\Sense\Repository\Content
l %ProgramData%\Qlik\Sense\Repository\Extensions
l %ProgramData%\Qlik\Sense\Log
l %ProgramData%\Qlik\Sense\Repository\AppContent(ifavailable)
6. Restoreanysupportingcontenttoitsoriginallocationasrequired.
the machine.
innospecificorder
dependentontheQRS.
8. Ifyouarerestoringamulti-nodesite,youmustdetermineifthecontentontherimnodesshouldbe
kept:
This step is only applicable to multi-node sites.

l Ifarimnodedoesnotcontainanydatathatneedstobekept,removeandthenre-addtherim
nodeasifitwasanentirelynewnode.Thismeansthatthecontentontherimnodewillbethe
sameasthecontentonthecentralnodewhenitwasrestored.
Dothefollowing:
1. IntheQlikManagementConsole(QMC)onthecentralnode,deletetherimnode.
2. Ontherimnode,uninstallQlikSensewiththeRemove Qlik Sense certificates and
data foldersoptionselected.
3. Ontherimnode,installQlikSenseagain.
4. IntheQMConthecentralnode,addthenewlyinstalledrimnodetothesiteusingthe
normalprocedure.
l Ifarimnodecontainsdatathata)wasaddedafterthebackup,andb)isstillrequiredtobe
kept,thenthesynchronizationprocessneedstobenotifiedtoresendthemissingdatafromthe
rimnodetotherestoredcentralnode.
Ontherimnode,connecttotheQRSAPIandcallthePOST /qrs/sync/snapshot/restore
endpointwithoutanyparametersorbody.ThisendpointinstructstheQlikSenseRepository
Service(QRS)topushdatabacktothecentralnode.
58

Knownissues
IfQlikSensestopsrespondingordoesnotrespondproperlyaftertherestoreoperation,tryrestartingtheQlik
SenseRepositoryService(QRS)andthenwaitfortherestoftheservicestostartup.
See also:
p
UsingtheRepositorySnapshotManager
TheRepositorySnapshotManager(RSM)automatesthemanualbackupandrestoreproceduresdescribed
inthefollowingsections:
p Backing up a site manually (page 54)
p Restoring a site manually (page 56)
Requirements
Systemdowntime
Thebackupandrestoreoperationsrequiresystemdowntime.Theamountoftimeneededtobackupor
restoreasitedependsonthenumberofapps,theirsize,andthenumberofothersupportingcontentfiles,
suchasQVDfilesandscripts.
Location
TheRSMisavailablein%ProgramFiles%\Qlik\Sense\Repository\Util\RepositorySnapshotManagerafter
installationoftheQlikSensesoftware.
WerecommendthatyoucopytheRSMtoanotherfolderandrunitfromthereforbothbackupandrestore
operations,sincetheRSMlogfilesarestoredinthefolderfromwhichtheRSMruns.
See:Log files (page 64)
User
TheuserwhorunstheRSMmustbethesameastheuserwhorunstheQlikSenseservices.
Arguments
ThissectiondescribestheargumentstopasstotheRSMwhenbackinguporrestoringaQlikSensesite.
Backup
ThesyntaxoftheRSMwhenbackingupaQlikSensesiteisasfollows:
RepositorySnapshotManager.exe -<Operation> -path=<Path> [-ver=<QlikSenseVersion>] [supportingContentLocation=<PathToSupportingContent>] [-certificatePassword=<CertificatePassword>]

[-databasePassword=<DatabasePassword>] [-f] [-h]
59

Argument
Mandatory
Description
-<Operation>
Yes
Typeofoperation.Forbackup,
theargumentis-backup.
-path
Yes
Pathtothefolderwhereto
storethebackup.
-ver
Optional,onlyneedediftheautomatic
versioncheckfails
QlikSenseproductversion
runningatthetimeofthe
backup(forexample,2.2.0).
supportingContentLocation
Optional,onlyneededifthereis
supportingcontenttoincludeinthe
backup
Pathtothefolderinwhich
supportingcontentforyourQlik
Sensesiteisstored.
-certificatePassword
Optional,onlyneededifyouwantto
password-protectthecertificatesinthe
backup
Passwordusedtoprotectthe
certificatesinthebackup.
-databasePassword
Optional,onlyneededifapasswordwas
assignedtotherepositorydatabase
duringtheinstallationoftheQlikSense
software
Passwordassignedtothe
repositorydatabaseduringthe
installationoftheQlikSense
software.
See:Known issues (page 64)
-f
Optional,onlyneededifyouwanttorun
thebackupoperationsilently
Silentbackup.Werecommend
thatyoutestyourbackup
operationbeforeusingthis
argument.
-h(or-help)
Notapplicable
Displayinformationonthe
RSM.
This argument is
not used to run an
operation.
Restore
ThesyntaxoftheRSMwhenrestoringaQlikSensesiteisasfollows:
RepositorySnapshotManager.exe -<Operation> -path=<Path> -installer=<PathToInstaller> [supportingContentLocation=<PathToSupportingContent>] [-certificatePassword=<CertificatePassword>]

[-databasePassword=<DatabasePassword>] [-u=<UsernameWithDomain>] [-p=<UserPassword>] [installdir=<PathToAlternativeInstallDirectory>] [-h]
60

Argument
Mandatory
Description
-<Operation>
Yes
Typeofoperation.Forrestore,theargumentis
-restore.
-path
Yes
Pathtothebackupfolderfromwhichtorestore
theQlikSensesite.
-installer
Yes
PathtothefolderinwhichtheQlikSense
installerislocated.
supportingContentLocation
Optional,onlyneededif
supportingcontentisto
berestoredtoanother
locationthanfromwhich
itwasbackedup
Pathtotherestorelocationforthesupporting
content.Ifthisargumentisleftout,the
supportingcontentisrestoredtothelocation
fromwhichitwasbackedup.
-certificatePassword
thecertificateswere
password-protected
duringthebackup
Passwordthatwasusedtoprotectthe
certificatesinthebackup.
-databasePassword
youwanttopasswordprotecttherepository
database
Passwordusedtoprotecttherepository
database.
-u
anotheruseraccount
thanthelocalservice
accountistobeusedto
restoreandstarttheQlik
Sensesoftware
Useronthehostwithadministrativeprivileges
forthedomain(forexample,COMPANY_
DOMAIN\USER).Ifnousercredentialsare
provided,theQlikSensesoftwarewillbe
restoredandstartedusingthelocalservice
accountcredentials.
-p
anotheruseraccount
thanthelocalservice
accountistobeusedto
restoreandstarttheQlik
Sensesoftware
Passwordfortheuserassociatedwiththe
domain.Ifnousercredentialsareprovided,the
QlikSensesoftwarewillberestoredandstarted
usingthelocalserviceaccountcredentials.
-installdir
youwanttorestorethe
QlikSensesoftwareto
anotherfolderthanthe
defaultinstallation
directory
PathtothefolderinwhichtorestoretheQlik
Sensesoftware.Ifthisargumentisleftout,the
defaultinstallationdirectoryisused.
61

Argument
Mandatory
Description
-h(or-help)
Notapplicable
DisplayinformationontheRSM.
This argument is not used to run

an operation.
Procedures
Backup
ProceedasfollowstobackupaQlikSensesiteusingtheRSM:
1. MakesurethattheQlikSensesiteisfullyoperational.
2. Scheduleandprepareasystemmaintenancewindowwithenoughdowntime.
3. Prepareabasebackupfolder(forexample,F:\Qlik\Backups).
4. IftheQlikSenserepositorydatabaseispassword-protected,makesurethatyouhavethepassword
available.
See:Known issues (page 64)
5. Ifyouwanttopassword-protectyourcertificates,makesuretopassthepasswordasanargumentto
theRSM.
6. Gatherallsupportingcontent.Allsuchcontent(forexample,QVDfiles,scripts,andotherfiles)must
bestoredinonelocationonthehostwheretheRSMwillbeexecuted.Createafolder(forexample,
F:\Qlik\Additional\Files)andplacethesupportingcontentinthatfolder.
7. RuntheRSMandperformthebackupoperation.
8. Waitforthebackupoperationtofinishandreviewthelogfiles.
9. ManuallyverifyyourbackupbeforestartingautomatedbackupsusingtheRSM.
Example: Backing up a site with a database password and supporting content (additional files)
RepositorySnapshotManager.exe -backup -path=F:\Qlik\Backups supportingContentLocation=F:\Qlik\Additional\QVDFiles -databasePassword=dfgg45Fr800
You may need to provide quotes ("") around certain arguments for the command shell to
interpret the arguments correctly. For example, if you have "&|<" or similar characters in a
password, the entire password must be surrounded by quotes. This means that a password
like test#% must be passed to the RSM as "test#%". In addition, do not use a backslash at the
end of paths as this may invalidate the final quote.
Restore
ProceedasfollowstorestoreaQlikSensesiteusingtheRSM:
62

1. MakesurethattheQlikSenseinstaller,Qlik_Sense_setup.exe,ispresentinafolderonthecurrent
host.
2. MakesurethattheversionsoftheQlikSensesoftwaretorestoreandtheQlikSenseinstallerarethe
same.
3. Locatethebackupset(thatis,backupfolder)touse(forexample,F:\Qlik\Backups\.2015-07-02-
12.57.10-Z.backup).
4. Ifyouwanttopassword-protectyourrepositorydatabase,makesuretopassthepasswordasan
argumenttotheRSM.
5. Ifyoupassword-protectedyourcertificatesduringthebackup,makesuretopassthepasswordasan
argumenttotheRSM.
6. RuntheRSMandperformtherestoreoperation.
7. Waitfortherestoreoperationtofinishandreviewthelogfiles.
During a restore operation a command prompt may open with the results from the
database restore operations. Errors indicating that the object to drop did not exist can
safely be ignored.
If the restore operation is performed on a multi-node site, the log file should contain the
text "snapshot/restore has been invoked on <host> (ok)" for each rim node. Verify that
any content created on those rim nodes after the backup set was created is
synchronized to the central node.
8. TesttheQlikSensesite(forexample,openthehub,reloadanapp,openasheet,etc).
9. Ifthesystemismalfunctioningaftertherestoreoperation,contactQlikSupportandprovidealllog
filesinthelogsfolder.
Example: Restoring a site with a database password and supporting content

RepositorySnapshotManager.exe -restore -path=F:\Qlik\Backups\.2015-07-02-11.33.27-Z.backup installer=F:\Qlik\InstallerExtracted -supportingContentLocation=F:\Qlik\Additional\QVDFiles databasePassword=dfgg45Fr800 -u="DOM\MyUserName" -p="mYUSeRpAss100"
Example: Restoring a site without a database password or supporting content
RepositorySnapshotManager.exe -restore -path=F:\Qlik\Backups\.2015-07-02-11.33.27-Z.backup installer=F:\Qlik\InstallerExtracted -u="DOM\MyUserName" -p="mYUSeRpAss100"
63
You may need to provide quotes ("") around certain arguments for the command shell to
interpret the arguments correctly. For example, if you have "&|<" or similar characters in a
password, the entire password must be surrounded by quotes. This means that a password
like test#% must be passed to the RSM as "test#%". In addition, do not use a backslash at the
end of paths as this may invalidate the final quote.
Logfiles
TheRSMlogsthebackupandrestoreoperationsinasub-folder,logs,ofthefolderinwhichtheRSMruns.If
theRSMcannotcreatethesub-folderinthecurrentworkingfolder,thesub-folderiscreatedintheWindows
tempfolder(typicallyC:\Windows\Temp)instead.
Makesuretoalwayscheckthelogfolderafterabackuporrestoreoperation,whethertheoperationwas
successfulornot.
If the restore operation is performed on a multi-node site, the log file should contain the text
"snapshot/restore has been invoked on <host> (ok)" for each rim node. Verify that any content
created on those rim nodes after the backup set was created is synchronized to the central
node.
Knownissues
Backupprocesscompletes"successfully"withwrongdatabasepassword
Ifthepasswordprovidedwiththe-databasePasswordargumentdoesnotmatchthepasswordofthe
repositorydatabase,theresultingbackupfilewillbeemptyeventhoughthebackupprocessappearstohave
finishedsuccessfully.YoumustthereforeverifythattheQSR_backup.tarfileintheDatabasefolderofyour
backupisnotempty.
Backupprocesshangsduring"Creatinglogincredentialsfilefordatabase..."
Therepositorydatabaseispassword-protected,butthe-databasePasswordargumentwasnotprovided.
Cannotstartserviceoncomputer
If"CannotstartserviceQlikSenseRepositoryDatabaseoncomputer"isreportedatthecommandpromptorin
thelogfile,itismostlikelyduetoproblemswiththeusercredentials(thatis,theusernameandpassword).
Thefollowingcircumstancesareknowntocausesuchproblems:
l TheQlikSensesoftwarewasinstalledwithusercredentials,butisrestoredwithoutthem.
l TheQlikSensesoftwarewasinstalledwithoutusercredentials,butisrestoredwiththem.
l Theusernameorpasswordcontainsspecialcharacters,suchas"&%$",andwasnotquotedduring
thebackuporrecoveryoperation.
l Theusernameorpasswordisincorrect.
l TheQlikSenseinstallerreturned"Unabletocreatesiblingprocess".
Ifthishappens,contactQlikSupport.
64

Logfilesstoredoutsidethedefaultlocations
TheRSMdoesnotsupportbackupandrestoreofQlikSenselogfilesthatarestoredinotherlocationsthan
thedefaultones.Suchlogfilesmustbemanuallybackedupandrestored.
See:Storage (page 115)
4.2 Backingupandrestoringcertificates
ItisrecommendedthatyoubackupthecertificatesonthecentralnodeinaQlikSensesitesothattheycan
berestored,ifneeded.
Thebackedupcertificatescanbeusedfordifferentpurposes:
l Restorethecertificatesonthesamenodeastheywereexportedfrom.
l Moveanodetoanothernodeinthesite.Thismeansthattherepositorydatabaseanditsassociated
cryptokeyarereusedonanothernode,butwithnewcertificatesforcommunication.
Backingupcertificates
ProceedasfollowstomakeabackupofthecertificatesonthecentralnodeinaQlikSensesite:
2. EntermmcandclickOK.
3. SelectFile> Add/Remove Snap-in.

