It is important to understand the options which PostgreSQL uses to allow connectivity. These principles are valid no matter whether you are using the Qlik Sense Repository Database service to host the database or using a standalone PostgreSQL instance. The two key files which PostgreSQL uses to define who can connect, how they connect, where they can connect from, and how many connections are allowed are:

• postgresql.conf
• pg_hba.conf

For bundled PostgreSQL instances, the files are located in: 

C:\ProgramData\Qlik\Sense\Repository\PostgreSQL\x.x

If you have unbundled PostgreSQL using the Qlik PostgreSQL installer (QPI), the default location is:

C:\Program Files\PostgreSQL\xx\data

For any other standalone PostgreSQL instances, consulting with your database admin to locate the data directory. 

Note: Any changes to these files will require a restart of the Qlik Sense Repository Database or PostgreSQL.
Note: Any lines prefixed with a # are commented out and not active.

postgresql.conf

In the postgresql.conf, in a basic Qlik Sense configuration, there are two key configuration options which are important:

• listen_addresses
  • This configuration defines which NICs PostgreSQL will listen on. For standalone PostgreSQL servers or multi-node Qlik Sense sites, the recommended setting is * (example below). This allows PostgreSQL to bind to any NICs presented to the server. Multiple comma-separated DNS entries may be added as well. (e.g.  listen_addresses = 'localhost,QlikServer2.domain.local' ) More advanced configurations are possible here but will not be covered in this guide.
• max_connections
  • This configuration defines how many connections PostgreSQL will allow.  It is best to use a rule of thumb of about 110 connections per node +20.  For example, for 4 nodes set to 460. See Installing Qlik Sense in a multi node for more details. 

Where these lines are can vary but an expected single node Qlik Sense site would look like this:

listen_addresses = '*'
max_connections = 100

pg_hba.conf

The pg_hba.conf file defines a variety of aspects:

• What IP addresses or ranges can connect to PostgreSQL and for what accounts
• What method of authentication those IP ranges / accounts can use
• For more details on configuration options for IP listeners, such as samenet, see https://www.postgresql.org/docs/9.6/auth-pg-hba-conf.html

# TYPE  DATABASE        USER            ADDRESS                 METHOD

# IPv4 local connections:
host    all             all             127.0.0.1/32            md5
# IPv6 local connections:
host    all             all             ::/0                 md5
# Allow replication connections from localhost, by a user with the
# replication privilege.
#host    replication     postgres        127.0.0.1/32            md5
#host    replication     postgres        ::1/128                 md5
host	all	            all	            0.0.0.0/0	            md5

In this example pg_hba.conf file there two active lines. The first line specifies that all users can connect to all databases from the local loopback IP using MD5 authentication (host all all 127.0.0.1/32 md5). The second line specifies that all users can connect to all databases from any valid IPv4 address using MD5 authenication (host all all 0.0.0.0/0 md5)

Please review our help for references to more sophisticated configurations where specific IP addresses or IP address ranges are covered.

To recap, when ensuring connectivity in a Qlik Sense Shared Persistence environment, especially a multi-node site, the core configurations which are needed are:

• PostgreSQL configured to listen to an external IP address (listen_address in postgresql.conf)
• Sufficient connections available for Qlik Sense (max_connections in postgresql.conf)
• Explicit allowing the IP address which is used to connect (pg_hba.conf)

This article gives an overview of the available blocks in the Qlik Platform Operations connector in Qlik Application Automation.

The purpose of the Qlik Platform Operations connector is to simplify the deployment and management of multiple tenants within Qlik Cloud. To learn more about the multitenant model in Qlik Cloud, please review the following series of tutorials.

This connector consists of:

• Authentication to Qlik Cloud using OAuth2.
• Support for deploying tenants with a multitenant-enabled Qlik Cloud license, using the Create tenant block.
• Support for managing apps, spaces, automations, groups, identity providers, licenses, and users within the deployed tenants.
• Metadata support, using, for example, the Update tenant auto license assign settings block.

To authenticate, you will need to provide your OAuth2 client ID and client secret. If you have a multitenant license, enter a regional OAuth client (generated via My Qlik) or a tenant OAuth client (generated from within a tenant). Note that only regional OAuth clients can create new Qlik Cloud tenants. In order to use your own tenant, you need to create an OAuth m2m client (trusted) in the management console on your tenant. For more information, please check this article.

Most blocks require a specified tenant as the target. A tenant is uniquely identified by name and the region that it is deployed to. For example, for mytenant.eu.qlikcloud.com, enter mytenant.eu. You can use the Get Tenant Name and Region block to obtain the tenant from a full URL.

