Search or browse our knowledge base to find answers to your questions ranging from account questions to troubleshooting error messages. The content is curated and updated by our global Support team
Qlik offers a wide range of channels to assist you in troubleshooting, answering frequently asked questions, and getting in touch with our technical experts. In this article, we guide you through all available avenues to secure your best possible experience.
For details on our terms and conditions, review the Qlik Support Policy.
Index:
We're happy to help! Here's a breakdown of resources for each type of need.
Support | Professional Services (*) | |
Reactively fixes technical issues as well as answers narrowly defined specific questions. Handles administrative issues to keep the product up-to-date and functioning. | Proactively accelerates projects, reduces risk, and achieves optimal configurations. Delivers expert help for training, planning, implementation, and performance improvement. | |
|
|
(*) reach out to your Account Manager or Customer Success Manager
Your first line of support: https://community.qlik.com/
Looking for content? Type your question into our global search bar:
Leverage the enhanced and continuously updated Knowledge Base to find solutions to your questions and best practice guides. Bookmark this page for quick access!
Subscribe to maximize your Qlik experience!
The Support Updates Blog
The Support Updates blog delivers important and useful Qlik Support information about end-of-product support, new service releases, and general support topics. (click)
The Qlik Design Blog
The Design blog is all about product and Qlik solutions, such as scripting, data modelling, visual design, extensions, best practices, and more! (click)
The Product Innovation Blog
By reading the Product Innovation blog, you will learn about what's new across all of the products in our growing Qlik product portfolio. (click)
Q&A with Qlik
Live sessions with Qlik Experts in which we focus on your questions.
Techspert Talks
Techspert Talks is a free webinar to facilitate knowledge sharing held on a monthly basis.
Technical Adoption Workshops
Our in depth, hands-on workshops allow new Qlik Cloud Admins to build alongside Qlik Experts.
Qlik Fix
Qlik Fix is a series of short video with helpful solutions for Qlik customers and partners.
Suggest an idea, and influence the next generation of Qlik features!
Search & Submit Ideas
Ideation Guidelines
Get the full value of the community.
Register a Qlik ID:
Incidents are supported through our Chat, by clicking Chat Now on any Support Page across Qlik Community.
To raise a new issue, all you need to do is chat with us. With this, we can:
Log in to manage and track your active cases in Manage Cases. (click)
Please note: to create a new case, it is easiest to do so via our chat (see above). Our chat will log your case through a series of guided intake questions.
Your advantages:
If you require a support case escalation, you have two options:
A collection of useful links.
Qlik Cloud Status Page
Keep up to date with Qlik Cloud's status.
Support Policy
Review our Service Level Agreements and License Agreements.
Live Chat and Case Portal
Your one stop to contact us.
Qlik Cloud is a modern analytics and data platform built on the same software engine as QlikView and Qlik Sense Client-Managed and adds significant value to empower everyone in an organization to make better decisions daily. Qlik Cloud allows you to use one common platform for all users – executives, decision-makers, and analysts.
Navigation:
Migrating to Qlik Cloud can help your organization:
Q&A with Qlik: Qlik Sense Migration to Qlik Cloud
Articles relevant to migration and new Qlik Cloud users
This site provides you the tools to monitor, manage, and execute a migration from Client-Managed Qlik Sense to Qlik Cloud.
Index and home
Planning your migration
Setting up the Qlik Cloud migration tools
Create and configure a cloud tenant
This site provides you the tools to begin your journey to move from QlikView to Qlik Sense and Qlik Cloud.
This article provides a step-by-step guide on building a write back solution with only native Qlik components and automations.
Content:
Disclaimer for reporting use cases: this solution could produce inconsistent results in reports produced with automations; when using the button to pass through selections, the intended report composition and associated data reduction for the report may not be achieved. This is due to the fact that the session state of Qlik Application Automation cannot be transferred to the report composition definition that is passed to the Qlik Reporting Service.
When analyzing results in a Qlik Sense app, it could happen you spot a mistake in your data or something that seems odd. To address this, you may want someone from your team to investigate this or you may want to update data in your source systems directly without leaving Qlik. Or maybe your data is just fine but you want to add a new record from within Qlik without having to open your business application. These scenarios fit in the following use cases:
This is the least intrusive form of writing back that delegates the change to someone in your data team. The idea is that you create a ticket in a task management system like Jira or ServiceNow. Someone from your team will then pick up the ticket, investigate your comment, and review the data. The difference with sending an alert or email is that the ticketing system guarantees that the request is tracked.