4. Double-clickCertificates.
65
5. SelectComputer accountandclickNext.
66

6. SelectLocal computerandclickFinish.
67

8. SelectMy user accountandclickFinish.
9. ClickOK.
68

10. ExpandCertificates (Local Computer)intheleftpanel.
11. ExpandtheTrusted Root Certification AuthoritiesfolderandselecttheCertificatesfolder.

12. Right-clickthecertificatethatisCertificateAuthority(CA)forallnodesintheQlikSensesiteand
selectAll Tasks> Export.TheCAisnamed<machine_that_issued_the_certificate>-CAbydefault.
13. ClickNext.
69
14. SelectYes, export the private keyandclickNext.
70
15. SelectPersonal Information Exchange.

16. TicktheExport all extended propertiesboxandthenclickNext.
71
17. Enterandconfirmapassword.ThenclickNext.
Thepasswordisneededwhenimportingthecertificate.
72
18. Enterafilenameforthe.pfxfileandclickNext.
It is recommended to include the server name in the file name to avoid confusion with
other certificate files.
73
19. ClickFinish.
The.pfxfilethatcontainstheCAforallnodesintheQlikSensesiteisstoredintheselectedlocation.
74
20. Startingatstep11,repeattheprocedureandexporttheservercertificate(thatis,theSSLcertificate),
whichislocatedunderCertificates (Local Computer)> Personal> Certificates.Theserver
certificatea)hasthesamenameastheDomainNameSystem(DNS)nameofthemachine,andb)is
signedbytheCAforallnodesinthesite.
21. Startingatstep11,repeattheprocedureandexporttheclientcertificate(thatis,theIDoftheclient),
whichislocatedunderCertificates - Current User> Personal> Certificates.Theclientcertificateis
namedQlikClientandissignedbytheCAforallnodesinthesite.
22. ClosetheMMCconsole.
Nochangeshavetobesaved.
Restoringcertificates
Incaseofasystemcrash,thecertificatesmayhavetoberestoredonthecentralnodeintheQlikSensesite.
Proceedasfollowstorestorethecertificatesonthecentralnodeinasite:
1. OpentheTaskManagerinMicrosoftWindowsandstopallQlikSenseservicesexcepttheQlikSense
RepositoryDatabase(QRD)service.
75
If you are restoring the certificates as part of the Restoring a site manually (page 56)
procedure, skip this step.

76
77
9. SelectMy user accountandclickFinish.
10. ClickOK.
78
12. Right-clicktheTrusted Root Certification AuthoritiesfolderandselectAll Tasks> Import.
79
13. ClickNext.
14. BrowsetothefilethatcontainsthebackedupCertificateAuthority(CA)forallnodesinthesiteand
thenclickNext.TheCAisnamed<machine_that_issued_the_certificate>-CAbydefault.
80
15. Enterthepasswordforthe.pfxfile(thatis,thepasswordthatwasgivenwhenthefilewasexported).
16. SelectMark this key as exportableandInclude all extended properties.ThenclickNext.
81
17. SelectPlace all certificates in the following storeandclickNext.
82
18. ClickFinish.
83
19. ClicktheRefreshbutton( )andcheckthattheimportedCAisavailableintheTrusted Root
Certification Authoritiesfolder.
20. Startingatstep11,repeattheprocedureandimporttheservercertificatetoCertificates (Local
Computer)> Personal> Certificates.Theservercertificatea)hasthesamenameastheDomain

NameSystem(DNS)nameofthemachine,andb)issignedbytheCAforallnodesinthesite.
21. Startingatstep11,repeattheprocedureandimporttheclientcertificate(thatis,theIDoftheclient)
toCertificates - Current User> Personal> Certificates.TheclientcertificateisnamedQlikClient
andissignedbytheCAforallnodesinthesite.
If you are restoring the certificates as part of the Restoring a site manually (page 56)
procedure, do not start the Qlik Sense services.
the machine.
84

innospecificorder
dependentontheQRS.
4.3 Movinganode
AbackedupservercertificatecanbeusedtomoveanodeinaQlikSensesitetoanothernodeinthesame
sitebymovingtheexistingrepositorydatabaseanditsassociatedcryptokeytothenewnode.
Proceedasfollowstoinstallthecryptokeyfortherepositorydatabaseonanewnodeinthesite:
1. OpentheTaskManagerinMicrosoftWindowsandstopallQlikSenseservicesexcepttheQlikSense
RepositoryDatabase(QRD)service.

85
86
8. ClickOK.
87
10. Right-clickthePersonalfolderandselectAll Tasks> Import.
11. ClickNext.
88
12. Browsetothefilethatcontainsthebackedupservercertificate.Theservercertificatea)hasthesame
nameastheDomainNameSystem(DNS)nameofthemachine,andb)issignedbytheCAforall
nodesinthesite.ThenclickNext.
89
13. Enterthepasswordforthe.pfxfile(thatis,thepasswordthatwasgivenwhenthefilewasexported).
14. SelectMark this key as exportableandInclude all extended properties.ThenclickNext.
90
15. SelectPlace all certificates in the following storeandclickNext.
91
16. ClickFinish.
92
17. ClicktheRefreshbutton( )andcheckthattheimportedservercertificateisavailableinthe
Personalfolder.
the machine.
innospecificorder
dependentontheQRS.
See also:
p
93
5 Security
Security
ThesecurityinQlikSenseconsistsofthefollowingparts:
l Protectionoftheplatform:HowtheQlikSenseplatformitselfisprotectedandhowitcommunicates
andoperates.
l Authentication:Whoistheuserandhowcantheuserproveit?QlikSenseusesstandard
authenticationprotocols(forexample,IntegratedWindowsAuthentication),HTTPheaders,and
ticketingtoauthenticateeveryuserrequestingaccesstodata.
l Authorization:Whatdoestheuserhaveaccessto?Authorizationistheprocedureofgrantingor
denyingusersaccesstoresources.
5.1 Protectingtheplatform
ThesecurityinQlikSensedoesnotdependonlyontheQlikSensesoftware.Italsoreliesonthesecurityof
theenvironmentthatQlikSenseoperatesin.Thismeansthatthesecurityof,forexample,theoperating
systemandthecryptographicprotocols(suchasTLS/SSL)hastobesetupandconfiguredtoprovidethe
securityneededforQlikSense.
Thefigurebelowshowsthecomponentsthathavetobeconsideredinordertomaximizethesecurity.
Networksecurity
ForallQlikSensecomponentstocommunicatewitheachotherinasecureway,theyneedtobuildtrust.
94
5 Security
InQlikSense,allcommunicationbetweentheQlikSenseservicesandclientsisbasedonwebprotocols.The
webprotocolsuseTransportLayerSecurity(TLS)forencryptionandexchangeofinformationandkeysand
certificatesforauthenticationofthecommunicatingparties.
TLSprovidesawaytobuildencryptedtunnelsbetweenidentifiedserversorservices.Thepartiesthat
communicateareidentifiedusingcertificates.Eachtunnelneedstwocertificates;onetoprovetotheclient
thatitiscommunicatingwiththerightserverandonetoprovetotheserverthattheclientisallowedto
communicatewiththeserver.
So,howtomakesurethatthecertificatesarefromthesameQlikSensetrustzone?Allcertificatesthat
belongtoatrustzonearesignedwiththesamesignature.Ifthesignatureexistsinthecertificate,itis
acceptedasproofthatthecertificatebelongstothetrustzone.
Whentheprotectedtunnelsandthecorrectcertificatesareinplace,theQlikSenseserviceshaveatrustzone
tooperatewithin.Withinthetrustzone,onlyservicesthatbelongtothespecificQlikSensesitecan
communicatewitheachother.
TheQlikSenseclientsareconsideredtobeoutsideoftheQlikSensetrustzonebecausetheyoftenrunon
lesstrustedend-userdevices.TheQlikSenseProxyService(QPS)canbridgethetwozonesandallow
communicationbetweentheclientsandtheQlikSenseservices,iftheuserisauthenticatedtothesystem.
TLS-protectedtunnelscanbeusedtosecurethecommunicationbetweentheQlikSenseclientsandthe
QPS.AstheclientsareoutsideoftheQlikSensetrustzone,thecommunicationbetweentheclientsandthe
QPSusesacertificatewithadifferentsignaturethantheoneusedwithinthetrustzone.
See also:
p
Certificate trust (page 99)
95
5 Security
Serversecurity
QlikSenseusestheserveroperatingsystemtogainaccesstoresources.Theoperatingsystemprovidesa
securitysystemthatcontrolstheuseoftheserverresources(forexample,storage,memory,andCPU).Qlik
Senseusesthesecuritysystemcontrolstoprotectitsresources(forexample,files,memory,processes,and
certificates)ontheserver.
Throughtheuseofaccesscontrol,thesecuritysystemgrantsaccesstoQlikSensefiles(forexample,log
files,databasefiles,certificates,andapps)onlytocertainusersontheserver.
Thesecuritysystemalsoprotectstheservermemory,sothatonlyauthorizedprocessesareallowedtowrite
totheQlikSensepartofthememory.
Inaddition,thesecuritysystemisresponsibleforassigninguserstoprocesses.Thisisusedtorestrictwhois
allowedtointeractwiththeQlikSenseprocessesontheserver.Theprocessesarealsorestrictedintermsof
whichpartsoftheoperatingsystemtheyareallowedtoaccess.
96
5 Security
So,byusingthecontrolsinthesecuritysystem,asecureandprotectedenvironmentcanbeconfiguredfor
theQlikSenseprocessesandfiles.
Processsecurity
Eachprocessexecutesinanenvironmentthatposesdifferentthreatstotheprocess.Inthislayerofthe
securitymodel,thefocusisonensuringthatthesoftwareisrobustandthoroughlyanalyzedfromasecurity
perspective.
Ruggedsoftware
Forsoftwaretobeconsideredasrugged,itmustcopewithallpotentialthreatstotheconfidentiality,integrity,
andavailabilityoftheinformation,andberobustwhenusedinwaysnotanticipated.
SeveralmitigatingactionshavebeenimplementedintheQlikSensesoftwareinordertomakeitrugged:
l Authorizationofcommunicationusingcertificates
l Validationofallexternaldatathatissenttothesystem
l Encodingofcontenttoavoidinjectionofmaliciouscode
l Useofprotectedmemory
l Encryptionofdata
l Auditlogging
l Useofchecksums
l Isolatedexecutionofexternalcomponents
l EscapingofSQLdata
Threatanalysis
ToensurethattheQlikSensesoftwareissecureandrugged,threatanalysisofthedesignhasbeen
performedaspartofthedevelopmentprocess.Thefollowingthreatareas,oftenabbreviatedasSTRIDE,
havebeencovered:
l Spoofing
l Tampering
l Repudiation
l Informationdisclosure
l Denialofservice
l Elevationofprivilege
Inadditiontothethreatanalyses,exploratorysecuritytestinghasalsobeenperformedontheQlikSense
software.
Appsecurity
ThemajorcomponentsoftheQlikSenseappsecurityare:
97
5 Security
l Accesscontrolsystem:TheaccesscontrolsystemgrantsusersaccesstotheresourcesinQlikSense.
l Datareduction:Thedatareductionfunctionalityisawaytodynamicallychangewhichdataausercan
view.Thismakesitpossibletobuildappsthatcanbeconsumedbymanyusers,butwithdifferent
datasetsthataredynamicallycreatedbasedonuserinformation.Thereductionofdataisperformed
bytheQlikSenseEngineService(QES).
Usingthesecomponents,theresourcesanddata(thatis,thecontent)consumedbytheQlikSenseuserscan
besecured.
5.2 Authentication
AllauthenticationinQlikSenseismanagedbytheQlikSenseProxyService(QPS).TheQPSauthenticates
allusersregardlessofQlikSenseclienttype.ThismeansthattheQPSalsoauthenticatesusersoftheQlik
ManagementConsole(QMC).
In Qlik Sense, authentication and authorization are two distinct, unconnected actions. In
addition, the sources of information used for authentication do not have to be the same as for
authorization, and the other way around.
QlikSensealwaysasksanexternalsystemtoverifywhotheuserisandiftheusercanproveit.The
interactionbetweenQlikSenseandtheexternalidentityproviderishandledbyauthenticationmodules.
ForamoduletocommunicatewithQlikSense,ithastobetrusted.TransportLayerSecurity(TLS)and
certificateauthenticationareusedtoauthorizeexternalcomponentsforcommunicationwithQlikSense.
InQlikSense,theauthenticationofauserconsistsofthreedistinctsteps:
1. Authenticationmodule:Gettheuseridentityandcredentials.
2. Authenticationmodule:Requestanexternalsystemtoverifytheuseridentityusingthecredentials.
3. TransfertheusertoQlikSenseusingtheTicketAPI,theSessionAPI,headers,orSAML.
Thefirsttwostepsarealwayshandledbytheauthenticationmodule.Itisuptotheauthenticationmoduleto
verifytheuserinanappropriateway.
Thethirdstepcanbeperformedinthefollowingways:
l UsingtheTicketAPI,whichtransferstheuserandtheuser'spropertiesusingaone-timeticket.
l UsingtheSessionAPI,wherebyanexternalmodulecantransferwebsessionsthatidentifytheuser
andtheuser'spropertiestoQlikSense.
l Usingheaders,withwhichatrustedsystemcantransfertheuserusingHTTPheaders.Thisisa
commonsolutionforintegratingwithSingleSign-On(SSO)systems.
l QlikSensecanbeconfiguredtoallowanonymoususers(using,forexample,SAML).
See also:
p
Network security (page 94)
98
5 Security
Defaultauthenticationmodule
AfteradefaultinstallationofQlikSense,theQlikSenseProxyService(QPS)includesamodulethathandles
authenticationofMicrosoftWindowsusers.ThemodulesupportstheuseofKerberos,NTLM,andbasic
authentication.
The default authentication module requires that the proxy that handles the authentication is part
of the Microsoft Windows domain.
Certificatetrust
QlikSenseusescertificatesforauthentication.Acertificateprovidestrustbetweennodeswithinasite.
ThissectiondescribeshowtodeploycertificatesforuseinQlikSense.
Architecture
CertificatesareusedwithinaQlikSensesitetoauthenticatecommunicationbetweenservicesthatresideon
differentnodes.Inaddition,certificatescanbeusedtobuildatrustdomainbetweenservicesthatarelocated
indifferentdomainsorareas(forexample,internalnetworks,extranets,andInternet)withouthavingtoshare
aMicrosoftActiveDirectory(AD)orotheruserdirectories.
ThearchitectureisbasedonthemasterQlikSenseRepositoryService(QRS)onthecentralnodeactingas
thecertificatemanagerorCertificateAuthority(CA).ThemasterQRScreatesanddistributescertificatesto
allnodeswithinasite.ThemasterQRSisthereforeanimportantpartofthesecuritysolutionandhastobe
managedfromasecurelocationtokeepthecertificatesolutionsecure.
Therootcertificatefortheinstallationisstoredonthecentralnodeinthesite,wherethemasterQRSruns.
AllnodeswithQlikSenseservicesthataretobeusedwithinthesitereceivecertificatessignedwiththeroot
certificatewhenaddedtothemasterQRS.ThemasterQRS(thatis,theCA)issuesdigitalcertificatesthat
containkeysandtheidentityoftheowner.Theprivatekeyisnotmadepubliclyavailableitiskeptsecretby
99
5 Security
thenodes.ThecertificateenablestheservicesinaQlikSensedeploymenttovalidatetheauthenticityofthe
otherservices.ThismeansthatthemasterQRSisresponsibleformakingsurethataservicethatisdeployed
onanodeisaservicewithinthesite.
Afterthenodeshavereceivedcertificates,thecommunicationbetweentheQlikSenseservicesisencrypted
usingTransportLayerSecurity(TLS)encryption.
Requirements
Therequirementsdescribedinthissectionmustbefulfilledforthecertificatetrusttofunctionproperly.
General
WhenusingTransportLayerSecurity(TLS)inMicrosoftWindowsenvironments,theprivatekeymustbe
storedtogetherwiththecertificateintheWindowscertificatestore.Inaddition,theaccountthatisusedto
runtheQlikSenseservicesmusthavepermissiontoaccessthecertificateprivatekey.
Communicationports
Tosetupcertificatetrust,theQlikSenseRepositoryServices(QRSs)requirethattheportslistedinthe
followingtablecanbeopenedandusedforcommunication.Ifanycommunicationpassesthroughanetwork
firewall,theportsinthefirewallmustbeopenedandconfiguredfortheservices.
Port
no.
4570
Description
Certificatepasswordverificationport,onlyusedwithinmulti-nodesitesbyQlikSenseRepository
Services(QRSs)onrimnodestoreceivethepasswordthatunlocksadistributedcertificate.The
portcanonlybeaccessedfromlocalhostanditisclosedimmediatelyafterthecertificatehasbeen
unlocked.Thecommunicationisalwaysunencrypted.
ThisportusesHTTPforcommunication.
100
5 Security
Port
no.
4444
Description
Securitydistributionport,onlyusedbyQlikSenseRepositoryServices(QRSs)onrimnodesto
receiveacertificatefromthemasterQRSonthecentralnode.Thecommunicationisalways
unencrypted,butthetransferredcertificatepackageispassword-protected.
ThisportusesHTTPforcommunication.
See:Ports overview (page 23)
Unlockingdistributedcertificates
Whenaddinganewrimnodetoasite,thedistributedcertificateneedstobeunlocked.
See also:
p
Node (page 13)
ConfirmingcertificatesusingMicrosoftManagementConsole
CertificatescanbevisuallyconfirmedintheMicrosoftManagementConsole(MMC)withthecertificatesnapinadded.
Ifthecertificateshavebeenproperlydeployed,theyareavailableinthelocationslistedinthetable.
Certificate
Location
QlikClient
Certificates - Current User> Personal> Certificates
<fullcomputername>CA
Certificates - Current User> Trusted Root Certification