Let's now go over a basic example of how to deploy a tenant, create an automation inside the deployed tenant and run it using the Qlik Platform Operations:

1. Create a new automation.
2. From the Block library menu on the left side of the screen, select the Qlik Platform Operations connector.
3. Use the Search for blocks input to search for the Create tenant block.
4. Drag and drop the block into the automation and link it to the start block.
   
   
   
   
5. On the Block configuration menu on the right side of the screen, use the input fields to add the information about the tenant: the Qlik Cloud region (for example,  sg for Singapore) and the signed license key:
   
   
   
6. Use the Search for blocks input to search for the Create Automation block, drag and drop it into the automation and link it to the Create tenant block. Before creating an automation, we need to update the license of the newly created tenant using the Update tenant auto license assign settings block. You can use the Get tenant name and Region block to get the tenant name from the full URL.
   
   
   
   
7. On the Block configuration menu on the right side of the screen, use the input fields to fill in the information about the automation. In the tenant field, use the example output from the previous block to add the ID.
8. Repeat the same steps for the Run automation and Get Automation Run blocks.
   
   
   
   
9. Run the automation. This will deploy a new tenant within your Qlik Cloud License in the Singapore region, create an automation inside this tenant, run it, and return the result.

The information in this article is provided as-is and to be used at own discretion. Depending on tool(s) used, customization(s), and/or other factors ongoing support on the solution below may not be provided by Qlik Support.

After an upgrade to Qlik Sense Enterprise on Windows May 2023 patch 3 or later, REST connections fail with the following error: 

"WITH CONNECTION" is not allowed. To allow "WITH CONNECTION", select Allow "WITH CONNECTION" in the connector settings.

The Allow WITH CONNECTION option is not exposed in the REST Connector GUI and cannot be changed.

Qlik Sense Enterprise on Windows August 2023 and later are not affected.

Resolution

To resolve the issue, upgrade to August 2023.

To manually mitigate the issue in the May release branch, replace the  qsdfw_qsefw_qlikview.qliksourceconfig file. Qlik is investigating a solution which does not require manual intervention.

Backup the affected file before continuing with the workaround. When taking the backup, do not keep the backed up file in the same folder. (see end notes)

1. On each Qlik Sense Server node, navigate to: C:\Program Files\Common Files\Qlik\Custom Data\QvRestConnector\
2. Locate qsdfw_qsefw_qlikview.qliksourceconfig
3. Replace qsdfw_qsefw_qlikview.qliksourceconfig with the file attached to this article. 
4. This resolves the issue. 
   
   Subscribe to this article or monitor the release notes for information on an automated fix.

End notes:

The folder C:\Program Files\Common Files\Qlik\Custom Data\QvRestConnector can only contain one qliksourceconfig file with correct name: qsdfw_qsefw_qlikview.qliksourceconfig

If there are two qliksourceconfig files (even with different names, such as a backup), the first one in alphabetical order will be chosen.

Cause 

QB-20735

Environment

Qlik Sense Enterprise on Windows May 2023 Patch 3 and later 

Does not affect August 2023 and later releases.

Internal Investigation ID(s) 

QB-20735

The Qlik Sense PostgreSQL database was previously updated and unbundled using the Qlik PostgreSQL Installer (QPI).

Following an upgrade of Qlik Sense Enterprise on Windows, the Qlik Repository Service may not start or the Management Console open to the following error:

Failed to load properties. No data found.

Environment

Qlik Sense on Windows May 2023 (upgraded to)
Previous use of Qlik PostgreSQL Installer (QPI) while Qlik Sense had a patch installed

Resolution:

Repair the installation. See Repairing an installation.

Cause 

Previously to using QPI, all patches need to be removed. See Requirements for QPI.

Related Content 

Upgrading and unbundling the Qlik Sense Repository Database using the Qlik PostgreSQL Installer 

Internal Investigation ID(s) 

QB-20581

When PostgreSQL restart and error message is logged in the windows event logs. Error message:

The description for Event ID 0 from source PostgreSQL cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer.

If the event originated on another computer, the display information had to be saved with the event.

The following informatin was included with the event: 

ERROR:  relation "nodes" already exists

STATEMENT:  CREATE TABLE nodes (

        hash BYTEA PRIMARY KEY,

        refs INT NOT NULL,

        value BYTEA,

        value_string TEXT,

        datatype TEXT,

        language TEXT,

        iri BOOLEAN,

        bnode BOOLEAN,

        value_int BIGINT,

        value_bool BOOLEAN,

        value_float double precision,

        value_time timestamp with time zone

    );

This is working by design and a harmless error message. Whenever precedents service starts up, it re-runs the appropriate database initialization request. This is to ensure the required tables exist before it starts using those tables. 