Another option to communicate changes is to write a comment or a tag for one or more records directly to the source system. This could be a comment on a deal record in your CRM or it could be stored in a separate database table if you're loading data from a database.
The final use case allows for updating records directly from within the sheet. Make sure you know who has access to the button before setting this up since this will allow users to change records directly.
All the above use cases can be realized in the same way: by configuring a native Qlik Sense button in your sheet to run an automation. Before you start this tutorial, make sure you already have an app and a new, empty automation. The tutorial has 2 parts:
To configure the app, we'll use the following native Qlik Sense components:
Steps:
Enable the "Show notifications" toggle, this will send a toast notification back to the user in the sheet after the automation completes. Feel free to increase the duration.
Tip: using a Container component will allow your variable inputs & button to scale better for smaller screens.
Upon automation run, this will resolve to the first text value selected for the field hs_object_id (which corresponds to the deal ID from HubSpot). To update this to a comma-separated list of IDs, the mapping must first be changed to output a list of all values for hs_object_id. To do this, toggle the formula parsing:
Bonus: add a link to the toast notification
Instead of showing a plain message in the toast notification, it's also possible to include a link to point the user to a certain resource. This can be done by configuring the Update Run Title block with the following snippet:
{"message":"Ticket created", "url": "https://<link to jira ticket>"}
Depending on the button's configuration and the automation run mode, use either the Update Run Title block or the Output block to show the toast notification.
See the below table for each option:
Run mode configuration in the automation | Run mode in the button | Block for toast notification | Who can see the notification |
Triggered async | Triggered | Update Run Title | Automation owner only |
Triggered sync | Triggered | Output | Everyone |
Triggered sync | Not triggered | Update Run Title | Automation owner only |
The run mode in the button can be configured by toggling the 'Include Selections' option in the button's settings:
The run mode in the automation can be configured here in the Start block:
After writing back to your source systems, you'll want to do a reload to see your changes reflected in the app. Be mindful of the impact of doing these reloads. If multiple people are using this button at the same time, you don't want to do a reload for each update.
Problems:
Improvements:
The information in this article is provided as-is and to be used at own discretion. Depending on tool(s) used, customization(s), and/or other factors ongoing support on the solution below may not be provided by Qlik Support.
Most Qlik Web Storage Provider Connectors require an encryption key. If no key exists, the following error will be displayed when authenticating:
Error retrieving the URL to authenticate: ENCRYPTION_KEY_MISSING - you must manually set an encryption key before creating new connections.
General information, as well as a list of which connectors require an encryption key, can be found in Setting an encryption key | Qlik Connectors Help.
The actual generation of a key depends on your organization's best practices, but we can provide you with an example on how to go about it with OpenSSL:
The below example is not supported by Qlik Support. Review it with your local security office to see what method your organization follows.
Follow the instructions on how to set the encryption key in Qlik Sense Enterprise on Windows and/or Qlik Sense Desktop:
Setting an encryption key on Qlik Sense Enterprise on Windows
Setting an encryption key on Qlik Sense Desktop
Setting an encryption key | Qlik Connectors Help
Setting an encryption key on Qlik Sense Enterprise on Windows
Setting an encryption key on Qlik Sense Desktop
Qlik Web Connectors allows loading Excel files (xls, xlsx) hosted in online file storage services such as Box, Dropbox, Google Drive and OneDrive directly into QlikView and Qlik Sense without having to save the file to disk first.
Different methods need to be applied to fetch files depending on what edition of Qlik Sense is used.
Note that the in-built Web Connectors are available are:
Unavailable at the moment are:
To connect to, for example an excel file, stored on Google Drive:
More information: Managing data sources in spaces.
You can add data files and data connections directly in shared and personal spaces. This enables data sources to be added outside of apps for use by other space members.
We use the query GetRawFileAsBinary of the appropriate connector in Qlik Web Connectors.
Once the binary content is sucessfully loaded in Qlik Web Connectors web console, you can create a webfile connection in QlikView or Qlik Sense to load data from Qlik Web Connectors.
In QlikView:
SaaS Topics:
Managing data sources in spaces.