Authorities> Certificates
<fullcomputername>CA
Certificates (Local Computer)> Trusted Root Certification

Authorities> Certificates
<computername>
Certificates (Local Computer)> Personal> Certificates
Handlingofcertificateswhenaservicestarts
ThissectiondescribeshowthecertificatesarehandledwhenaQlikSenseservicestarts.
Clientcertificate
ThissectiondescribeshowthemasterQlikSenseRepositoryService(QRS)onthecentralnodeinasite
handlestheclientcertificatewhenaQlikSenseservicestarts.
TheclientcertificateislocatedinthefollowingplaceintheMicrosoftWindowscertificatestore:
Current User> Personal> Certificates
101
5 Security
WhenaQlikSenseservicestarts,theQRSsearchesthecertificatestoretoseeifthereareanyQlikSense
certificates.Dependingontheresultsofthesearch,theQRSdoesthefollowing:
l Ifnoclientcertificateisfound,theQRScreatesanewcertificate.
l Ifonlyoneclientcertificateisfound,theQRSchecksifitisvalid.Ifthecertificateisnotvalid,theQRS
deletesthecertificateandcreatesanewone.Inaddition,theQRSlogsthataninvalidcertificatewas
foundanddeleted.
l Ifmorethanoneclientcertificateisfound,theQRSdeletesallcertificatesandcreatesanewone.
Duplicatesarenotallowed.Inaddition,theQRSlogsthenumberofvalidandinvalidcertificatesthat
werefoundanddeleted.
Servercertificate
handlestheservercertificatewhenaQlikSenseservicestarts.
TheservercertificateislocatedinthefollowingplaceintheMicrosoftWindowscertificatestore:
Local Computer> Personal> Certificates

l Ifnoservercertificateisfound,theQRScreatesanewcertificate.
l Ifonlyoneservercertificateisfound,theQRSchecksifitisvalid.Ifthecertificateisnotvalid,the
QRSdeletesthecertificateandcreatesanewone.Inaddition,theQRSlogsthataninvalidcertificate
wasfoundanddeleted.
l Ifmorethanoneservercertificateisfound,theQRSdeletesallcertificatesandcreatesanewone.
Duplicatesarenotallowed.Inaddition,theQRSlogsthenumberofvalidandinvalidcertificatesthat
werefoundanddeleted.
Rootcertificate
handlestherootcertificatewhenaQlikSenseservicestarts.
TherootcertificateislocatedinthefollowingplacesintheMicrosoftWindowscertificatestore:
Current User> Trusted Root Certification Authorities> Certificates