Environment:

Qlik Sense Enterprise on Windows 

This article explains how to connect to the QMS API using HTTPS with the QVClient certificate.

Prerequisites:

1. Certificates trust must be configured in the QlikView environment. Please see  Certificate trust
2. You will need an API client to connect (see QlikView: Connect to QMS API with Visual Studio on how to create one)

Environment:

QlikView 

Export QVProxy certificate from the QlikView Server machine

1. Log into the virtual machine as the user running QlikView services
2. Open Microsoft Management Console (Start - Run - mmc)
3. Add the Certificates snap in (File - Add/Remove snap-in - Certificates - Add)
4. Choose "Computer account" in the dialogue box
5. "Local Computer" should be selected
6. Next - Finish - OK
7. Expand the View: Certificates - Personal - Certificates
8. Right click the QVProxy certificate - All Tasks - Export
9. Next
10. Check the box for exporting the private key and click Next
11. Click Next with default options
12. Fill in and remember the password (It will be used when importing the certificate)
13. Give it a name - put it somewhere where you can reach it from the machine running the client - Finish
     

Import QVProxy certificate to the machine running the client

1. Open Microsoft Management Console (Start - Run - mmc) on the computer running the client
2.  Add the Certificates snap-in (File - Add/Remove snap-in - Certificates - Add)
3. Choose "Computer account" in the dialogue
4. "Local Computer" should be selected
5. Next - Finish - OK
6. Expand the View: Certificates - Personal - Certificates
7. Right-click on the Certificates folder - All tasks - Import
8. Next
9. Look for the exported file (change the type to .pfx)
10. Next
11. Type in the password
12. Choose Personal store
13. Done

Modify the QMS Service reference to use HTTPS

In Visual Studio, once you have followed the procedure in QlikView: Connect to QMS API with Visual Studio then you can just right-click on the QMS API reference in the solution explorer and choose "Configure service reference".
Modify "http" to "https" in the connection address.

Modify app.config in the client code

In Visual Studio solution explorer, find App.config and double-click to edit it.

This customization is provided as is. Qlik Support cannot provide continued support of the solution. For assistance, reach out to our Professional Services or engage in our active Integrations forum.

Add this section to the app.config inside the <system.serviceModel> ... </system.serviceModel> tags:

 <behaviors>
   <endpointBehaviors>
     <behavior name="ServiceKeyEndpointBehavior">
       <clientCredentials>
         <clientCertificate findValue="CN=QVProxy" x509FindType="FindBySubjectDistinguishedName" storeLocation="LocalMachine" storeName="My" />
         <serviceCertificate>
           <authentication certificateValidationMode="ChainTrust" revocationMode="NoCheck"/>
         </serviceCertificate>
       </clientCredentials>
     </behavior>
   </endpointBehaviors>
 </behaviors>

Note:If you get the following error "The client certificate is not provided. Specify a client certificate in ClientCredentials." add behaviorConfiguration="ServiceKeyEndpointBehavior" to all of the "endpoint" sections in the app.config 

Qlik Sense allows for Data Encryption for Qlik Sense Apps (QVF) and Data (QVD) Files.

This feature was originally introduced in September 2019 as a feature flag and fully implemented in the Management Console in November 2019.

This article includes instructions for both. 

Qlik Sense Engine can encrypt data by using a data encryption key (DEK), which is generated from a certificate based key encryption key (KEK). The DEK is unique to each encrypted file and is stored along side the encrypted data (inside the QVF and QVD files) in an encrypted format using RSA. The industry standard AES-256 GCM is used as the data encryption algorithm. Decryption requires access to the same certificate as used during encryption, which mean that the KEK certifcate thumbprint in certificate store must match the thumbprint used for the DEK generation. 

For Qlik Sense Enterprise on Windows November 2019 and later

Data encryption can be enabled in the Service Cluster configuration of the Qlik Sense Management Console. See the Online Help at Qlik Sense Enterprise on Windows > Administer Qlik Sense Enterprise on Windows > Managing a Qlik Sense Enterprise on Windows site > QMC resources overview > Service cluster > Data encryption

Detailed Instructions with Example

This is a simple example of how to explore data encryption in Qlik Sense Enterprise on Windows.  