Built-in Qlik Web Connectors
STT - Reloading Your Data in Qlik Sense Business
WebConnectors (not SaaS):
Data sources included in Qlik Web Connectors
Google Drive and Spreadsheets
OneDrive
Dropbox
Qlik Web Connectors authentication fails with error "Could not establish trust relationship for the SSL/TLS secure channel"
Starting at Qlik Sense Enterprise on Windows May 2021, the bundled PostgreSQL has been upgraded to version 12.5.
However, PostgreSQL 12.5 will only be deployed during a fresh installation of Qlik Sense Enterprise on Windows May 2021. This means that, if you are upgrading to Qlik Sense Enterprise on Windows May 2021, PostgreSQL will remain on 9.6.
For many organizations, running on the latest supported PostgreSQL version is a security requirement. To achieve this:
Content:
The information in this article is provided as-is and to be used at your own discretion. Depending on the tool(s) used, customization(s), and/or other factors ongoing support on the solution below may not be provided by Qlik Support.
This process requires a full reinstallation of the product. Despite the fact that a backup is being taken as part of the process, it is highly recommended to have a second backup plan in place such as a Virtual Machine snapshot and/or a Server Backup.
It is highly recommended to test this process in a test environment to get familiar with it.
The first step is to upgrade your environment to Qlik Sense Enterprise on Windows May 2021 following the steps and recommendations provided on this link.
Once the upgrade is done make sure your Qlik Sense site is completely operational.
At this point, you have an operational Qlik Sense site running on Qlik Sense Enterprise on Windows May 2021, however, the bundled PostgreSQL is still on version 9.6.
The next step will be to backup your entire Qlik Sense site following these instructions (including the certificates) . The backup is essential as it will need to be restored later on.
You will now need to uninstall Qlik Sense from the central node following these instructions.
During the uninstall:
Now that Qlik Sense Enterprise on Windows May 2021 is uninstalled on the central node, you will reinstall it as a result will deploy a bundled PostgreSQL 12.5. Instructions available here.
Do not check the box Start theQlik Senseservices when the setup is complete at the end of the installer.
You now have a clean Qlik Sense Enterprise on Windows May 2021 deployed on your central node with PostgreSQL 12.5. You now need to restore your environment to retrieve all your configurations and apps.
Please follow the Restoring a Qlik Sense site (including the certificates).
Note: While restoring the database backup you will most likely receive the following error which can be ignored. This error is caused by the version discrepancies between the pg_dump that made the dump file and the pg_restore that's restoring it - in example files coming from PostgreSQL version 9.6 vs files coming from PostgreSQL version 12.5. QSR backup taken and restored with the same version of PostgreSQL will not produce that error.
pg_restore: while PROCESSING TOC:
pg_restore: from TOC entry 3; 2615 2200 SCHEMA public postgres
pg_restore: error: could not execute query: ERROR: schema "public" already exists
Command was: CREATE SCHEMA public;
pg_restore: warning: errors ignored on restore: 1
Once the environment is restored, you should be able to start your central node and rim nodes successfully.
Qlik Sense Enterprise on Windows May 2021 and later
Error 429 (Too many requests) is returned in September 2020 and later when uploading a big number of files.
Environments:
The information in this article is provided as-is and to be used at own discretion. Depending on tool(s) used, customization(s), and/or other factors ongoing support on the solution below may not be provided by Qlik Support.
This is due to the new DoS (Denial of Service) protection in those versions. Error 429 will happen more than 60 upload requests are sent in a 30 seconds time frame.
This protection can be disabled. Qlik does not recommend disabling DoS attack protection.
In C:\Program Files\Qlik\Sense\Repository\Repository.exe.config file, set the following option to false to disable it.
<add key="UseDosProtector" value="false"/>
Qlik cannot be held responsible for any damage caused by a DoS attack if the above option has been disabled.
Currently, in Qlik Application Automation it is not possible to export more than 100,000 cells using the Get Straight Table Data block.
Content:
To overcome this limit, the workaround is to export records in batches from the Qlik Sense straight table to the cloud storage platform of your choice. The prerequisite is to have a unique numerical field in your dataset. If you don't have the unique field in your dataset, you can add it using RowNo() function in the load script as shown below. This counts the rows in the dataset.
In this example, we will export data from the Qlik Sense straight table to Dropbox as a CSV file.
