Search our knowledge base, curated by global Support, for answers ranging from account questions to troubleshooting error messages.
End of Support for Qlik products follows Release Management Policy, as documented in the Product Terms found on the Qlik Site: On-Premise Products Release Management Policy
For detailed information on end of life and release dates, see:
Qlik Sense Enterprise on Windows Product Lifecycle
Qlik NPrinting Product Lifecycle
QlikView Product Lifecycle
Related Content:
This article will guide you on how to check audit logs to see users' activity on object/sheet/app.
First of all, we would need to enable Audit Logs on Qlik Sense side, to do so, you can follow this guide.
Once done all the steps from the above's guide, then we can check all user activity on object/sheet/level through the Operations Monitor app (from Qlik Sense 2019 release).
In the example below we will see a graphic example of how to check this information from Audit Logs.
User with ID "f9b8183a-bc07-4571-8ccb-94f7a1c5d9db" navigates into app with ID "1e4a22db-7395-46b3-bd43-78bc4cef811f" and then clicks on sheet with ID "1e4a22db-7395-46b3-bd43-78bc4cef811f" and finally selects a dimension:
User performing selections on an app
As we enabled Audit Logs, all traces coming from users selections will be logged on this path location: C:\ProgramData\Qlik\Sense\Log\Engine\Trace\ServerName_Audit_Engine.txt
Now we can check the audit logs directly from Operations Monitor app:
Checking logs through the Operations Monitor app
Furthermore, you could also check from logs the object ID and action performed on it on the following columns from C:\ProgramData\Qlik\Sense\Log\Engine\Trace\ServerName_Audit_Engine.txt:
Checking object ID and action performed
Qlik Sense Enterprise on Windows
The information in this article is provided as-is and to be used at own discretion. Depending on tool(s) used, customization(s), and/or other factors ongoing support on the solution below may not be provided by Qlik Support.
How to enable Audit Logging in Qlik Sense Enterprise on Windows
What is legacy mode?
Legacy mode in Qlik Sense allows users who have access to the data load editor to write load statements which reference file paths rather than through LIB statements.
Simple example:
Standard Mode:
LOAD *
FROM [lib://data/data.csv]
(txt, codepage is 28591, embedded labels, delimiter is ',', msq);
Legacy Mode:
LOAD *
FROM C:\data\data.csv
(txt, codepage is 28591, embedded labels, delimiter is ',', msq);
What are the security considerations when using legacy mode?
Out of the box, for a user to do development in Qlik Sense, they need some combination of two types of access:
This security model is the intermediary between the user inside of Qlik Sense and the data sources.
When using legacy mode, any user who has access to the Data Load Editor can now access the file system of the local Qlik Sense server as well as any network file shares that the Qlik Sense service account independent of the security rules configured on the Qlik Sense deployment. In this example, the user has access to AttachedFiles, which all users would out of the box, as well as a Salesforce data connection, yet they are still able to load from the data.csv:
This means that the traditional mechanism for ensuring governance and security over data access inside of the Data Load Editor will no longer apply and the user(s) will be accessing the files as the Qlik Sense Service account
What are the benefits of using Legacy Mode?
This is difficult to answer in an exhaustive manner, but generally the benefits are narrowly scoped to deployments where app development, self-service capabilities are disabled or where this level of access is restricted to a vetted set of administrators. Some benefits include:
Is legacy mode recommended by Qlik?
For most deployments, no, legacy mode is not recommended. It can be useful in some deployment scenarios where the security concerns are mitigated.
How do I switch to Legacy mode / disable standard mode?
Disabling standard mode - Enabling Legacy Mode - Qlik Sense on Windows
Qlik Sense Legacy mode
The user that runs the Qlik Sense Enterprise on Windows services is commonly referred to as the Qlik Sense Enterprise service account. The user is defined as the "Log On As" user in Windows service settings.
In a multi-node deployment it is recommended to use the same domain user for all Qlik Sense services on all nodes the same deployment.
NOTE: Qlik Sense Repository Database service is an exception, and is expected to always run as Local System.
Confirm the current Qlik Sense Enterprise service account;
The Qlik Compose monitoring window takes a long time to load.
This is likely caused by old task entries not being purged from the project's ProjectRepoRuntime.sqlite file.