1. Create a new sample app, like the attached ascii-table.qvf
   1. Add a simple script to generate an ASCII table

      ASCII:
      Load
       if(RecNo()>=65 and RecNo()<=90,RecNo()-64) as Num,
       Chr(RecNo()) as AsciiAlpha,
       RecNo() as AsciiNum
      autogenerate 255
       Where (RecNo()>=32 and RecNo()<=126) or RecNo()>=160 ;

   2. Create a folder connection to a folder where the QVD can be written
   3. Generate QVD of a data table. Note, change the lib:// reference to match a valid data connection

      STORE ASCII INTO [lib://MyData (domain_administrator)/ascii.qvd] (QVD);

2. Reload the app
3. Copy the app and qvd files to allow comparison after enabling encryption 
   1. Default app location: C:\ProgramData\Qlik\Sense\Apps 
   2. The QVD location is per app's folder data connection path
4. Create a certificate to test, following Encryption Certificates.
   1. Run Powershell as Qlik Sense service account or login to Windows as Qlik Sense service account
      Note, this is to make the generated cert available to service account.  
      
   2. Generate a self-signed certificate to use as an encryption key
      
      Windows Server 2016
      

      New-SelfSignedCertificate -Subject "QlikSenseDataEncrytion" `
                                -KeyAlgorithm RSA `
                                -KeyLength 4096 `
                                -Provider "Microsoft Software Key Storage Provider" `
                                -KeyExportPolicy ExportableEncrypted `
                                -CertStoreLocation "cert:\CurrentUser\My"

      
      Windows Server 2012 R2

      New-SelfSignedCertificate -DnsName "QlikSenseDataEncrytion" `
                                -CertStoreLocation "cert:\CurrentUser\My"
      

   3. Validate that cert is available 
5. Get the cert thumbprint from generation result. This thumbprint can be used as key-encryption key (KEK) by Qlik Sense. 
   
   
   
   Note: When copying the certificate thumbprint, an invisible character may be added at the beginning of the certificate thumbprint. Verify the thumbprint before executing the command in PowerShell:
   
   
   
   
6. Enable encryption in Service Cluster settings per Data Encryption
   
   
   
   
7. Restart Qlik Sense Engine service
8. Reload app to generate data encryption keys (DEK) for encrypted QVF and QVD file. 
   
   

Disable Encryption

Files remain encrypted after disabling encryption until next following app reload or QVD generation. 

1. Disable encryption in QMC > Service Cluster
   1. Uncheck both encryption options
   2. Remove encryption key
      
2. Restart Qlik Sense Engine Service on all nodes
3. Complete full successful app reload cycle, including QVD generators
   1. All QVF files have been decrypted
   2. All QVD files have been decrypted
      
      

File Comparison

Compare the unencrypted and encrypted files to validate successful encryption

Qlik Sense app (.qvf) file is a binary file, which makes it harder to visually confirm the encryption effect.

Encrypted app files have multiple references to ciphertext, which in turn refers to secrets used for the encryption.

App file without encryption has no such references. The cypher text portion of QVF represents the data encryption key (DEK) used to encrypt the app data and bookmarks. 

Encrypted data (.qvd) files has "Encryption Info" defined, which includes the data encryption (DEK) references.
Data part is also significantly different, even though both version have exactly the same static data content. 

Encryption Scope

• Encryption only applies at rest, meaning when stored on disk.  
• Data in memory is not encrypted
• Exported app (QVF) file is not encrypted
• Encrypted file (from apps storage folder) can not be imported in an other Qlik Sense instance.
  The import fails as the importing server is unable to parse the encrypted file. 
  
  

For Qlik Sense Enterprise on Windows September 2019

Data encryption feature was soft-launched in September 2019 release. This means that the feature and functionality were included in the release, but are not enabled and exposed by default in the product. 

1. Edit Capability Service configuration. Default location; C:\Program Files\Qlik\Sense\CapabilityService\capabilities.json
2. Add DATA_ENCRYPTION flag and set it to enabled.

   {
   "contentHash": "10159d595f5fa3bd250e90f30b1b7bf3",
   "originalClassName": "FeatureToggle",
   "flag": "DATA_ENCRYPTION",
   "enabled": true
   }

3. Restart Qlik Sense Service Dispatcher and Qlik Sense Engine services 
4. Repeat steps 1-3 on each node in Qlik Sense deployment

Related Content:

Qlik Sense on Windows: Data Encryption Key Rotation
Using Server Certificates for Data Encryption

Operation Monitor and License Monitor apps in Qlik Sense failed to reload with error message;

"Error: QVX_UNEXPECTED_END_OF_DATA: Unexpected character encountered while parsing value: <. Path '', line 0, position 0."