You can also find an exported version of this automation and application attached to this article. More information on importing automation can be found here.
Automation Part 1
Automation Part 2
Automation Part 3
The following is a compatibility matrix for Qlik NPrinting May 2021 through May 2023 with QlikView:
QlikView 12. 6 and 12.7 |
QlikView 12.8 | |
NPrinting May 2021 Track | Compatible | Not Compatible |
NPrinting May 2022 Track | Compatible | Not Compatible |
NPrinting May 2023 IR | Compatible | Compatible |
Qlik NPrinting May 2023 IR will be released May 30, 2023.
QlikView - May 2023 IR
QlikView May 2023 release and Qlik NPrinting: Do not upgrade QlikView if you use Qlik NPrinting
Joint customers of Qlik and Alation were dancing for joy the minute they realized that there was Qlik Application Automation Connector for their Alation Cloud Catalog.
If reading that phrase was difficult for you, it's ok. It took me a dozen takes trying to say it when I recorded the video you will find below. Powerful, but such a tongue twister. 🤣
Like with any of the Qlik Application Automation connectors, to get started you will need to drag any of the many many many blocks to your canvas.
Then you will need to establish the connection parameters. Simply provide the name you wan to use for your connection, your login credentials for your Alation Cloud Catalog tenant and lastly your "instance_name." Please notice below you DO NOT want to input the entire instance, just your specific company name that is part of the full name.
Considering the fact that I had to scroll for 10 seconds just to make the GIF file above showing the many blocks I suppose I better narrow the use case for the rest of this post down for you ... the main block that I wanted to show you was the brand spanking new block "Add Object to BI Server."
The use case that block was built to support was any scenario where you wanted to build your own user defined hierarchy within Alation. So I chose a use case that affords us the perfect opportunity to do just that ... We will be exporting all of the METADATA about my applications to my Alation Cloud Catalog. [Notice I didn't say saving our applications or sharing our data. I'm just talking about the metadata that describes our applications.]
Spaces --> Applications --> Sheets --> Objects
Thus the goal at the end is to have a folder in your Alation Cloud Catalog for each of your spaces, and inside a list of each of your applications that are part of that space, and inside that a list of each of your sheets that are part of that application, and inside of that a list of all of your objects that are part of that sheet.
I have attached a copy of the Qlik Application Automation project/workspace for you "SendSpaceToAlation.json". So if you want to feel free to upload the workspace into a new Qlik Application Automation and you can follow along.
One thing you will notice in the project, and in the accompanying video, is that I intentionally put two Conditional blocks in my Qlik Application Automation: One that checks for a particular Space name and only goes through the process for it, and a second that checks if the Sheets are public or not. It's always good practice to limit what you are doing so that it's easier to validate everything in an isolated fashion. Once you get it working you can simply drag everything from the Yes condition of the space out, remove the condition and then output all of your spaces. Likewise, if you wish to catalog all of the metadata from your personal sheets in the application feel free to do that. Understand, that they are YOUR personal sheets, not everyone else's.
The blocks that I utilize as part of this automation, "Add Folder to BI Server", "Add Object to BI Server", both require you as their names suggest to identify your target BI Server. If I was just building the attached project for myself then perhaps I would utilize Qlik Application Automation's ability to simply select my BI Server from a lookup:
If you have ever watched my You Tube series on Qlik Application Automation you will know I'm kidding. I don't like having to worry about maintenance so I typically make everything a variable. Especially when it is something like the Alation Cloud Connector Server ID that I will use multiple times throughout the project. Which works out well for you because that means when you get a .JSON project from me, like the one attached, all you need to do is modify a few variables and you are up and running.
If you don't know the Server ID to use you have 3 options:
1. Go ahead and choose it 1 time from the lookup and it will give you the ID
2. If you are in your Alation Cloud the Server ID will be listed in the URL path
3. You could swap out the blocks to use the small "List BI Servers" block I left in this project for you. It provides you the same list that shows up if you use the Lookup functionality.
My lack of sleep is none of your concern. However, you do need to be aware of the importance of "sleep" when it comes to the Alation Cloud Connector API's. You see they are Asynchronous. Meaning they don't make you wait while they are off and doing their thing, they return control to you immediately so you can multi-task. That is normally a great thing, but in this case we have an issue. I can't add Applications to a Space that doesn't exist yet. I can't add Sheets to an Application that doesn't exist yet. I can't add Objects to a Sheet that doesn't exist yet.