Local Computer> Trusted Root Certification Authorities> Certificates
l Ifnorootcertificateisfound,theQRScreatesanewcertificate.
l Ifonlyonerootcertificateisfound,theQRSchecksifitisvalid.Ifitisnotvalid,theQRSlogsafatal
errorthataninvalidrootcertificatewasfound,whichmeansthattheserviceisshutdownandthatthe
administratormanuallyhastodeleteanyunwantedcertificates.Inaddition,theQRSlogsinformation
onthecertificatesthatareaffectedbythis.
102
5 Security
l Ifmorethanonerootcertificateisfound,theQRSlogsafatalerrorthataninvalidrootcertificatewas
found,whichmeansthattheserviceisshutdownandthattheadministratormanuallyhastodelete
anyunwantedcertificates.Inaddition,theQRSlogsinformationonthecertificatesthatareaffected
bythis.
In order not to break any certificate trust between machines, the QRS does not remove any
root certificates. It is up to the administrator to decide on what to do with invalid root
certificates.
See also:
p
Services (page 13)
Definitionofinvalidcertificate
Thedefinitionofaninvalidcertificateisasfollows:
l Theoperatingsystemconsidersthecertificatetobetoooldorthecertificatechainisincorrector
incomplete.
l TheQlikSensecertificateextension(OID1.3.6.1.5.5.7.13.3)ismissingordoesnotreflectthe
locationofthecertificate:
l CurrentUser/Personalcertificatelocation:Client
l LocalMachine/Personalcertificatelocation:Server
l LocalMachine/TrustedRootcertificatelocation:Root
l CurrentUser/TrustedRootcertificatelocation:Root
l Theserver,client,androotcertificatesonthecentralnodedonothaveaprivatekeythattheoperating
systemallowsthemtoaccess.
l Theserverandclientcertificatesarenotsignedbytherootcertificateonthemachine.
Maximumnumberoftrustedrootcertificates
WhenaQlikSenseservicestarts,itchecksthenumberoftrustedrootcertificatesonthemachinewhereitis
running.Iftherearemorethat300certificatesonthemachine,warningmessagescontainingthefollowing
informationarelogged:
l Therearetoomanyrootcertificatesfortheservicetotrust.
l TheMicrosoftWindowsoperatingsystemwilltruncatethelistofcertificatesduringtheTransport
LayerSecurity(TLS)handshake.
IftheQlikSenserootcertificate(<host-machine>-CA)thattheQlikSenseclientcertificatebelongstois
deletedfromthelistofcertificatesbecauseofthetruncation,theservicecannotbeauthenticated.
Tomanuallyviewtherootcertificatesonamachine,opentheMicrosoftManagementConsole(MMC)andgo
toCertificates (Local Computer)> Trusted Root Certification Authorities.
Authenticationsolutions
ThissectiondescribesvariousauthenticationsolutionsforQlikSense.
103
5 Security
Ticketsolution
Theticketsolutionissimilartoanormalticket.Theuserreceivesaticketafterhavingbeenverified.Theuser
thenbringsthetickettoQlikSenseand,iftheticketisvalid,isauthenticated.Inordertokeepthetickets
secure,thefollowingrestrictionsapply:
l Aticketisonlyvalidforashortperiodoftime.
l Aticketisonlyvalidonce.
l Aticketisrandomandthereforehardtoguess.
AllcommunicationbetweentheauthenticationmoduleandtheQlikSenseProxyService(QPS)uses
TransportLayerSecurity(TLS)andmustbeauthorizedusingcertificates.
Thefigurebelowshowsatypicalflowforauthenticatingauserwithtickets.
1. TheuseraccessesQlikSense.
2. QlikSenseredirectstheusertotheauthenticationmodule.Theauthenticationmoduleverifiesthe
useridentityandcredentialswithanidentityprovider.
3. Oncethecredentialshavebeenverified,aticketisrequestedfromtheQPS.Additionalproperties
maybesuppliedintherequest.
4. Theauthenticationmodulereceivesaticket.
104
5 Security
5. TheuserisredirectedbacktotheQPSwiththeticket.TheQPSchecksthattheticketisvalidandhas
nottimedout.
6. Aproxysessioniscreatedfortheuser.
7. Theuserisnowauthenticated.
Sessionsolution
ThesessionsolutionallowstheQlikSenseProxyService(QPS)touseasessionfromanexternalsystemto
validatewhotheuseris.
AllcommunicationbetweentheauthenticationmoduleandtheQPSusesTransportLayerSecurity(TLS)
andmustbeauthorizedusingcertificates.
Thefigurebelowshowsatypicalflowforauthenticatingauserusingasessionfromanexternalsystem.
1. Theuseraccessestheidentityprovider,which,forexample,canbeintegratedintoaportal.The
identityprovidergetstheuseridentityandcredentialsandthenverifiesthem.Afterthat,theidentity
providercreatesanewsession.
2. TheidentityproviderregistersthesessiontokenwiththeQlikSensesessionmodule.
3. Theidentityprovidersetsthesessiontokenasasessioncookie.
4. TheuseraccessestheQPStogetcontent(forexample,throughaniframeintheportal).
5. TheQPSvalidatesthesessiontothesessionmodule.
6. Ifthesessionisvalidandhasnotyettimedout,theuserisauthenticated.
105
5 Security
The name of the session cookie used by the authentication module can be configured in the
Qlik Management Console (QMC).
Headersolution
HeaderauthenticationisoftenusedinconjunctionwithaSingleSign-On(SSO)systemthatsuppliesa
reverseproxyorfilterforauthenticatingtheuser.
Thefigurebelowshowsatypicalflowforauthenticatingauserusingheaderauthentication.
1. Theuseraccessesthesystemandauthenticatestothereverseproxy.
2. ThereverseproxyinjectstheusernameintoadefinedHTTPheader.Theheadermustbeincludedin
everyrequesttotheQlikSenseProxyService(QPS).
3. Theuserisauthenticated.
For this solution to be secure, the end-user must not be able to communicate directly with the
QPS but instead be forced to go through the reverse proxy/filter.
The name of the HTTP header used for the user can be configured in the Qlik Management
Console (QMC).
106
5 Security
SAML
SecurityAssertionMarkupLanguage(SAML)isanXML-based,open-standarddataformatforexchanging
authenticationandauthorizationdatabetweenparties(forexample,betweenanidentityprovideranda
serviceprovider).SAMListypicallyusedforwebbrowserSingleSign-On(SSO).
HowSAMLworks
TheSAMLspecificationdefinesthreeroles:
l Principal:Typicallyauser
l IdP:Theidentityprovider
l SP:Theserviceprovider
TheprincipalrequestsaservicefromtheSP,whichrequestsandobtainsanidentityassertionfromtheIdP.
Basedontheassertion,theSPdecideswhetherornottoperformtheservicerequestedbytheprincipal.
SAMLinQlikSense
QlikSensesupportsSAMLV2.0by:
l ImplementinganSPthatcanintegratewithexternalIdPs
l SupportingHTTPRedirectBindingandHTTPPOSTBinding
l SupportingSAMLpropertiesforaccesscontrolofresourcesanddata
Anonymoususers
IfanonymoususeofQlikSenseisallowed,userswhoarenotauthenticatedarenotautomaticallyredirected
toanauthenticationmodule.Instead,theuserfirstgetsanonymousaccessandisthen,iftheuserchoosesto
signin,redirectedtotheauthenticationmoduletosupplyuseridentityandcredentials.
5.3 Authorization
Authorizationistheprocedureofgrantingordenyingusersaccesstoresources.
In Qlik Sense, authentication and authorization are two distinct, unconnected actions. In
addition, the sources of information used for authentication do not have to be the same as for
authorization, and the other way around.
InQlikSense,therearetwoauthorizationsystems:
l Accesscontrol:TheaccesscontrolsystemgrantsusersaccesstotheresourcesinQlikSense.The
accesscontrolsystemisimplementedintheQlikSenseRepositoryService(QRS)andindependent
oftheoperatingsystem.
l Datareduction:Thedatareductionfunctionalityisawaytodynamicallychangewhichdataausercan
view.Thismakesitpossibletobuildappsthatcanbeconsumedbymanyusers,butwithdifferent
datasetsthataredynamicallycreatedbasedonuserinformation.Thereductionofdataisperformed
bytheQlikSenseEngineService(QES).
Thetwoauthorizationsystemsareunconnectedandconfiguredseparately.
107
5 Security
Accesscontrol
Thissectiondescribesthedifferenttypesofaccesscontrol:
l Resourceaccesscontrol:Istheuserallowedtoaccesstheapp?Whichfunctionsintheappistheuser
allowedtouse(forexample,printing,exporting,andsnapshots)?
l Administratoraccesscontrol:Whichaccessrightsareneededforthedifferentrolesand
responsibilitiesoftheadministrators?
Resourceaccesscontrol
TheresourceaccesscontrolsysteminQlikSenseisbasedonproperties.Thismeansthattheaccessis
basedonrulesthatrefertopropertiesconnectedtoresourcesandusersinQlikSense.
AllauthorizationtoresourcesisenforcedbytheQlikSenseRepositoryService(QRS).TheQRSonlygives
otherQlikSenseservicesaccesstoresourcesthatthecurrentuserisallowedtoaccess.
Theresourceaccesscontrolsystemdeterminestheaccessbasedonthefollowingparameters:
l Usernameanduserproperties:TheusernameanduserpropertiesaresuppliedbytheQlikSense
ProxyService(QPS)thatauthenticatedtheuser.
l Action:Themethodthattheuseristryingtoperformonaresource(forexample,create,read,or
print).
l Resource:Theentitythattheuseristryingtoperformanactionon(forexample,app,sheet,or
object).
l Environment:TheenvironmentissuppliedbytheQPSanddescribes,forexample,time,location,
protection,andthetypeofQlikSenseclientused.
Rules
Thesystemadministratorcansetuprulesfortheresourcesaccesscontrol.Therulesaredividedintothree
parts:
l Resourcefilter:Theresourcesthattheruleappliesto.
l Condition:Alogicalconditionthat,ifevaluatedastrue,grantsaccess.
l Action:Theactionthattheuserisallowedtoperform,iftheconditionistrue.
Propertiesconnectedtoresourcesorusersmaybeusedintherules.Examplesofpropertiesincludethe
nameofuserorresource,typeofresource,andActiveDirectorygroupsforusersorcustom-defined
properties.
108
5 Security
Streams
TomakethemanagementoftheQlikSenseauthorizationsystemsefficient,appscanbegroupedinto
streams.Fromanauthorizationperspective,astreamisagroupingofappsthatagroupofusershasread
(oftenreferredtoassubscription)orpublishaccessto.
Bydefault,QlikSenseincludesthefollowingstreams:
l Everyone:Allusershavereadandpublishrightstothisstream.
l Monitoringapps:ContainsanumberofappsformonitoringofQlikSense.
StreamsarecreatedandmanagedintheQlikManagementConsole(QMC).
109
5 Security
Administratoraccesscontrol
Inadditiontosettinguptheaccesscontrolfortheusers,itisimportanttoconfiguretheaccesscontrolforthe
administratorssothattheygetaccessrightsintheQlikManagementConsole(QMC)thatcorrespondtotheir
rolesandresponsibilities.
Commonadministratorrolesinclude:
l RootAdmin:FullaccesstoallQlikSenseresources.
l AuditAdmin:Readaccesstoallresources.
l ContentAdmin:Fullaccesstoallresourcesexceptnodes,engines,repositories,schedulers,and
syncs.
l DeploymentAdmin:Fullaccesstoapps,tasks,licenses,nodes,repositories,schedulers,proxies,
virtualproxies,andengines.
l SecurityAdmin:SameasContentAdmin,butwithfullaccesstoproxiesandvirtualproxiesandno
accesstotasks.
Datareduction
Datareductionisusedtodeterminewhichdataauserisallowedtosee:allofitorjustpartsofit?
Thedatareductionfunctionalityisawaytodynamicallychangewhichdataausercanview.Thismakesit
possibletobuildappsthatcanbeconsumedbymanyusers,butwithdifferentdatasetsthataredynamically
createdbasedonuserinformation.ThereductionofdataisperformedbytheQlikSenseEngineService
(QES).
Thedefinitionofaccessrightsforsectionaccessismaintainedintheappsandconfiguredthroughtheload
script.
110
5 Security
5.4 Securitysummary
ThissectionprovidesasummaryoftheQlikSensesecuritysystem.
Authentication
QlikSensesupportsauthenticationinthefollowingways:
l TheusersareauthenticatedbytheQlikSenseProxyService(QPS).
l TheQPSsupportstheuseofmultipleproxiesandeachproxycanusemultipleauthentication
methodsoveranetworkprotectedbyTransportLayerSecurity(TLS).
Authorization
QlikSensesupportsauthorizationinthefollowingways:
l Inter-servercommunicationisauthorizedthroughTransportLayerSecurity(TLS)usingcertificatesfor
authentication.
l TheQlikSenseRepositoryService(QRS)providesproperty-basedaccesscontrolofusercontent.
l Authorizationtodataismanagedusingsectionaccess.
Auditing
QlikSensesupportsauditinginthefollowingways:
l Therepositorydatabasestoresinformationaboutwhenthedatabasewaslastchangedandwho
madethechange.
l Theloggingframeworkprovidesauditandsecuritylogs.
l Thelogsarecentrallystored.
l ThelogformatisresistanttoinjectionfromtheQlikSenseclients.
l Thelicenselogsaresignedwithasignaturetoprotectthemfromtampering.
Confidentiality
QlikSensesupportsconfidentialityinthefollowingways:
l ThenetworkusesTransportLayerSecurity(TLS)forencryptionandcertificatesforauthentication.
l Thelocallystoredinformationonanode,includingQlikSensecontent,isprotectedbytheoperating
systemusingserveraccesscontrolandfilesystemcontrols.
l TheprocessmemoryandloadeddataforQlikSenseareprotectedbythephysicalserverandthe
operatingsystemcontrols.
l Theappsaresecuredusingaccesscontrolontheresourcelevel.
l Sensitiveinformation(forexample,passwordsandconnectionstrings)thatisusedtoaccessexternal
datasourcesisstoredwithencryption.
l Theappdataisprotectedusingdatareduction.
111
5 Security
Integrity
QlikSensesupportsintegrityinthefollowingways:
l Storeddataisprotectedusingtheoperatingsystemcontrols(forexample,thefilesystem).
l Sensitiveinformation(forexample,passwordsandconnectionstrings)thatisusedtoaccessexternal
datasourcesisstoredwithencryption.
l QlikSensedoesnotsupportwritebacktothesourcesystem(thatis,theQlikSenseclientscannot
editthedatasources).
Availability
QlikSensesupportsavailabilityinthefollowingways:
l Thenodesinamulti-nodesiteareresilientbydesign.Eachnodehasalocalcopyofthedatathatit
needstofulfillitsrole,whichmeansthatthenodecanoperateindependentlyintheeventofaserver
ornetworkfailure.
l TheQlikSenseprotocolsaredesignedtobefaulttolerant.
l QlikSensesupportsloadsharingandfailoverbetweenservers.
Securityexample:Openinganapp
ThefigurebelowshowstheflowintheQlikSensesecuritysystemwhenauserlogsinandopensanapp.
112
5 Security
1. Authentication:TheauthenticationmoduleintheQlikSenseProxyService(QPS)handlesthe
authentication.Thecredentialsprovidedbytheuserareverifiedagainstinformationfromtheidentity
provider(forexample,adirectoryservicesuchasMicrosoftActiveDirectory).
2. Sessioncreation:Whentheusercredentialshavebeensuccessfullyverifiedbytheauthentication
module,asessioniscreatedfortheuserbythesessionmoduleintheQPS.
3. Accesscontrolsystem:Whentheusertriestoopenanapp,theQlikSenseEngineService(QES)
requeststheQlikSenseRepositoryService(QRS)tocheckiftheuserisauthorizedtoperformthe
action.TheQRSthencheckstherepositorydatabase,where,amongotherthings,allusersand
accessrightsarestored.
TheusersareimportedintotherepositorydatabasefromoneormoreUserDirectories(UDs)(for
example,MicrosoftActiveDirectory)usingQlikSenseUserDirectoryConnectors(UDCs).Theimport
istriggeredbytheQlikSenseSchedulerService(QSS)andtheintervalsin-betweenimportscanbe
scheduled.
4. Dynamicdatareduction:WhentheuserhasbeensuccessfullyauthorizedbytheQRS,theappis
opened.Beforethedataisdisplayedtotheuser,theQESperformsadynamicdatareduction,where
thedatathattheuserisallowedtoseeisprepared.
See also:
p
App security (page 97)
113
6 Logging
Logging
ThelogmessagesproducedbyQlikSenseprovideimportantinformationthatcanbeusedtodetectsecurity
incidents,operationalproblems,andpolicyviolations.
Theloggingisbasedonthelog4netcomponentinApacheLoggingServices.ThismeansthatQlikSense
usesastandardizedloggingframeworkandconformstostandardloggingprocedures.
6.1 Newloggingframework
AnewloggingframeworkwasintroducedinQlikSenseversion2.0.Unlessotherwisestated,the
documentationdescribesthenewloggingframework.
6.2 Legacyloggingframework
ThelegacyloggingframeworkisstillavailableinQlikSense,butthelogsareasofQlikSenseversion2.0
referredtoastracelogs.Thelogfilesremainthesame,buttheyarestoredinanewlocation.
See:Trace logs (page 130)
6.3 ReadingandanalyzinglogfilesinQlikSense
ThelogfilescanbereadandanalyzedusingQlikSense,whichincludesthefollowingpre-defined,log-related
dataconnectionsafterinstallation:
l ServerLogFolder:Linkstotheactivelogfiles.
l ArchivedLogsFolder:Linkstothearchivedlogfiles.
ThedataconnectionscanbeeditedintheQlikManagementConsole(QMC).
Inaddition,userswithroot,security,content,ordeploymentadministratorrightscanusetheQlikSenselog
datainappsbyselectingoneofthedataconnectionslistedaboveinthedataloadeditor.
See also:
ApacheLoggingServices
6.4 Requirements
TherequirementsdescribedinthissectionmustbefulfilledfortheQlikSenseloggingtofunctionproperly.
Securingthefilesystem
Thesystemadministratormustsecurethefilesystemsothatthelogfilescannotbetamperedwith.
114
6 Logging
By default, the account used for the Qlik Sense installation gets full permissions for the log
folder, %ProgramData%\Qlik\Sense\Log, whereas the Users group only gets read permission.
No other accounts or users get any permissions for the log folder.
Synchronizingtime
ThenodeswithinaQlikSensesitemusthavesynchronizedtime.
Forthedateandtimestampstobecorrect,allnodeswithinasitemustbeconfiguredtosynchronizetheir
systemclockswitheitheraninternaloranexternalNetworkTimeProtocol(NTP)servicetoensurethatalllog
entriesaretime-stampedaccurately.NTPisanetworkingprotocolforsynchronizingtheclocksofcomputer
systemsoverpacket-switched,variable-latencydatanetworks.
Settingtimezone
ItisrecommendedthateverynodewithinaQlikSensesiteissettothecorrecttimezonesothatthetime
zonecorrespondstothegeographicallocationofthenode.
6.5 Storage
Thedefaultlogfilesarestoredinfoldersunder%ProgramData%\Qlik\Sense\Log.Thelocallog
configurationfilecanbeusedtosetuptheloggingsothatthelogfilesarealsostoredinanotherlocation.
Logfolder
Thefollowingtabledescribesthecontentsofthe%ProgramData%\Qlik\Sense\Logfolder.
Folder
Subfolder
Files
Description
\AppMigration
Thisfoldercontainslogfilesrelatedtothe
MigrationService.
\BrokerService
ThisfoldercontainslogfilesrelatedtotheBroker
Service.
\DataProfiling
ThisfoldercontainslogfilesrelatedtotheData
ProfilingService.
\Engine
<MachineName>_
Thisisatemporarylogfilethatisusedbythethe
QlikSenseEngineService(QES)untilthelogpipe
totheQlikSenseRepositoryService(QRS)isup
andrunning.
Exit_Engine_
<Date>.txt
Thislogfileisnotarchived.
115
6 Logging
Folder
Subfolder
Files
Description
<MachineName>_
Thisisatemporarylogfilethatisusedbythethe
QlikSenseEngineService(QES)untilthelogpipe
totheQlikSenseRepositoryService(QRS)isup
andrunning.
Start_Engine_
<Date>.txt
Thislogfileisnotarchived.
\Audit
<MachineName>_
Thislogtracksuser-relatedactions.
AuditActivity_
<Service>.txt
<MachineName>_
AuditSecurity_
Thislogcontainsinformationonsecurity-related
actions.
<Service>.txt
\System
<MachineName>_
Service_
Thislogcontainsinformationonserviceand
systemoperations,includingallerrors.
<Service>.txt
\Trace
<MachineName>_
<Facility>_
<Service>.txt
Thetracelogfilesarestoredinthisfolder.
\HubService
ThisfoldercontainslogfilesrelatedtotheHub
Service.
\Printing
\Audit
<MachineName>_
AuditActivity_
<Service>.txt
<MachineName>_
AuditSecurity_
actions.
<Service>.txt
\System
<MachineName>_
Service_
<Service>.txt
\Trace
<MachineName>_
<Facility>_
<Service>.txt
\Proxy
\Audit
<MachineName>_
AuditActivity_
<Service>.txt
116
6 Logging
Folder
Subfolder
Files
Description
<MachineName>_
actions.
AuditSecurity_
<Service>.txt
\System
<MachineName>_
Service_
<Service>.txt
\Trace
<MachineName>_
<Facility>_
<Service>.txt
\QlikSenseCharts
ThisfoldercontainslogfilesrelatedtotheChart
SharingService.
\Repository
\Audit
<MachineName>_
AuditActivity_
<Service>.txt
<MachineName>_
AuditSecurity_
actions.
<Service>.txt
\System
<MachineName>_
Service_
<Service>.txt
\Trace
<MachineName>_
<Facility>_
<Service>.txt
\Scheduler
\Audit
<MachineName>_
AuditActivity_
<Service>.txt
<MachineName>_
AuditSecurity_
actions.
<Service>.txt
\System
<MachineName>_
Service_
<Service>.txt
\Trace
<MachineName>_
<Facility>_
<Service>.txt
\Script
Thisfoldercontainslogfilesrelatedtoappreloads.
117
6 Logging
Archivedlogfiles
Archivedlogfilesarebydefaultstoredin%ProgramData%\Qlik\Sense\Repository\Archived Logsonthe
centralnodeintheQlikSensesite.Archivedlogfileshavethefileextension.log,whereasactivelogfiles
havetheextension.txt.
See also:
p
Local log configuration file (page 146)
6.6 Naming
TheQlikSenselogfilesarenamedinaccordancetothefollowingfilerolloverprocedure:
1. Thelogisstoredinafilenamed<MachineName>_<LogType>_<Service>.txt.
2. Whenthefileisfullorapre-definedamountoftimehaspassed,thefileextensionisautomatically
changedto.logandatimestampisappendedtothefilenameforuniquenessandarchiving.This
meansthatthenewfilenamebecomes<MachineName>_<LogType>_<Service>_<YYYY-MM-
DDTHH.mm.ss>Z.log.Thefileisthenmovedtotherepositorydatabaseonthecentralnodebythe
QlikSenseRepositoryService(QRS)andarchived.
3. Anewlogfile,named<MachineName>_<LogType>_<Service>.txt,iscreated.
If the .log file is deleted before being copied to the repository database on the central node, the
file is lost and cannot be recreated.
Theformatofthefilenameisasfollows:
l <MachineName>=Nameoftheserverwherethelogwascreated.
l <LogType>=Thetypeofeventsthatarecoveredbythelog.
l <Service>=Theservicethatthelogoriginatesfrom(forexample,ProxyorRepository).
l <YYYY-MM-DDTHH.mm.ss>Z=Timestampforwhenthelogfilewasclosedfornewentries,
where:
l YYYY:Year
l MM:Month
l DD:Dayinmonth
l T:Delimiter,timedesignator
l HH:Hour
l mm:Minutes
l ss:Seconds
l Z:UTCdesignator,indicatesthatthetimestampisinUTCformat
118
6 Logging
6.7 Rows
Thefirstrowofeachlogfilecontainsaheaderthat,inturn,containsthenamesofallfields,separatedby
tabs.
EachlogentryisonerowandthecharacterslistedinthefollowingtablearereplacedwithUnicode
characters.
Character
Unicode replacement
Description
\t
\u21d4
Symbolforhorizontaltabulation,HT.
\n
\u2193
Symbolforlinefeed,LF.
\f
\u2192
Symbolforformfeed,FF.
\r
\u21b5
Symbolforcarriagereturn,CR.
6.8 Fields
ThissectiondescribesthefieldsintheQlikSenselogfiles.
Auditactivitylog
Thefollowingtableliststhefieldsintheauditactivitylog,<MachineName>_AuditActivity_<Service>.txt.
The Audit activity log does not include a Severity field. This is because all rows in the log have
the same log level.
Field
Format
Description
Sequence#
Int
1-2147483647bydefault,butcanbeconfiguredusingcustomlogging
asdescribedinAppenders (page 143).Eachrowinthelogstartswitha
sequencenumberthatisusedtoensurethatthelogisnottampered
with(thatis,thatnorowsareinsertedordeleted).Thesequence
numberwrapsa)whenthelastsequencenumberisreached,orb)when
thelogging,forsomereason,isrestartedwithoutthelastsequence
numberbeingreached.
ProductVersion
String
TheversionnumberoftheQlikSenseservice(forexample,1.2.1.3).
119
6 Logging
Field
Format
Description
Timestamp
ISO
8601
TimestampinISO8601format,YYYYMMDDThhmmss.fffK,where:
l YYYY:Year
l MM:Month
l DD:Dayinmonth
l T:Delimiter
l hh:Hour
l mm:Minutes
l ss:Seconds
l fff:Milliseconds
l K:Timezoneoffset
Forexample,20110805T145657.000+0200meansyear2011,month8,
day5at14:56:57GMT+2.
Hostname
String
Thenameoftheserver.
Id
String
Auniqueidentifierofthelogentry(addedbyLog4net).
Description
String
Ahuman-readablemessagethatsummarizestheactioninthesystem.
Format:
Command=<CommandName>;Result=<ReturnCode
(Int)>;ResultText=<Description,Success,orErrormessage>
ProxySessionId
String
TheIDoftheproxysession.
0=Internalsystemcommandoracommandthatdoesnotgothrough
theQPS
ProxyPackageId
String
AuniqueIDofeachHTTP(S)packagethatpassesthroughtheQlik
SenseProxyService(QPS).
theQPS
120
6 Logging
Field
Format
Description
RequestSequenceId
String
ThecombinationofRequestSequenceIdandProxyPackageIdisunique
foreveryrowinalogfileandcreatesthetimelinefortheproxysession.
Thecombinationalsoformsaprimarykeyinthelogfile.
TheinitialRequestSequenceIdisaninteger.Subrequestsarelinkedto
theinitialrequestbyaddingadotandanIDforthesubrequest:
l Initialrequest:RequestSequenceId=1
l Subrequest1basedontheinitialrequest:
RequestSequenceId=1.0
theQlikSenseEngineService(QES)
UserDirectory
String
TheuserdirectorylinkedtotheloggedinQlikSenseuser.
UserId
String
TheQlikSenseuserthatinitiatedthecommand.
System=Internalsystemcommand
ObjectId
String
TheinternalIDoftheobject.Usedtolinksystemactionstouseractions.
0=CannotgettheIDoftheobject
InsomecasestheObjectIdfieldcontainsmultipleIDs,separatedbythe
"|"(pipe)sign.
Example: ObjectId field containing multiple IDs