Step 1: Verify the connection string

Check the connection string of the data connections for your monitor_apps_*.
The connection string should be: queryHeaders=X-Qlik-XrfKey%20000000000000000%1User-Agent%2Windows;PaginationType=None; 
If the string is instead: queryHeaders=X-Qlik-XrfKey%20000000000000000%1User-Agent%2Forms;PaginationType=None;  then modify it to User-Agent%2Windows.

Step 2: Create a second Virtual Proxy allowing Windows authentication. 

Create a secondary virtual proxy using standard windows authentication. In our example we use "win" as the prefix. For detailed instructions on how to add a new Virtual Proxy, see Qlik Sense: How to create a new Virtual Proxy. 
 

Step 3: Modify the Data Connection prefixes

Edit all Data Connections prefixed with monitor_apps_ to use the new virtual proxy. Change the connector URL path to contain the Windows authenticated virtual proxy.

Cause:

Operations Monitor and License Monitor apps use the Qlik REST Connector to fetch data. The connector requires Windows Authentication to be successful in fetching data. This issue occurs when no virtual proxy in the Qlik Sense deployment utilizes Windows authentication. 

When starting Qlik Sense Repository Service you may receive the following error in the Windows Application log:
 

Resolution:

MySQL allows the zero date (and/or zero month) in data rows, which is a specific behaviour of MySQL and does not exist in most other RDBMS. This behaviour causes invalid date errors while replicating data to heterogeneous databases.

In this article, we will explain the solutions in both Full Load and CDC stages.

Resolution

To handle zero date in Qlik Replicate for both Full Load and CDC stages:

How to handle zero date in Full Load stage

MySQL provides an ODBC parameter ZERO_DATE_TO_MIN to control this behavior. please take note MySQL adds one day for zero date values.

1. Open MySQL source endpoint
2. Go to the Advanced tab
3. Go to the Additional ODBC connection properties
4. Add below connection string in the input label:
   
   ZERO_DATE_TO_MIN=1;
   
   

   Based on this setting, the Full Load stage gets a non-zero date. For example, the source value 2022-12-00 in MySQL will become 2022-12-01 in the target endpoint after the Full Load is finished.
   
   
   
   

How to handle zero date in CDC stage

The Full Load steps will not have an impact on the CDC stage. That means the source value 2022-12-00 will be 2022-12-00 still in the CDC stage. To mitigate this, we need to create a transformation to replace the zero date 00 with 01 as we do in the Full Load stage.

The simple global transformation expression can be:

date(substr($AR_M_SOURCE_COLUMN_DATA,1,8)||replace(substr($AR_M_SOURCE_COLUMN_DATA,9,2),'00','01'))



For more information on how to set transformations, see: Starting the Global Transformation Rules wizard.

Related Content

Transformation: Date Time - Invalid Value - MySQL

Environment

Qlik Replicate all versions
MySQL all versions

Internal Investigation ID(s)

Support case #00107317

An Automation fails with the below error when trying to run,

The following error occurred: Connector *********:****** not found (: Requested endpoint could not be provisioned due to failure to acquire a load slot: The user does not have permission to the gateway (DirectAccess-0002) LIB CONNECT TO '*********:******') The error occurred here: LIB CONNECT TO '*********:******'

Resolution

The User must have at least edit permissions to the space the gateway is registered with.

The User needs at least CanConsume on both spaces: the one that the data connection resides in and the space that the Direct Access gateway is associated with. Those spaces might be one and the same, but they can also be separate.

Cause

Error "DirectAccess-0002" indicates that the User does not have permission to the gateway.

Environment

• Qlik Data Gateway  - Direct Access
• Qlik Application Automation 

After a Qlik Replicate upgrade from 7.0.0-1221 to 2021.11.0-107 (or similar), logstream tasks may fail with the following error when resumed:  

SYS-E-HTTPFAIL, Failed to deobfuscate password of endpoint 'SRC_ORA_MDMSP1_RO'..
SYS,GENERAL_EXCEPTION,Failed to deobfuscate password of endpoint 'SRC_ORA_MDMSP1_RO'.

Resolution

Initially, the object MyPasswordProvider.so was missing execute permission. Once the permission was granted, the real error showed up in repcmd.log file.

[ADDONS ]W: Failed to load add-on path </home/attunity/MyPasswordProvider.so>, error: </home/attunity/MyPasswordProvider.so: undefined symbol: curl_easy_getinfo>

This error indicates that the CURL library is not defined in site_arep_login.sh.