ProjectRepoRuntime.sqlite is located in <Instation_folder>\data\projects\PROJECT_NAME
Example (default): C:\Program Files\Qlik\Compose\data\projects\YOUR_PROJECT_NAME
Upgrade to Qlik Compose 2022.5.0-sp16 (2022.5.1177) or any later version.
After the upgrade, note:
It is essential to stop the Qlik Compose service and back up the project folder before compacting the file. Please contact support if any assistance is needed.
2022.5.0-sp16 (2022.5.1177) and higher
Recob-7766
Information provided on this defect is given as is at the time of documentation. For up-to-date information, please review the most recent Release Notes with RECOB- 7766 for reference.
The QlikView server creates a last document state or session recovery bookmark ($LASTKNOWNSTATE) when a QlikView document is closed from the Full Browser Client. This allows work to be resumed, even after the session has been terminated. Sometimes, this session or state needs to be cleared.
Symptoms:
A QlikView document does not open and is stuck in:
The last known document state may be attempting to call an invalid state or object created by the user the last time the document was closed.
To clear this, the end-user needs to click the Remove Last Document State button visible in the View Details menu accessible from a link below the document listed on the AccessPoint.
Note that clearing the last document state does not mean the session is reset. If the user is still within an active session and they close and re-open the document, the previous session is resumed. This is not the last document state.
The last document state is a bookmark applied at the end of a session.
For a more detailed description, see Session Recovery in QlikView: How to enable it and how it works.
In this Webinar, we covered how to approach a Qlik Sense Enterprise on Windows migration.
The session covers:
Qlik Sense Migration: Migrating your Entire Qlik Sense Environment (Blog post)
Help.Qlik.Com Documentation: Backup and Restore Qlik Sense Enterprise on Windows
Qlik Sense Upgrade Guide
Qlik Admin Playbook
Q: Is it possible to migrate from a standalone installation to a clustered one?
A: Yes. Once the Central Node has been moved to a new host, additional Rim nodes can be added as usual through the QMC.
Q: What about the personnal objects created by users (sheets, bookmarks, ...) ? Are they included in the QSR backup ?
A: All user objects as well as base sheets are included both in the Apps themselves as well as in the QSR.
Q: Is this possible to migrate one repository to another server and merge the repository with another one?
A: Not through the procedure outlined in this webinar. If your goal is to merge content from multiple sites, or seamlessly migrate content, I recommend reaching out to your Account Manager and discuss Qlik Mission Control platform.
Q: Would the steps given here change if postgres is installed on a stand-alone server?
A: The only steps that would change would be the backup/restore for the DB itself, as this would have to be performed locally on the DB host. Additionally, if the DB location has changed, the QRS connection strings will have to be updated via QlikSenseUtil.
Q: Is it necessary to have the same release on both servers before migrating ? Or is there compatibility between versions of QlikSense ?
A: You can restore a database from a previous version on a newer Qlik Sense release and the system will update the internal objects automatically, however the reverse is not possible. It is recommended to perform the upgrade in place, before migrating the server.
Q: Is it possible to restore without certificate ?
A: Yes, Trust Root and Qlik Client certificates can be recreated from scratch, however as mentioned during the call, all internal metadata values that were previously encrypted, such as data source connection strings, would have be updated via the QMC by re-entering the connection password and saving.
In the Qlik View Management Console under Directory Service Connectors, the Custom Users' list has disappeared under Custom Directory.
However,
"Custom Users" was intended for a small business to easily get started.
Note that all the users are stored in the same file (CustomDirectoryData.xml). When it grows large to huge it will be slow and when it exceeds the limit of Message size, the User's list will disappear.
We highly encourage setting up a separate LDAP provider, like OpenLDAP or similar to better handle the volume of users.
QB-22631
Information on this defect is given as is at the time of documenting. For up-to-date information, please review the most recent Release Notes with the ID QV-22631 for reference.
To set reloads to only run on Rim nodes:
By default, all apps are synced to all nodes except for the monitoring apps which reload only on the Central Node.
If you want to move ALL reloads away from the Central node, including the monitor App, then you would need to change the sync rule to change this default behaviour.
To change that sync rule:
Load balancing rules won't be able to exclude specific tasks from being loaded in the Central Node. Because there is an immutable load-balancing role that says all resources are available on the central node. This is working as designed.