Logevent:Startreloadtask
ContentsoftheObjectIdfield:ed5715cd-2d7f-44ec-825f44084efb3443|d63c7e4e-6089-4314-b60f-ed47ba6c35cc
l FirstID:TheIDofthetask.
l SecondID:TheIDoftheapp.
121
6 Logging
Field
Format
Description
ObjectName
String
Thehuman-readablenameoftheobject.TheObjectNameislinkedto
theObjectId.
Notavailable=CannotlinktheObjectNametotheObjectIdorthe
ObjectIdismissing
InsomecasestheObjectNamefieldcontainsmultiplenames.
Example: ObjectName field containing multiple names

ContentsoftheObjectNamefield:MyReload|MyApp
l Firstidentifier(MyReload):Thenameofthetask.
l Secondidentifier(MyApp):Thenameoftheapp.
ThelistofObjectNamesalwaysmatchesthelistofObjectIds,meaning
thattheObjectNameinthefirstpositionisidentifiedbytheIDinthe
correspondingpositionoftheObjectIdfield.Inthisexamplethe
followingIDsapply(seealsothedescriptionoftheObjectIdfield):
l MyReload=ed5715cd-2d7f-44ec-825f-44084efb3443
l MyApp=d63c7e4e-6089-4314-b60f-ed47ba6c35cc
Service
String
TheQlikSenseserviceontheserverthathoststheprocess.
Origin
String
Theoriginoftherequest:
l AppAccess
l ManagementAccess
l Notavailable
Context
String
Thecontextofthecommand.
ThecontextcanbeaURLthatislinkedtothecommandorashort
versionofthemodulepathlinkedtothecommand.
Command
String
Thecorenameoftheusecaseorsystemcommand.
Result
String
Returncode:
l 0,200-226:Success
l Anyothernumber:Error
Message
String
Textthatdescribesthelogentry.Iftherequestissuccessful,thisfield
contains"success".
Id2
String
Auniquerowidentifier(thechecksumisaddedbyLog4Net).
122
6 Logging
Auditsecuritylog
Thefollowingtableliststhefieldsintheauditsecuritylog,<MachineName>_AuditSecurity_<Service>.txt.
This log is not available for the Qlik Sense Engine Service (QES).
The Audit security log does not include a Severity field. This is because all rows in the log have
the same log level.
Field
Format
Description
Sequence#
Int
numberbeingreached.
ProductVersion
String
Timestamp
ISO
8601
l YYYY:Year
l MM:Month
l DD:Dayinmonth
l T:Delimiter
l hh:Hour
l mm:Minutes
l ss:Seconds
l fff:Milliseconds
l K:Timezoneoffset
HostName
String
Thenameoftheserver.
Id
GUID
Description
String
Format:
123
6 Logging
Field
Format
Description
ProxySessionId
String
theQPS
ProxyPackageId
String
theQPS
RequestSequenceId
String
UserDirectory
String
UserId
String
124
6 Logging
Field
Format
Description
ObjectId
String
"|"(pipe)sign.

ObjectName
String
theObjectId.
ObjectIdismissing

SecurityClass
String
Acategorizationofthesecurity-relatedinformation:
l Security:Accesstoresources,authentication,authorization
l License:Licenseaccess,licenseusage,licenseallocation
l Certificate:Certificate-relatedinformation
ClientHostAddress
String
Thehostname/IPaddressoftheclient.
125
6 Logging
Field
Format
Description
Service
String
Origin
String
l AppAccess
l ManagementAccess
l Notavailable
Context
String
ThecontextcanbeaURLthatislinkedtothecommandorashort
versionofthemodulepathlinkedtothecommand.
Command
String
Result
String
Returncode:
l 0,200-226:Success
Message
String
contains"success".
Checksum
ID
Eachrowhasachecksum.Thesecuritylogfilealsoincludesafile
signature.
Servicelog
Thefollowingtableliststhefieldsintheservicelog,<MachineName>_Service_<Service>.txt.
Field
Format
Description
Sequence#
Int
numberbeingreached.
ProductVersion
String
126
6 Logging
Field
Format
Description
Timestamp
ISO
8601
l YYYY:Year
l MM:Month
l DD:Dayinmonth
l T:Delimiter
l hh:Hour
l mm:Minutes
l ss:Seconds
l fff:Milliseconds
l K:Timezoneoffset
Severity
String
Rowloglevel,canbeconfiguredusingcustomloggingasdescribedin
Appenders (page 143):
l Debug:Informationusefultodevelopersfordebugging
purposes.Thislevelisnotusefulduringnormaloperationasit
generatesvastamountsoflogginginformation.
l Info:Normaloperationalmessagesthatmaybeharvestedfor
reporting,measuringthroughput,andsoon.Noactionis
required.
l Warn:Notanerrormessage,butanindicationthatanerrorwill
occur,ifnoactionistaken(forexample,thefilesystemis85%
full).
l Error:Messagesregardingunexpectedsituationsanderrorsthat
preventtheserverfromoperatingnormally.
l Fatal:MessagesthattheQlikSenseserviceorapplicationhasto
shutdowninordertopreventdataloss.
HostName
String
Thehostnameoftheserverthatrunstheprocessorexecutesthetask.
Id
GUID
Description
String
Format:
127
6 Logging
Field
Format
Description
ProxySessionId
String
theQPS
ProxyPackageId
String
theQPS
RequestSequenceId
String
UserDirectory
String
UserId
String
128
6 Logging
Field
Format
Description
ObjectId
String
"|"(pipe)sign.