To resolve this issue, either manually modify the .sh or copy the content from a functioning environment.

Example:

The issue exists in a QA environment, but not in production. Copy the content from the production environment's site_arep_login.sh and sourced arep_login (source arep_login.sh), and then restart Qlik Replicate to resolve the issue.

What to look for:

1. Check permission on .so file and make sure it has execute permission
2. Check repcmd log to make sure you get "add-on <MyPasswordProvider> has been loaded successfully" message
3. If you get Failed to load add-on path </home/attunity/MyPasswordProvider.so>, error: </home/attunity/MyPasswordProvider.so: undefined symbol: curl_easy_getinfo>" message then verify site_arep_login.sh and make sure the CURL library is defined.

Environment

Qlik Replicate 

Logging in to the Qlik Enterprise Manager fails with the following HTTP error:

HTTP Error 400. The size of the request headers is too long

The size of request headers is too long error is caused by the used credentials being too long. Different authentication methods, such as Microsoft Azure Active Domain, will encrypt your credentials differently which can lead to varying lengths for the request headers.

Resolution

A solution to the Qlik Enterprise Manager login error of the size of the request header is too long requires to either

• shorten the username and password 
• or modify the request header size limit on the operating system level.

If you choose to modify the header size, contact your Windows Administrator team to decide the size and configure the new value in the Windows Registry. 

1. Open the Windows Registry Editor
   
   
2. Navigate the following Registry Key: 
   
   HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\HTTP\Parameters
   
   
3. Increase the values for the MaxFieldLength and MaxRequestBytes registry entries
   
   For more information, see Set MaxFieldLength and MaxRequestBytes registry entries | Learn.Microsoft.com.
   
   
4. Restart the server

Environment

Qlik Enterprise Manager 

Internal Investigation ID(s) 

Case 00100348

A Qlik Sense App may load slowly in the Qlik Sense Enterprise on Windows hub.

Resolution

Qlik advises following our best practice guides when designing and publishing an app.

See:

• Optimizing app performance 
• Best practices for data modeling 
• Best practices for choosing visualization types 
• Best practices for designing visualizations 

In addition, the following five points may impact load times:

Qlik does not recommend against using the options below, but to keep them in mind when designing an app or measuring its performance. For a more hands-on and individual appraisal of your app and how to streamline it, please contact our professional services.

1. Session access
   
   Session access evaluation has not cache, it is always evaluated on each app open. So it is important that the section access script is optimized to avoid loss of time at any opening.
   Group based reduction is a great improvement recommended to shorten Session Access list and make calculation cache reuse more efficient.
   
   Defining data reduction by user ID adds unnecessary processing and calculation cache segregation. Changing to group-based reduction adds a noticeable performance improvement.
   
   
2. Security Rules
   
   Wide use of string-based "like" comparison instead of "=" comparison in rule leads to large processing overhead. Try to use fewer and simpler rules to speed up the opening process.
   
   
3. Static Content should be reduced whenever it is possible
   
   In particular, thumbnails images for the sheets in the app overview, leads to a noticeable time cost for the download. Part of processing time is derived from security rule evaluation per image, which improves with the security framework.
   
   If possible, avoid to use unique thumbnail images for sheets and choose one common logo image for all.
   
   
4. Calculated dimensions
   
   Reduce the number of calculated dimensions or dimensions defined by an expression. For more information, please, follow this article.
   
   
5. Network
   
   Network aspects should also be taken in consideration, especially if the delay occurs more often when users connect from home than from the office, or from a region more that others.

In some scenarios we need stop and resume a task. However for Hana trigger-based CDC task, if the option "Use log table" is enabled, resuming the task, or while you trying to startup the task from a given timestamp, you may get the below information (with SOURCE_CAPTURE set to Trace):

2021-09-09T22:12:34:881897 [SOURCE_CAPTURE  ]T:  Resume from 'timestamp:2021-09-09T20:30:00'
2021-09-09T22:12:34:881897 [SOURCE_CAPTURE  ]T:  Start from timestamp is not supported in the Log-Table mode

Environment

• Replicate versions 6.6/7.0
• Replicate version   2021.5

The option "Use log table" is enabled by an Internal Parameter in versions 6.6/7.0. In version 2021.5 it's in GUI property like below:

Resolution

Start the task by source change position, rather than the timestamp. Here is a query to prepare the stream position in the correct format by a timestamp:

;Get the stream position by timestamp
;Before using the query, please replace the $SCHEMA$ to your artifacts schema where the table "attrep_cdc_log" is located.
;The timestamp format is 'YYYY-MM-DD HH:MM:SS' (Note, the timestamp should be the one on HAHA Server side, not the replicate server's)
;The range will be from the first (not included) event that happened after the time specified to the last (included) event in the table

SELECT 'V1:'||MIN("$rowid$")||':'||MAX("$rowid$")||':0:'||MIN("$rowid$") AS "STREAM POSITION" from "$SCHEMA$"."attrep_cdc_log" WHERE "CHANGE_EVENT_TIME" >= 'YYYY-MM-DD HH:MM:SS'

A unique row will be returned:

V1:670636:686112:0:670333

Then in the Replicate UI, start the task by source change stream position:

Internal Investigation ID

Salesforce support case #02260694.

With Qlik Application Automation, you can get data out of Qlik Cloud and distributing it to different users in formatted Excel. The workflow can be automated by leveraging the connectors for Office 365, specifically Microsoft SharePoint and Microsoft Excel. 

Here I share two example Qlik Application Automation workspaces that you can use and modify to suit your requirements. 

Content:

• Considerations
• Example 1: Scheduled Reports
• Example 2: On-Demand Reports
• Environment

Video:

Considerations

• This example is built on distributing a SharePoint link. It is also possible to use attachments with the Mail block (see Creating a Qlik Reporting Service report).
• Qlik Application Automation has a limit of 100,000 rows when getting data out of a Qlik Sense straight table object.
• The On-Demand example uses an extension in QSE SaaS to send data to the Automation. An update to the Qlik Sense Button object is expected soon, which will provide a native way to pass selections to an Automation.

Example 1: Scheduled Reports

1. Download the 'Scheduled Report.json' file attached to this document.
2. Create a new Automation in QSE SaaS, give it a name, and then upload the workspace you just downloaded by right clicking in the editor canvas, and selecting 'Upload workspace'.
3. Select the 'Create Binary File (Personal One Drive)' block, select 'Connection' in the block configurator to the right, and then create your connection to Microsoft SharePoint.
4. Select the 'Get Straight Table Data' block. Under 'Inputs' in the block configurator, lookup your the App Id, Sheet Id, and Object Id for the relevant QSE SaaS table you wish to output.
5. Select the 'Create Excel Table With Headers' block, select 'Connection' in the block configurator, and then create your connection to Microsoft Excel.
6. Select the 'Send Mail' block. Under 'Inputs' in the block configurator update the 'To' to reflect the addresses you wish to deliver to.
7. With the 'Send Mail' block still selected, select 'Connection' in the block configurator and add your Sender details.
8. To test, Save and then Run the Automation
9. If you receive any warnings or errors, navigate to the relevant blocks and ensure your Connection is selected in the block configurator. 
10. Select the 'Start' block. Under 'Inputs' in the block configurator, change Run Mode to Scheduled and define your required schedule. 

Example 2: On-Demand Reports

Note - These instructions assume you have already created connections as required in Example 1.

1. Download the 'On-Demand Report v3.json' file attached to this document.
2. Download and install the 'qlik-blends' extension. See: 
   https://github.com/rileymd88/qlik-blends/files/6378232/qlik-blends.zip
3. Create a new Automation in QSE SaaS, give it a name, and then upload the workspace you just downloaded by right-clicking in the editor canvas, and selecting 'Upload workspace'.
4. Ensure your Connections are selected in the block configurator for each of the following blocks, 'Create Binary File (Personal One Drive)', 'Create Excel Table With Headers', 'Add Rows To Excel Worksheet Table (Batch)', 'Create Sharing Link', and 'Send Mail'.  Save the Automation.
5. Select the 'Start' block and ensure Run Mode is set to Triggered. Make note of the of URL and Execution Token shown in the POST example. 
6. Open your chosen QSE SaaS application, and Edit the Sheet where you wish to add a Button to trigger an On-Demand report. 
7. Under 'Custom Objects' look for 'qlik-blends' from the Extensions menu and drag this into your Sheet.
8. Under the 'Blend' properties to the right, add-in your POST webhook URL and Token as noted in Step 5.
9. We will now add three measures to the 'qlik-blends' object. It is important you add them in the order described.  Add the first measure, using the following function in the expression editor: GetCurrentSelections()
10. Add the second measure, using the following function DocumentName()
11. The final measure will be the Object ID of the table you wish to use. To find the Object ID, select 'Done Editing'.  Then right click on the table, select 'Share', select 'Embed', then look for the Object ID under the preview. Copy this value, go back into Editing mode and paste this as your third measure value. 
12. With the 'qlik-blends' object selected, under Form select 'Add items'. For 'Item type' select Text. Under default value you can choose to add a default email address. For 'Label' and 'Reference'  type 'Email'. It is critical that Reference is updated to 'Email'.  Turn 'Required input' on. 
13. You can change the Appearance properties to suit your preferences, such as updating the Button label and message, enabling Dialog, and changing the Color under Theme.
14. Back in the Automation, under the Start Block. Set  'Run asynchronously' = yes to allow multiple requests to run at the same time (This will also increase the max run time from 1min to 60min)
15. Once happy, test the On-Demand report by entering an email and clicking the button.