Review Pinning/Load Balancing
Load Balancing in Qlik Sense Enterprise on Windows
From Qlik Sense February 2023 onwards, apps listed in the Qlik Sense Management Console (Apps view) are now represented with clickable links. Clicking them will open the app directly on the hub.
This means the app names are no longer plain grey text but are now formatted as links (blue, underline). See Apps for details.
Example:
To disable clickable links in the Management Console:
Qlik Sense Enterprise on Windows February 2023 and above
Some script logs are not transferred to Archive log Folder.
Storage Locations:
Qlik Sense log folder:
C:\ProgramData\Qlik\Sense\Log\Script
Log names consist out of the AppID and a year, date, and timestamp.
Archived log Folder:
\\SERVICECLUSTER-SHARE\ArchivedLogs\NodeName\Script
Log names consist out of the AppID and a year, date, and timestamp.
By design, not all script logs are transferred to the Archived logs folder. Reloads executed from the hub are not transferred.
1. When reloading data in app via hub, Script log will be left in Script log folder C:\ProgramData\Qlik\Sense\Log\Script
2. When reloading data via QMC/task, Script log will be transferred to Archived logs folder \\SERVICECLUSTER-SHARE\ArchivedLogs\NodeName\Script
When all steps above can be completed successful the connection is confirmed as valid. Apply the directory path, username, and password in the QlikView, NPrinting or Qlik Sense LDAP configuration. Assistance with modifying filters and ports for LDAP and Active Directory is not in the realm of the Qlik Support SLA.
Another recommendation is to use the ADUC Module from the server and test your LDAP filters there, outside of Sense. This can be added through Roles and Features.
It's also suggested to check if you have a non-default domain policy set in active directory that enforces all LDAP authentication to be secured with SSL. This policy on the domain controller is: "Domain controller: LDAP server signing requirements" and if set to "Require signing" the LDAP data-signing option must be negotiated. The customer's IT Dept will need to verify.
Note: Qlik Support assists in diagnosing user directory imports, however if a new LDAP filter is applied using the User Directory Connector feature of the QMC, and the users are not imported, then this is considered an environmental-related issue and Qlik Consulting Services will need to be elected by clients if they'd like further assistance. Qlik Support is for break/fix of embedded Qlik features and any external or third-party integrations or interactions requires consulting services to assist.
Qlik Cloud tenants are the highest level of logical isolation provided to our customers. The subscriptions and associated entitlements (also known as licenses) that customers purchase from Qlik are not fixed to these tenants. When needed, a customer can update the entitlement used by their tenant. This article covers how to do this, as well as all considerations before moving.
You should not attempt to update your tenant entitlement unless directed to do so by Qlik, or you are an OEM customer who is managing multiple entitlements for their estate.
Content:
There are three scenarios where you might need to update your entitlement:
If you are an OEM or Enterprise customer leveraging multiple tenants in Qlik Cloud, please also consider reviewing the Platform Operations series on qlik.dev to learn more about managing these estates prior to changing your entitlements.
Before you begin migrating your subscription or entitlement, consider:
Updating the entitlement requires four steps:
Your SLK is available through:
When you migrate between entitlements, any user assignments will be reset. You will need to export any current assignments if you wish to reassign them.
There are three ways of doing this:
If you have many users, both option a and b will require you to paginate to get all results.
Results will look like:
If required, reassign entitlements which were exported in step 2. You can do this in two ways:
curl -L -X POST 'https://<hostname>.<region>.qlikcloud.com/api/v1/licenses/assignments/actions/add' \
-H 'Authorization: Bearer ey...' \
-H 'Content-type: application/json' \
-H 'Accept: application/json' \
--data-raw '{
"add": [
{
"subject": "1ef2caed0dbe0a66a24ccadf61546099",
"type": "professional"
}
]
}'
The information in this article is provided as-is and to be used at own discretion. Depending on tool(s) used, customization(s), and/or other factors ongoing support on the solution below may not be provided by Qlik Support.
This article shows how to use the Qlik Application Automation Monitoring App. It explains how to set up the load script and how to use the app for monitoring Qlik Application Automation usage statistics for a cloud tenant.
Index:
The app included is an example and not an official app. The app is provided as-is.