ObjectName
String
theObjectId.
ObjectIdismissing

Service
String
Origin
String
l AppAccess
l ManagementAccess
l Notavailable
129
6 Logging
Field
Format
Description
Context
String
ThecontextcanbeInternalSystemcommandorUserActivity
command(basedonURLforthecommand).
Command
String
Result
Int
Returncode:
l 0,200-226:Success
Message
String
contains"success".
Id2
String
Auniquerowidentifier(thechecksumisaddedbyLog4Net).
QlikSenseEngineServicelogfields
ThefollowingtableliststhefieldsthatareuniquefortheQlikSenseEngineService(QES)logs.
Field
Format
Description
EngineTimestamp
ISO
8601
ThedateandtimewhentheQESwrotethelogmessagetofile.
l YYYY:Year
l MM:Month
l DD:Dayinmonth
l T:Delimiter
l hh:Hour
l mm:Minutes
l ss:Seconds
l fff:Milliseconds
l K:Timezoneoffset
EngineVersion
String
TheversionnumberoftheQESthatexecutedtherequest.
6.9 Tracelogs
ThelegacyloggingframeworkisstillavailableinQlikSense,butthelogsareasofQlikSenseversion2.0
referredtoastracelogs.Thelogfilesremainthesame,buttheyarestoredinanewlocation.
130
6 Logging
Storage
Thetracelogfilesarestoredinthe%ProgramData%\Qlik\Sense\Log\<Service>\Tracefolder.
Naming
Thetracelogfilesarenamedinaccordancetothefollowingfilerolloverprocedure:
1. Thelogisstoredinafilenamed<MachineName>_<Facility>_<Service>.txt.
2. Whenthefileisfullorapre-definedamountoftimehaspassed,thefileextensionisautomatically
changedto.logandatimestampisappendedtothefilenameforuniquenessandarchiving.This
meansthatthenewfilenamebecomes<MachineName>_<Facility>_<Service>_<YYYY-MM-
DDTHH.mm.ss>Z.log.Thefileisthenmovedtotherepositorydatabaseonthecentralnodebythe
QlikSenseRepositoryService(QRS)andarchived.
3. Anewlogfile,named<MachineName>_<Facility>_<Service>.txt,iscreated.
If the .log file is deleted before being copied to the repository database on the central node, the
file is lost and cannot be recreated.
Theformatofthefilenameisasfollows:
l <Machine>=Nameoftheserverwherethelogwascreated.
l <Facility>=Thetypeofeventsthatarecoveredbythelog.
See:Logger (page 134)
l <Service>=Theservicethatthelogoriginatesfrom(forexample,ProxyorRepository).
l <YYYY-MM-DDTHH.mm.ss>Z=Timestampforwhenthelogfilewasclosedfornewentries,
where:
l YYYY:Year
l MM:Month
l DD:Dayinmonth
l T:Delimiter,timedesignator
l HH:Hour
l mm:Minutes
l ss:Seconds
l Z:UTCdesignator,indicatesthatthetimestampisinUTCformat
See also:
p
Logger (page 134)
131
6 Logging
Rows
Thefirstrowofeachlogfilecontainsaheaderthat,inturn,containsthenamesofallfields,separatedby
tabs.
EachlogentryisonerowandthecharacterslistedinthefollowingtablearereplacedwithUnicode
characters.
Character
Unicode replacement
Description
\t
\u21d4
Symbolforhorizontaltabulation,HT.
\n
\u2193
Symbolforlinefeed,LF.
\f
\u2192
Symbolforformfeed,FF.
\r
\u21b5
Symbolforcarriagereturn,CR.
Fields
Thissectiondescribesthefieldsinthetracelogfiles.
Commonfields
Thefollowingtableliststhefields(inorderofappearance)includedinalltracelogfiles.
Field
Description
Sequence#
1-2147483647bydefault,butcanbeconfiguredusingcustomloggingasdescribedin
Appenders (page 143).Eachrowinthelogstartswithasequencenumberthatisused
toensurethatthelogisnottamperedwith(thatis,thatnorowsareinsertedordeleted).
Thesequencenumberwrapseitherwhenthelastsequencenumberisreachedorwhen
thelogging,forsomereason,isrestartedwithoutthelastsequencenumberbeing
reached.
Timestamp
l YYYY:Year
l MM:Month
l DD:Dayinmonth
l T:Delimiter
l hh:Hour
l mm:Minutes
l ss:Seconds
l fff:Milliseconds
l K:Timezoneoffset
Forexample,20110805T145657.000+0200meansyear2011,month8,day5at
14:56:57GMT+2.
132
6 Logging
Field
Description
Level
Rowloglevel,canbeconfiguredusingcustomloggingasdescribedinAppenders (page
143):
l Debug:Informationusefultodevelopersfordebuggingpurposes.Thislevelis
notusefulduringnormaloperationsinceitgeneratesvastamountsoflogging
information.
l Info:Normaloperationalmessagesthatmaybeharvestedforreporting,
measuringthroughput,andsoon.Noactionrequired.
l Warn:Notanerrormessage,butanindicationthatanerrormayoccur,ifno
actionistaken(forexample,thefilesystemis85%full).Eachitemmustbe
resolvedwithinagiventime.
l Error:Non-urgentfailuresthatarerelayedtodevelopersoradministrators.Each
itemmustberesolvedwithinagiventime.
l Fatal:Indicatesafailureinaprimarysystem(forexample,lossofprimaryISP
connection)andmustbecorrectedimmediately.
l Off:Nologs,exceptforlicenselogs,areproduced.
Hostname
Servername.
133
6 Logging
Field
Description
Logger
Loggerin<Facility>.<Service>.<Fully qualified name of class>format,where:

l <Facility>:
l Application:LogeventsthatarerelatedtotheapprunninginQlikSense.
l Audit:Logeventsthatprovideanaudittrailofausersactivitiesand
administrationoftheQlikSenseplatform.
l Exit:LogeventsthatarerelatedtotheshutdownoftheQlikSense
EngineService(QES).
l License:LogeventsthatarerelatedtotheQlikSenselicense.
l ManagementConsole:LogeventsthatarerelatedtotheQlik
ManagementConsole(QMC).
l Performance:LogeventsthatarerelatedtotheperformanceoftheQlik
Senseplatformorapp.
l QixPerformance:Logeventsthatarerelatedtotheperformanceofthe
QIXprotocolintheQES.
l Security:Logeventsthatarerelatedtosecurityissues.
l Session:Logeventsthatarerelatedtotheterminationofaproxy
session.
l Synchronization:Logeventsthatarerelatedtothesynchronizationofthe
QlikSenseRepositoryService(QRS)instancesinamulti-nodesite.
l System:LogeventsthatarerelatedtotheQlikSenseplatformandnotto
theapprunningontheplatform(forexample,logmessagesrelatedto
theQMC,QRS,QlikSenseProxyService(QPS),andsoon).
l TaskExecution:Logeventsthatarerelatedtotheexecutionoftasksby
theQlikSenseSchedulerService(QSS).
l Traffic:Logeventsthatarerelatedtodebugging.
l UserManagement:Logeventsthatarerelatedtothemanagementofthe
users.
l <Service>:TheQlikSenseservicethatthelogoriginatesfrom(forexample,
QRSorQPS).
l <Fully qualified name of class>:Indicatesthepartoftheservicethat
generatedthelogmessage.
Thread
ThreadnameorManagedThreadID(ifavailable).
Id
GloballyUniqueIdentifier(GUID)forthelogmessage.
ServiceUser
NameoftheuseroraccountusedbytheQlikSenseservice.
Message
Logmessage.
134
6 Logging
Field
Description
Exception
Exceptionmessage.
This field is only present when there is an exception message.

StackTrace
AtracetotheplaceinQlikSensewheretheexceptionoccurred.
This field is only present when the Exception field is present.

ProxySessionId
TheIDoftheproxysessionfortheuser.
This field is not present in all log files.

Id2or
Checksum
ThelastfieldinalogentryeithercontainsanId2oraChecksum:
l Id2:LogmessageGUID(sameasIddescribedearlier).Thisisthenormalvalue.
l Checksum:Toprotectlogsthatcontainsensitiveinformation(forexample,
audit,security,andlicenselogs)fromtampering,thelastfieldinsuchlogentries
containsacryptographichashoftheentirerowuptothehashitself.
See also:
p
Synchronization (page 36)
Additionalfields
Thecommonfieldsarepresentinalltracelogfiles.Sometracelogscontainadditionalfields,whicharelisted
inthissection.Inaddition,optionalfieldscanbedefined.
Applicationlog
Qlik Sense Repository Service (QRS)
ThefollowingfieldsarespecifictotheApplicationlogfortheQRS:
l Application:Thenameoftheapplication(ifthereisanametoassociatewiththelogentry).
Qlik Sense Scheduler Service (QSS)

ThefollowingfieldsarespecifictotheApplicationlogfortheQSS:
l Application:Thenameoftheapplication(ifthereisanametoassociatewiththelogentry).
See also:
p
Common fields (page 132)
135
6 Logging
Auditlog
ThefollowingfieldsarespecifictotheAuditlogfortheQRS:
l Action:Theactionthattheuserperformed(add,update,delete,export).
l ActiveUserDirectory:Theuserdirectoryfortheuser.
l ActiveUserId:TheIDoftheuser.
l ResourceId:TheIDoftheresourceonwhichtheuserperformedtheaction.
Qlik Sense Proxy Service (QPS)

ThefollowingfieldsarespecifictotheAuditlogfortheQPS:
l ConnectionId:TheIDoftheconnection.
See:ActiveConnectionsfieldinPerformance log (page 137)
l TicketId:TheIDoftheloginticketthatwasissuedfortheuser.TheticketIDexistsuntilitisconsumed
bytheQPS.
l IpAddress:TheIPaddressoftheclient.
l AppId:TheIDoftheapp(emptyifnoappisloaded).
l TargetHost:ThecallfromtheclientisforwardedtoaQlikSenseEngineService(QES)orQRS.This
fieldcontainsthenameofthemachineonwhichtheserviceisrunning.
l VirtualProxy:Thevirtualproxyprefixin{prefix}format.
Qlik Sense Engine Service (QES)

ThefollowingfieldsarespecifictotheAuditlogfortheQES:
l EngineTimestamp:ThetimewhentheQESwrotethelogmessagetofile.
l EngineThread:TheIDofthethreadthatwasusedwhentheQESwrotethelogmessagetofile.
l ProcessId:TheIDoftheQESprocessfromwhichthelogmessageoriginates.
l ServerStatus:ThetimewhentheQESstarted.
l AppId:TheIDoftheapp.
l Type:Thetypeofoperationthattheuserperformedtogeneratetheauditmessage.
l QlikSenseUser:Theuserwhogeneratedtheauditmessage.
See also:
p
136
6 Logging
Licenselog
ThefollowingfieldsarespecifictotheLicenselogfortheQRS:
l AccessTypeId:TheIDoftheaccesstypeentity.
l AccessType:Thenameoftheaccesstype(LoginAccessorUserAccess).
l Operation:Theoperationthatwasperformed(Add,Update,Delete,UsageGranted,UsageDenied,
Available,Timedout,orUnquarantined).
l UserName:Thenameoftheuser(who,forexample,usesanaccesspass).
l UserId:TheIDoftheuserinQlikSense.
See also:
p
Performancelog
ThefollowingfieldsarespecifictothePerformancelogfortheQRS:
l Tracenumber:AuniqueIDforthecalltotheQRSRESTAPI.
l Httpmethod:TheHTTPmethodthatwasused(Get,Put,Post,orDelete).
l Url:TheURLthatwasused.
l Resourcetype:Thetypeofresource.
l Method:Thebackendcodethatwascalled.
l Elapsedmilliseconds:Thetime(inmilliseconds)tocompletethecalltotheQRSRESTAPI.
Example: Get http://mytest/cars/4

l Httpmethod:Get
l Url:http://mytest/cars/4
l Resourcetype:cars
l Method:get/cars/{0}
Qlik Sense Proxy Service (QPS)

ThefollowingfieldsarespecifictothePerformancelogfortheQPS:
l ActiveConnections:Thenumberofactiveconnections(inanyformorshape)fromtheclient.
Aconnectionisastream(thatis,asocket)betweenaQlikSenseclientandtheQlikSenseProxy
Service(QPS).Thisstreamisoftenconnectedtoanotherstream,whichrunsfromtheQPStothe
QlikSenseRepositoryService(QRS)ortheQlikSenseEngineService(QES).Thetwostreamsallow
theclienttocommunicatewiththeQRSortheQES.
137
6 Logging
l ActiveStreams:Thenumberofactivedatastreams(thatis,sockets),eitherfromthebrowsertothe
QPSorfromtheQPStotheQRSortheQES.
l ActiveSessions:ThenumberofactivesessionsintheQPS.
AQlikSenseusergetsaproxysessionwhentheuserhasbeenauthenticated.Thesessionis
terminatedafteracertainperiodofinactivity.
l LoadBalancingDecisions:Thenumberofuserswhocurrentlyhaveatleastoneenginesession.
l PrintingLoadBalancingDecisions:ThenumberofuserswhohavebeenloadbalancedtotheQlik
SensePrintingService(QPR).
l Tickets:Thenumberofissuedloginticketsthathavenotyetbeenconsumed.
l ActiveClientWebsockets:ThenumberofactiveWebSocketsbetweentheclientandtheQPS.
l ActiveEngineWebsockets:ThenumberofactiveWebSocketsbetweentheQPSandthetargetQlik
Senseservice.
The logging entries are also available as metrics; see Metrics (page 16).
Eachentry(thatis,row)inthePerformancelogcorrespondstoasnapshot(thatis,anumberof
measurements)oftheperformanceoftheQESatthegivenpointintime.
ThefollowingfieldsarespecifictothePerformancelogfortheQES:
l ExeType:Theconfigurationtype(releaseordebugversion)oftheQESprocess.
l ExeVersion:TheversionnumberoftheQESprocess.
l ServerStarted:ThetimewhentheQESstarted.
l EntryType:Thereason(ServerStarting,Normal,orServerShuttingDown)forthelogentryinthe
Performancelog.
l ActiveDocSessions:Thenumberofactiveenginesessionsatthegivenpointintime.
l DocSessions:Thenumberofenginesessionsatthegivenpointintime.
l ActiveAnonymousDocSessions:Thenumberofactiveanonymousenginesessionsatthegivenpoint
intime.
l AnonymousDocSessions:Thenumberofanonymousenginesessionsatthegivenpointintime.
l ActiveTunneledDocSessions:Thenumberofactivetunneledenginesessionsatthegivenpointin
time.
l TunneledDocSessions:Thenumberoftunneledenginesessionsatthegivenpointintime.
l DocSessionStarts:Thenumberofstartedenginesessionssincetheprevioussnapshot.
l ActiveDocs:ThenumberofactiveappsintheQESatthegivenpointintime.
138
6 Logging
l RefDocs:ThenumberofappsintheQESatthegivenpointintime.
l LoadedDocs:ThenumberofloadedappsintheQESatthegivenpointintime.
l DocLoads:ThenumberofapploadsintheQESsincetheprevioussnapshot.
l DocLoadFails:ThenumberoffailedapploadsintheQESsincetheprevioussnapshot.
l Calls:ThenumberofcallstotheQESsincetheprevioussnapshot.
l Selections:ThenumberofselectionsintheQESsincetheprevioussnapshot.
l ActiveIpAddrs:ThenumberofIPaddressesofactiveconnectedclientsintheQESatthegivenpoint
intime.
l IpAddrs:ThenumberofIPaddressesofallconnectedclientsintheQESatthegivenpointintime.
l ActiveUsers:ThenumberofactiveusersintheQESatthegivenpointintime.
l Users:ThetotalnumberofusersintheQESatthegivenpointintime.
l CPULoad:AmeasurementoftheloadontheCPUonwhichtheQESrunsatthegivenpointintime.
l VMCommitted(MB):ThecommittedVirtualMemory(inmegabytes)atthegivenpointintime.
l VMAllocated(MB):TheallocatedVirtualMemory(inmegabytes)atthegivenpointintime.
l VMFree(MB):ThefreedVirtualMemory(inmegabytes)atthegivenpointintime.
l VMLargestFreeBlock(MB):ThelargestfreedVirtualMemoryblock(inmegabytes)atthegivenpoint
intime.
See also:
p
QIXperformancelog
ThefollowingfieldsarespecifictotheQIXperformancelogfortheQES:
l CServerId:TheIDoftheserverinstancethathandledtherequest.
l SessionId:TheIDoftheenginesessionforwhichtheQIXmethodcallwasmade.
l Method:ThenameoftheQIXmethodthatwascalled.
l RequestId:TheIDoftherequestinwhichtheQIXmethodcallwashandled.
l Target:ThememoryaddressofthetargetfortheQIXmethodcall.
l RequestException:TheIDofanexception(ifany)thatoccurredasaresultoftheQIXmethodcall.
l ProcessTime:Theamountoftimethatwasneededtoprocesstherequest.
l WorkTime:Theamountoftimethattherequestdidactualwork.
l LockTime:Theamountoftimethattherequesthadtowaitforaninternallock.
139
6 Logging
l ValidateTime:Theamountoftimethattherequestusedforvalidation.
l Handle:TheIDoftheinterfacethathandledtherequest.TheinterfacecanbeGlobal,acertainsheet,
acertainobject,orsimilar.
See also:
p
QlikManagementConsolelog
The Qlik Management Console log is not created until there is an event (for example, an error
message) for the Qlik Management Console (QMC) to write in the log.
ThefollowingfieldsarespecifictotheQlikManagementConsolelogfortheQRS:
l Browser:ThewebbrowserthatisusedtoruntheQMC.
See also:
p
Sessionlog
ThefollowingfieldsarespecifictotheSessionlogfortheQES:
l ExeType:Theconfigurationtype(releaseordebugversion)oftheQESprocess.
l ExeVersion:TheversionnumberoftheQESprocess.
l AppId:TheIDoftheappthatwasloadedbythefinishedenginesession.
l AppTitle:Thetitleoftheloadedappthatwasusedduringthefinishedenginesession.
l DocTimestamp:Thelastmodifiedtimestampoftheappthatwasloadedbythefinishedengine
session.
l QlikSenseUser:Theuserthatstartedthefinishedenginesession.
l ExitReason:Thereasonfortheenginesessiontofinish.
l SessionStart:Thetimewhentheenginesessionstarted.
l SessionDuration:Theduration(inmilliseconds)ofthefinishedenginesession.
140
6 Logging
l CPUSpent(s):TheCPUtime(inseconds)thatwasspenthandlingrequestsduringthefinished
enginesession.
l BytesReceived:Thenumberofbytesofdatathatwerereceivedduringtheenginesession.
l BytesSent:Thenumberofbytesofdatathatweresentduringtheenginesession.
l Calls:Thenumberofcallsthatweremadeduringtheenginesession.
l Selections:Thenumberofselectionsthatweremadeduringtheenginesession.
l AuthenticatedUser:Theauthenticateduserthatusedtheenginesession.
l ClientMachineIdentification:TheIDoftheclientmachinethatopenedtheenginesession.
l SerialNumber:Theserialnumberthatwasusedduringtheenginesession.
l ClientType:Thetypeofclientthatwasusedfortheenginesession.
l ClientBuildVersion:Thebuildversionoftheclient.
l SecureProtocol:Anon/offflagthatindicateswhethertheprotocolwasrunoverasecureconnection.
See also:
p
Systemlog
ThefollowingfieldsarespecifictotheSystemlogfortheQSS:
l TaskName:Thenameofthetaskthatwasexecuted.
l TaskId:TheIDofthetaskthatwasexecuted.
l User:Thenameoftheuserwhoexecutedthetask.WhentheQSSstartsascheduledexecutionofa
task,theQSSislistedasuser.
l ExecutionId:AuniqueIDthatidentifiestheexecutionofthetask.AtaskgetsanewExecutionIdevery
timeitisexecuted.
l AppName:Thenameoftheappthatexecutedthetask(ifany).
l AppId:TheIDoftheappthatexecutedthetask(ifany).