This On-Demand Report Automation can be used across multiple apps and tables.  Simply copy the extension object between apps & sheets, and update the Object ID (Measure 3) for each instance. 

Environment

• Qlik Application Automation 
• Qlik Cloud 
• Microsoft Office 365

The information in this article is provided as-is and to be used at own discretion. Depending on tool(s) used, customization(s), and/or other factors ongoing support on the solution below may not be provided by Qlik Support.

Generating a Qlik NPrinting report with an output of more than 512MB will fail with:

ERROR: System. IO .IOException: Stream was too long.↓↓ at System. IO .MemoryStream.Write(Byte[] buffer, Int32 offset, Int32 count)↓↓ at Ionic.Zip.CountingStream.Write(Byte[] buffer, Int32 offset, Int32 count) 

Resolution

Since the November 2020 release, RabbitMQ Server (deployed as Qlik NPrinting Messaging Service) has been updated to version 3.8.3. It has an internal limit, not configurable, about messages size of 512MB. Previous limit was 2GB. As consequence, is not possible to generate Qlik NPrinting reports bigger than 512MB.

See Report size limit | Qlik NPrinting Release Notes.

Internal Investigation ID(s)

OP-9628

If a Qlik Sense Dashboard is secured with Section Access, a Qlik NPrinting report generated from it may fail if the user does not have full RDUP permissions. If only Read access has been provided, the report fails to generate with the error:

ERROR in setting limited dimension default label: Access denied [5]:Access denied(SetProperties)

Resolution

This was identified as an old defect in versions of Qlik NPrinting prior to September 2020. Later versions should no longer be affected. 

However, if the error occurs, verify that the user running the report has Read permissions or full permissions.

Internal Investigation ID(s):

OP-9376

The Chart Exploration panel is not shown in straight tables after the upgrade to Qlik Sense May 2023 Patch 3. The option is still visible when you right click on the table, but it does not work: the table is just enlarged or an empty window appears instead of the Chart Exploration.

Environment

• Qlik Sense May 2023 Patch 3
• Qlik Sense May 2023 Patch 4
• Qlik Sense May 2023 Patch 5

Resolution

The problem is not present in any Qlik Sense releases previous to May 2023 Patch 3. It is fixed in Qlik Sense May 2023 Patch 6 and higher releases. The Qlik Sense August release was not affected.

In releases prior to May Patch 6, it is possible to resolve the problem on the affected releases by following these steps:

1.  Connect to Qlik Sense.
2.  Open the 'import-map.json' file located in C:\Program Files\Qlik\Sense\Client\qmfe with a text editor.
3.  Remove the two dots ('..') that you can see at the beginning of each path. For example, the row 
   @qlik-trial/qmfe-api    "../resources/qmfe/qmfe-api/2.58.0/qmfe-api.js"
   must look like this:
   @qlik-trial/qmfe-api    "/resources/qmfe/qmfe-api/2.58.0/qmfe-api.js"
4.  Save the 'import-map.json' file.
5.  Clear your browser cache.
6. Restart the Qlik Sense services if possible.

Cause

An incorrect formatting of the paths in the 'import-map.json' file causes the problem.

Internal Investigation ID

QB-20719, QB-21856

Duplicate "Mobile Content" collections are present on a tenant.
The option to delete them is not present.

Environment

• Qlik Cloud 

Resolution

1. Download and configure the qlik-cli.
2. Identify the CollectionID for the collection that needs to be deleted:
   
   
   1. in the Hub, select Collections and pick the collection
      
      
      
      
   2. check the URL in the browser and get the CollectionId at the end
      
      
      
      
      
      
3.  in a Command Prompt/Powershell, run:
   
   qlik collection rm CollectionID

Note: there is no "undo". Make sure to remove the right collection.