There are four steps for the configuration of the load script:
The monitoring app includes four sheets that present various information on the Qlik Application Automation usage in the current tenant.
Filtering is available based on Automation Name, Last Run Status, Run Mode, State & Status.
The Qlik Application Automation Monitoring app facilitates incremental load, that is, only added data is loaded into the app.
Important: Qlik Application Automation runs are only stored for 30 days. When data is loaded into the app for the first time, only 30 days of history is loaded, thus only 30 days of history will be available in the app. After this initial data load, data older than 30 days will be available in the app thanks to the incremental data load. If data is loaded at least once every 30 days, continuous data will be available in the app.
Qlik Cloud
Qlik Application Automation
The information in this article is provided as-is and is to be used at your own discretion. Depending on tool(s) used, customization(s), and/or other factors ongoing support on the solution below may not be provided by Qlik Support.
The max parallel session count cannot be configured.
Qlik Sense Enterprise on Windows allows for a maximum of five parallel sessions from one user. If the maximum is reached, the sixth connection will fail with:
You cannot access Qlik Sense because you have no access pass. Too many sessions active in parallel
For more information, see:
You cannot access Qlik Sense because you have no access pass
How to count sessions in Qlik Sense
Troubleshoot too many sessions active in parallel
To eliminate the chance that AntiVirus, AntiMalware, and other security-related software cause corruption or lock up files in the Qlik environment, or cause issues during an installation/upgrade/patch, some folders should be excluded from live scanning.
For an example demonstrating exclusions with Symantec, see Antivirus exceptions for Qlik Sense- McAfee, Symantec & Other Anti-Virus exclusions absolutely required
Note 1: Verify requirements on the Qlik Sense Online Help for the installed version
Note 2: A machine reboot is required after exclusions are made
Note 3: For Qlik Sense Desktop additional locations, see the appropriate Qlik help page for the version being installed. See Installing Qlik Sense Desktop.
Make sure that the anti-virus is not blocking access to certificates stored in the following location and their private keys: Personal (Local Computer), Trusted Root Certification Authorities (Local Computer), Personal (Current User for the service account)
Please note that usual anti-virus exclusions might not apply to the EDR and ATP setup. Speak to your solution vendor to get the exclusions in place. For example, if you use Microsoft's Advanced Threat Protection (Microsoft Defender for Endpoint), then the exclusion list is handled by Microsoft, and you will need to open a ticket with Microsoft to get an exclusion in place.
Due to the different versions of Qlik Sense and Enhancement, to obtain a list of exclusions for EDR and ATP, you can use the following commands.
It is best to have the fileserver (SharedFolder) not in the policy for ATP/EDR scan.
Note: Qlik Support cannot provide support and services for any Qlik Servers in which performance issues, port issues, installation, patching, or upgrading problems occur if these directories are not made exempt for any and all Anti-Virus solution. It will be best-effort, as the exclusions of these directories is a prerequisite to Qlik software.
Ref: Qlik Sense Help, Deploy > Troubleshooting - Deployment > Anti-virus software scanning affects performance
Operation Monitor and License Monitor apps in Qlik Sense failed to reload with error message;
"Error: QVX_UNEXPECTED_END_OF_DATA: Unexpected character encountered while parsing value: <. Path '', line 0, position 0."
Check the connection string of the data connections for your monitor_apps_*.
The connection string should be: queryHeaders=X-Qlik-XrfKey%20000000000000000%1User-Agent%2Windows;PaginationType=None;
If the string is instead: queryHeaders=X-Qlik-XrfKey%20000000000000000%1User-Agent%2Forms;PaginationType=None; then modify it to User-Agent%2Windows.
Create a secondary virtual proxy using standard windows authentication. In our example we use "win" as the prefix. For detailed instructions on how to add a new Virtual Proxy, see Qlik Sense: How to create a new Virtual Proxy.
Edit all Data Connections prefixed with monitor_apps_ to use the new virtual proxy. Change the connector URL path to contain the Windows authenticated virtual proxy.
Operations Monitor and License Monitor apps use the Qlik REST Connector to fetch data. The connector requires Windows Authentication to be successful in fetching data. This issue occurs when no virtual proxy in the Qlik Sense deployment utilizes Windows authentication.