ThefollowingfieldsarespecifictotheSystemlogfortheQES:
l ActiveUserDirectory:Theuserdirectoryfortheactiveuserwhowasloggedinwhenthelogmessage
wasgeneratedintheQES.
l ActiveUserId:TheuserIDfortheactiveuserwhowasloggedinwhenthelogmessagewasgenerated
intheQES.
141
6 Logging
See also:
p
Taskexecutionlog
ThefollowingfieldsarespecifictotheTaskexecutionlogfortheQSS:
l TaskId:AuniqueIDofthetaskthatwasexecuted.
l TaskName:Thenameofthetaskthatwasexecuted.
l AppId:AuniqueIDoftheappthatexecutedthetask(ifany).
l AppName:Thenameoftheappthatexecutedthetask(ifany).
l ExecutionId:AuniqueIDthatidentifiestheexecutionofatask.AtaskgetsanewExecutionIdevery
timeitisexecuted.
l ExecutionNodeId:AuniqueIDthatidentifiesthenodeinthesiteonwhichthespecificexecutionof
thetaskwasperformed.
l Status:Theresultoftheexecutionofthetask(successful,failed,aborted,skipped,orretry).
l StartTime:Thetimewhentheexecutionofthetaskstarted.
l StopTime:Thetimewhentheexecutionofthetaskstopped.
l Duration:Thetime(inmilliseconds)fortheexecutionofthetasktobecompleted.
l FailureReason:Empty,unlessanerroroccurredduringtheexecutionofthetask.
See also:
p
Trafficlog
ThefollowingfieldsarespecifictothetrafficlogfortheQES:
See also:
p
142
6 Logging
6.10 Configuringthelogging
ThestandardlogginginQlikSenseisconfiguredusingtheQlikManagementConsole(QMC).
Customizedloggingissetupusingappendersandthelocallogconfigurationfile,LocalLogConfig.xml.
Appenders
ThelogginginQlikSenseimplementsacustomappender,QSRollingFileAppender,whichisbasedonthe
log4netcomponent.ThecustomappenderisusedinternallybytheQlikSenseloggingsystem.
QSRollingFileAppenderandsomeofthebuilt-in,predefinedappendersinthelog4netframeworkcanbe
usedtoconfigurecustomizedlogging,whichisspecifiedinthelocallogconfigurationfile,
LocalLogConfig.xml.
QSRollingFileAppendercanalsologeventsinthelocallogfile(forexample,theMicrosoftWindowsevent
log)orsendloginformationtoaremotelogserver.
QSRollingFileAppender
QSRollingFileAppenderinheritsfromlog4net.Appenders.FileAppenderandallparameters,exceptfor
AppendToFile,arealsoavailabletoQSRollingFileAppender.QSRollingFileAppenderstoresthelogfilesin
accordancetotheMaxFileSizeandMaxFileTimeparameters.
Configuringtheappender
TheQSRollingFileAppenderconfigurationisasfollows:
<appender name="MyQSRollingFileAppender"
type="Qlik.Sense.Logging.log4net.Appender.QSRollingFileAppender">
<param name="threshold" value="info" />
<param name="encoding" value="utf-8" />
<param name="file" value="C:/ProgramData/Qlik/Sense/Log/output.log"/>
<param name="maximumfiletime" value="720" />
<param name="maximumfilesize" value="512KB" />
<layout type="log4net.Layout.PatternLayout">
<converter>
<param name="name" value="rownum" />
<param name="type" value="Qlik.Sense.Logging.log4net.Layout.Pattern.CounterPatternConverter" />
</converter>
<converter>
<param name="name" value="longIso8601date" />
<param name="type"
value="Qlik.Sense.Logging.log4net.Layout.Pattern.Iso8601TimeOffsetPatternConverter" />
</converter>
<converter>
<param name="name" value="hostname" />
<param name="type" value="Qlik.Sense.Logging.log4net.Layout.Pattern.HostNamePatternConverter" />
</converter>
<converter>
<param name="name" value="guid" />
<param name="type" value="Qlik.Sense.Logging.log4net.Layout.Pattern.GuidPatternConverter" />
</converter>
143
6 Logging
<converter>
<param name="name" value="user" />
<param name="type"
value="Qlik.Sense.Logging.log4net.Layout.Pattern.ServiceUserNameCachedPatternConverter" />
</converter>
<converter>
<param name="name" value="encodedmessage" />
<param name="type" value="Qlik.Sense.Logging.log4net.Layout.Pattern.EncodedMessagePatternConverter"
/>
</converter>
<converter>
<param name="name" value="encodedexception" />
<param name="type"
value="Qlik.Sense.Logging.log4net.Layout.Pattern.EncodedExceptionPatternConverter" />
</converter>
<param name="ignoresexception" value="false" />
<param name="header"
value="Sequence# Timestamp Level Hostname Logger Thread Id User
Message Exception Id2
" />
<param name="conversionpattern" value="%rownum
{9999} %longIso8601date %level %hostname %logger %thread
%guid %user %encodedmessage %encodedexception{innermostmessage} %guid%newline" />
</layout>
</appender>
Converters
log4net.Layout.PatternLayoutandacoupleofcustomconvertersareusedtoformatrowsinlogsbasedon
QSRollingFileAppender:
l Qlik.Sense.Logging.log4net.Layout.Pattern.CounterPatternConverter:Addasequencenumberto
thelogrow.Parameter:
l Integer:Thelastnumberofthesequencebeforeitisreset.
l Qlik.Sense.Logging.log4net.Layout.Pattern.Iso8601TimeOffsetPatternConverter:Addatimestamp
(localtimewithtimeoffsetinISO8601format)tothelogrow.
l Qlik.Sense.Logging.log4net.Layout.Pattern.HostNamePatternConverter:Addthehostnametothelog
row.
l Qlik.Sense.Logging.log4net.Layout.Pattern.GuidPatternConverter:AddaGUIDtothelogrow.
l Qlik.Sense.Logging.log4net.Layout.Pattern.ServiceUserNameCachedPatternConverter:Addthe
usernametothelogrow.
l Qlik.Sense.Logging.log4net.Layout.Pattern.EncodedMessagePatternConverter:Addtheencoded
messagetothelogrow.
l Qlik.Sense.Logging.log4net.Layout.Pattern.EncodedExceptionPatternConverter:Addinformationon
theloggedexceptiontothelogrow.Parameter(oneofthefollowing):
l MESSAGE:Themessageintheloggedexception.
l INNERMOSTMESSAGE:Themessageintheinnermostexceptionoftheloggedexception.
l SOURCE:Thesourceoftheexception(thatis,thenameoftheapportheobjectthatcaused
theerror).
l STACKTRACE:Thestacktracefortheexception.
144
6 Logging
l TARGETSITE:Thetargetsitefortheexception(thatis,themethodthatthrewthecurrent
exception).
l HELPLINK:Linktothehelpfileassociatedwiththeexception.
Built-inlog4netappenders
InadditiontotheQlikSensecustomappender,QSRollingFileAppender,thelog4netframeworkcomeswith
asetofbuilt-inpredefinedappendersthatalsocanbeusedinthelocallogconfigurationfile,
LocalLogConfig.xml:
l AdoNetAppender
l AnsiColorTerminalAppender
l AspNetTraceAppender
l ColoredConsoleAppender
l ConsoleAppender
l EventLogAppender
l FileAppender
l NetSendAppender
l RemoteSyslogAppender
l RemotingAppender
l RollingFileAppender
l SmtpAppender
l SmtpPickupDirAppender
l TelnetAppender
l UdpAppender
Eachappenderhasitsownsetofparameterstocontroltheoutput.
See also:
ApacheLoggingServices
Example:EventLogAppender
ThefollowingexampleshowshowtousetheEventLogAppenderinthelocallogconfigurationfile,
LocalLogConfig.xml,fortheQlikSenseProxyService(QPS).Intheexample,allQPSauditlogentriesat
warninglevelaresenttotheMicrosoftWindowseventlog.
<appender name="EventLogAppender" type="log4net.Appender.EventLogAppender" >
<param name="threshold" value="warn" />
<param name="applicationName" value="Qlik Sense Proxy Service" />
<param name="conversionPattern" value="%message" />
</layout>
</appender>
<logger name="Audit.Proxy">
<appender-ref ref="EventLogAppender" />
</logger>
145
6 Logging
Example:SmtpAppender
ThefollowingexampleshowshowtousetheSmtpAppenderinthelocallogconfigurationfile,
LocalLogConfig.xml,fortheQlikSenseProxyService(QPS).Intheexample,allQPSauditlogentriesat
warninglevelaresenttoanemailaddress(to@domain.com).
<appender name="MyMailAppender" type="log4net.Appender.SmtpAppender">
<param name="threshold" value="warn" />
<param name="to" value="to@domain.com" />
<param name="from" value="from@domain.com" />
<param name="subject" value="test logging message" />
<param name="smtpHost" value="SMTPServer.domain.com" />
<param name="port" value="25" />
<param name="bufferSize" value="512" />
<param name="lossy" value="true" />
<param name="conversionPattern" value="%newline%date %-5level %message%newline%newline%newline" />
</layout>
</appender>
<logger name="Audit.Proxy">
<appender-ref ref="MyMailAppender" />
</logger>
Locallogconfigurationfile
ThelogginginQlikSensecanbesetuptoproducecustomizedloggingasanadditiontothedefaultlogging.
Tosetupcustomizedlogging,createalocallogconfigurationfilenamedLocalLogConfig.xmlinthe
%ProgramData%\Qlik\Sense\<Service>\folder.
The logging defined by the local log configuration file does not affect the default logging.
Requirements
Therequirementsdescribedinthissectionmustbefulfilledforthecustomizedloggingtofunctionproperly.
Conforming to the XML schema

ThelocallogconfigurationfilemustconformtotheXMLschemabecausetheQlikSenseRepositoryService
(QRS),QlikSenseProxyService(QPS),andQlikSenseSchedulerService(QSS)havebuilt-inschema
validation.
Ifthelocallogconfigurationfileisnotacceptedbytheservices,anerrorisloggedintheSystemlog.
Maximum file size

Thesizeofthelocallogconfigurationfilemustnotexceed1MB.
XMLschema
TheXMLschemaforthelocallogconfigurationfile,LocalLogConfig.xml,isasfollows:
146
6 Logging
In this example, the local log configuration file is configured to write the system logs at debug
level in %ProgramData%\Qlik\Sense\Log\Proxy\Debug_System_Proxy.txt.
<?xml version="1.0"?>
<configuration>
<appender name="LocalApp_AppenderSystem"
type="Qlik.Sense.Logging.log4net.Appender.QSRollingFileAppender">
<param name="threshold" value="debug" />
<param name="encoding" value="utf-8" />
<param name="file" value="C:\ProgramData\Qlik\Sense\Log\Proxy\Debug_System_Proxy.txt" />
<param name="maximumfiletime" value="720" />
<param name="maximumfilesize" value="512KB" />
<converter>
<param name="name" value="rownum" />
<param name="type"
value="Qlik.Sense.Logging.log4net.Layout.Pattern.CounterPatternConverter" />
</converter>
<converter>
<param name="name" value="longIso8601date" />
<param name="type"
value="Qlik.Sense.Logging.log4net.Layout.Pattern.Iso8601TimeOffsetPatternConverter" />
</converter>
<converter>
<param name="name" value="hostname" />
<param name="type"
value="Qlik.Sense.Logging.log4net.Layout.Pattern.HostNamePatternConverter" />
</converter>
<converter>
<param name="name" value="guid" />
<param name="type" value="Qlik.Sense.Logging.log4net.Layout.Pattern.GuidPatternConverter"
/>
</converter>
<converter>
<param name="name" value="serviceuser" />
<param name="type"
value="Qlik.Sense.Logging.log4net.Layout.Pattern.ServiceUserNameCachedPatternConverter" />
</converter>
<converter>
<param name="name" value="encodedmessage" />
<param name="type"
value="Qlik.Sense.Logging.log4net.Layout.Pattern.EncodedMessagePatternConverter" />
</converter>
<converter>
<param name="name" value="encodedexception" />
<param name="type"
value="Qlik.Sense.Logging.log4net.Layout.Pattern.EncodedExceptionPatternConverter" />
</converter>
<param name="ignoresexception" value="false" />
<param name="header" value="Sequence# Timestamp Level Hostname
Logger Thread Id ServiceUser Message Exception
ActiveUserDirectory ActiveUserId ProxyTimestamp ProxyThread
147
6 Logging
Id2
" />
<param name="conversionpattern" value="%rownum{9999} %longIso8601date
%level %hostname %logger %thread %guid %serviceuser
%encodedmessage{1000000} %encodedexception{innermostmessage:1000000}
%property{ActiveUserDirectory} %property{ActiveUserId}
%property{ProxyTimestamp} %property{ProxyThread} %guid%newline" />
</layout>
</appender>
<logger name="System.Proxy">
<appender-ref ref="LocalApp_AppenderSystem" />
</logger>
</configuration>
See also:
p
Converters (page 144)
148
7 Licensing
Licensing
ThelicensinginQlikSenseisbasedontokens,whichareusedtoallocateaccesspassesthatallowusersto
accessQlikSense.Therearedifferenttypesofaccesspassestochoosefromandeachtypecorrespondstoa
specificconsumptionmodelforaccessingQlikSense.
The tokens used in Qlik Sense are not compatible with the Client Access Licenses (CALs)
used in QlikView. In addition, QlikView licenses cannot be used in Qlik Sense.
7.1 LicenseEnablerFile
TheQlikSenselicensingisadministeredusingaLicenseEnablerFile(LEF),whichholdsthenumberof
tokensavailableforthecentralnodeinasite.ThismeansthataQlikSensesiteneedsatleastone(1)LEF.
TheLEFcanbedownloadedwhentheserialnumberandthecontrolnumberhavebeenenteredintheQlik
ManagementConsole(QMC).TheLEFcanalsobepasteddirectlyintotheQMC,if,forexample,nonetwork
connectionisavailable.
Increaseintokens
WhenthenumberoftokensintheLEFincreases(forexample,whenbuyingadditionaltokens),thenew
tokensareaddedtothepoolofunallocatedtokensthatcanbeusedtoallocateaccesspassesthatallow
userstoaccessQlikSense.
Decreaseintokens
WhenthenumberoftokensintheLEFdecreases,thefollowinghappens:
1. Unallocatedtokensareremoved.
2. Ifstep1isnotenoughtomeetthedecreasednumberoftokensintheLEF,anytokensthatarefreed
upbyremovalofaccesspassescannotbeusedfornewallocationsuntilthenumberofallocated
tokensisbelowthenewnumbersetintheLEF.
See:Removing access passes (page 152)
7.2 Accesspasses
ThelicensinginQlikSenseisbasedontokens,whichareusedtoallocateaccesspassesthatallowusersto
accessQlikSense.Therearedifferenttypesofaccesspassestochoosefromandeachtypecorrespondstoa
specificconsumptionmodelforaccessingQlikSense.
AuserconnectionisthecombinationofdeviceandbrowserthatisusedbyasingleusertoconnecttoQlik
Sense.IfauserwhoalreadyhasauserconnectionconnectstoQlikSensefromanotherbrowserordevice,
anadditionaluserconnectionisestablished.
ThefollowingtableliststhetypesofaccesspassesthatareavailableinQlikSense.
149
7 Licensing
Access
type
User
access
pass
Description
Thistypeofaccesspassallowsauniqueandidentifiedusertoaccessthehub.
TheaccesspassisvalidwithinanentireQlikSensesite.Forexample,ifauserfirstconnectsto
anodeintheUSAandthen,atalaterstage,connectstoanodeintheUK,theuserconsumes
thesameaccesspass,ifthetwonodesareconnectedtothesamecentralnode.
See:Site (page 11)
Themaximumnumberofparalleluserconnectionsforasingleuserofthistypeofaccesspass
isfive(5).Whenauserwiththemaximumnumberofparalleluserconnectionsendsa
connection(forexample,byloggingout)fiveminutesmustpassbeforetheusercanusethe
accesspasstoaddanotherconnection(forexample,byloggingin).
One(1)tokencorrespondstoone(1)accesspass.Theaccesspassesareallocatedusingthe
QlikManagementConsole(QMC).
Login
access
pass
Thistypeofaccesspassallowsanidentifiedoranonymoususertoaccessthehubfora
maximumof60continuousminutesper28-dayperiod.Iftheuserexceedsthe60minutestime
limitation,theuserconnectiondoesnottimeout.Instead,anotherloginaccesspassisused.If
nomoreloginaccesspassesareavailable,theuserconnectionisdiscontinued.
Ifanidentifieduserisdisconnected,theusercanre-connectandcontinuetousethesame
accesspass,ifre-connectingwithinthe60minutes.Ifananonymoususerisdisconnected,the
usergetsanewaccesspasswhenre-connecting.
Theloginaccesspasstracksthenumberofloginsandrunsover28days.Forexample,if1000
loginsareassignedtoGroupA,theusersinGroupAcanuse1000loginsover28days.If100
loginsareconsumedonDay1,the100loginsareavailableagainonDay29.
Themaximumnumberofparalleluserconnectionsforasingleuserofthistypeofaccesspass
isfive(5).Notethatthisonlyappliestoidentifiedusers.Ananonymoususercanonlyhaveone
(1)userconnection.Whenauserwiththemaximumnumberofparalleluserconnectionsendsa
connection(forexample,byloggingout)fiveminutesmustpassbeforetheusercanusethe
accesspasstoaddanotherconnection(forexample,byloggingin).However,ausercanhave
moreconnectionsthanallowedbyasingleaccesspassbyconsumingadditionalaccesspasses.
One(1)tokencorrespondstoten(10)accesspasses.Theaccesspassesareallocatedusing
loginaccessgroupsintheQMC.
Allocationofaccesspasses
ThefollowingfigureshowshowtheQlikManagementConsole(QMC)isusedtomanagetheallocationof
accesspasses.
150
7 Licensing
Loginandlogout
Login
WhenauserlogsintoQlikSense,anaccesspassoftheapplicabletypeisusedtoprovidetheuserwith
accesstoQlikSense.
Logout
WhenauserlogsoutofQlikSense,thefollowinghappensdependingonthetypeofaccesspassused:
151
7 Licensing
l Useraccesspass:Theaccesspassisnotaffectedwhentheuserlogsout.
l Loginaccesspass:TheaccesspassthatwasusedtoaccessQlikSenseisconsideredtobeusedand
willnotbeavailableforanewloginuntiltheperiodspecifiedinLogin access pass (page 150)has
passed.
Removingaccesspasses
Thissectiondescribeshowtofreeuptokensfornewallocationsofaccesspassesbyremovingexisting
accesspassesintheQlikManagementConsole(QMC).
Useraccesspass
Whenauseraccesspassisremoved,itentersaquarantineforseven(7)days,countingfromthelasttime
thattheaccesspasswasused.Forexample,iftheaccesspassisusedonJanuary10,thetokensusedto
allocatetheaccesspassarenotavailablefornewallocationsuntilJanuary18.
Duringthequarantineperiod,theoriginalallocationoftheaccesspasscanbereinstated,whichmeansthat
thequarantineperiodendsandtheusercanstartusingtheaccesspassagain.
Loginaccesspass
Whenaloginaccessgroupisremoved,thetokensusedtoallocatetheaccesspassbecomeavailablein
accordancetothefollowingprocedure:
1. Foreveryten(10)unusedloginaccesspasses,one(1)tokenisfreedup.
2. Foreveryten(10)loginaccesspassesthatleavetheusedstateaftertheperiodspecifiedinLogin
access pass (page 150)haspassed,one(1)tokenisfreedup.
Disconnectednode
AdisconnectednodeisarimnodethatfailstosynchronizewiththecentralnodeinaQlikSensesite.A
disconnectednodecontinuestoserveuserstothebestofitsabilitywhilewaitingforasynchronizationwith
thecentralnodetotakeplace.
Multi-deploymentsites
ThissectiondescribeshowtheQlikSenselicensingishandledwithinmulti-deploymentsites,whereappsare
promotedfromadevelopmentsitetoatestsiteandfinallytoaproductionsite.
Developmentsite
InaQlikSensedeploymentthatincludesadevelopmentsiteandaproductionsite,two(2)LicenseEnabler
Files(LEF)areneeded(thatis,onepersite).
Eachnodewithinthedevelopmentsiteislicensedwithone(1)accesspasstype(forexample,useraccess
passes),ifonlydisconnectedusersareexpected.
Testsite
TheLEFforatestsitemirrorstheLEFforadevelopmentsite.
152
7 Licensing
See also:
p
Deploying multi-node sites (page 36)
Anonymoususers
Anonymoususersonlyuseloginaccesspasses.
See also:
p
Login access pass (page 150)
7.3 Licensingmetrics
Licensemetricsforthesoftwareareavailableatwww.qlik.com/license-terms.
153

Plan Qlik Sense Deployments

Încărcat de

Informații document

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

Plan Qlik Sense Deployments

Încărcat de

Drepturi de autor:

Formate disponibile

Plan Qlik Sense deployments

Copyright 1993-2016 QlikTech International AB. All rights reserved.

Plan Qlik Sense deployments - Qlik Sense, 3.0

Plan Qlik Sense deployments - Qlik Sense, 3.0

Plan Qlik Sense deployments - Qlik Sense, 3.0

Plan Qlik Sense deployments - Qlik Sense, 3.0

Plan Qlik Sense deployments - Qlik Sense, 3.0

Plan Qlik Sense deployments - Qlik Sense, 3.0

Plan Qlik Sense deployments - Qlik Sense, 3.0

Plan Qlik Sense deployments - Qlik Sense, 3.0

Plan Qlik Sense deployments - Qlik Sense, 3.0

Deploying single node sites (page 35)

Plan Qlik Sense deployments - Qlik Sense, 3.0

Deploying multi-node sites (page 36)

Plan Qlik Sense deployments - Qlik Sense, 3.0

Examples: Deployment of Qlik Sense services on a node

Plan Qlik Sense deployments - Qlik Sense, 3.0

Plan Qlik Sense deployments - Qlik Sense, 3.0

Selecting the metrics to display (page 21)

Plan Qlik Sense deployments - Qlik Sense, 3.0

Performance log (page 137)

Plan Qlik Sense deployments - Qlik Sense, 3.0

Selecting the metrics to display (page 21)

Plan Qlik Sense deployments - Qlik Sense, 3.0

Plan Qlik Sense deployments - Qlik Sense, 3.0

Plan Qlik Sense deployments - Qlik Sense, 3.0

Plan Qlik Sense deployments - Qlik Sense, 3.0

Plan Qlik Sense deployments - Qlik Sense, 3.0

Plan Qlik Sense deployments - Qlik Sense, 3.0

Plan Qlik Sense deployments - Qlik Sense, 3.0

Plan Qlik Sense deployments - Qlik Sense, 3.0

Plan Qlik Sense deployments - Qlik Sense, 3.0

Plan Qlik Sense deployments - Qlik Sense, 3.0

Plan Qlik Sense deployments - Qlik Sense, 3.0

Plan Qlik Sense deployments - Qlik Sense, 3.0

Plan Qlik Sense deployments - Qlik Sense, 3.0

Plan Qlik Sense deployments - Qlik Sense, 3.0

Plan Qlik Sense deployments - Qlik Sense, 3.0

Plan Qlik Sense deployments - Qlik Sense, 3.0

Plan Qlik Sense deployments - Qlik Sense, 3.0

Single node site (page 11)

Plan Qlik Sense deployments - Qlik Sense, 3.0

Multi-node site (page 12)

Plan Qlik Sense deployments - Qlik Sense, 3.0

Plan Qlik Sense deployments - Qlik Sense, 3.0

Clients (page 22)

Plan Qlik Sense deployments - Qlik Sense, 3.0

Plan Qlik Sense deployments - Qlik Sense, 3.0

Plan Qlik Sense deployments - Qlik Sense, 3.0

Plan Qlik Sense deployments - Qlik Sense, 3.0

Plan Qlik Sense deployments - Qlik Sense, 3.0

Plan Qlik Sense deployments - Qlik Sense, 3.0

Qlik Sense Repository

Specify the consume nodes to be Production nodes.

The DNS names used must be correct.

Plan Qlik Sense deployments - Qlik Sense, 3.0

License Monitor and Operations Monitor

Plan Qlik Sense deployments - Qlik Sense, 3.0

Qlik Sense Repository

Plan Qlik Sense deployments - Qlik Sense, 3.0

The DNS names used must be correct.

Load balancing: Consume nodes

Load balancing: Development node

Plan Qlik Sense deployments - Qlik Sense, 3.0