Hence, the need for sleep. Not for you or I, but for the automation. So you will see several blocks within the project set to sleep for X number of seconds after calling the Alation Cloud Connector API's. As I point out in the video depending on your environment you may need to adjust those wait times.
Now that I have laid the ground work for what the use case and the special situations we are dealing with here is a video that will walk you through the project and let you see what the outcome would be in your Alation Cloud tenant.
Hopefully, I have provided enough information in text/video to get the attached template working in your environment. But that's really just the beginning. If you listened carefully I showed an alternative template where I created a folder called Sheets under the Application, then put all of the Sheets in it. Perhaps your next step is to make that work as well.
The most important thing about that suggestion was to leave room for other folders under the Applications like "Master Dimensions", "Master Measures" and "Master Visualizations." How cool would that be?
While I could have handed you a project template that did that for you, the most important reason I post content or share content is for YOUR LEARNING. I aim to provide enough to get you comfortable/confident working with new things like this Qlik Application Automation Connector for your Alation Cloud Catalog.
Whether you succeed or fail at the challenge, please feel free to share below. After all, that is what Qlik Community is all about.
The information in this article is provided as-is and to be used at own discretion. Depending on tool(s) used, customization(s), and/or other factors ongoing support on the solution below may not be provided by Qlik Support.
At QlikWorld 2020 I'm hosting a session called "Top 10 Visualization tips". Here's the app I used with all tips including test data. Tip titles, more details in app:
* Charts *
Parliament diagram
Scatter with trackline
Calendar Graph - Month view
Calendar Graph - Year view
Meteogram
Spiral plot
Rank chart
Slope graph
Timeline chart
Candlestick chart
Range chart
Ridgeline chart
Stream Graph
Chord diagram
Coxcomb chart
Race chart
* UI tweaks
Toolbar toggle
Hide toolbar
Hide selection bar
Hide sheet title
Hide popup buttons
Hide Pivot buttons
Hide search bar
Hide three nav
Watermark
Center titles
Highlight rows
Larger scrollbars
* Dev tips*
Scatter overlap
Persistent colors
Color thresholds
Trellis container
Responsive and mobile tips
Include from Github
Tooltip table
Radial bar charts
100% bar charts
Title and text matters more than we think
Thumbnails
Quarterly month average
Image to chart
Magic quadrant
Link to app
I want to emphasize that many of the tips are invented by others than me, I tried to credit the original author at all places when possible. Many of the tips have been published before on the Qlik Community, the app below can be viewed as my current top picks.
If you liked it, here's more tips in the same style:
Similar but for Qlik GeoAnalytics :
Thanks,
Patric
You can install or remove Qlik Sense Extension bundles from your Qlik Sense deployment at any moment. If you have a multi-node installation, Qlik Sense Extension bundles are installed on the central node.
For information on how to install or import other extensions not delivered in our Qlik Sense Extension bundles, see: Installing, importing and exporting your visualizations on Qlik Help.
Note: All these steps need to be carried out in the Programs and Feature section of the Control Panel. You cannot modify or uninstall the bundle from the Add and Remove Programs menu.
You can verify that the changes have been correctly applied by checking the Extensions section in the Qlik Management Console (QMC).
You can add or remove extension bundles from your Qlik Sense Desktop installation at any moment.
Do the following:
Then, click Next.
If after uninstalling/reinstalling the Extension Bundle, specific extensions are not available see also relevant articles below:
Replicating a table from an MS-CDC source endpoint fails with:
E: Fitness check - failed:
When MS-Replication is enabled on the source, it creates an MS-Replication log reader job, which then reads from tlogs and populates the distribution database with the changes.
When you apply MS-CDC at the same time on the source, this creates an MS-CDC capture job, which then also reads from the tlogs, but populates the change tables.
The MS-CDC capture job could not run as the sp_repldone process, which marks the changes out the logs as replicated, could be owned by only one job. The sp_repldone process will in this situation be owned by the MS-Replication log reader job.
To mitigate this, make the following changes for your MS-CDC endpoint:
This tells Qlik Replicate MS-CDC not to check for the MS-CDC capture job as it doesn’t rely on it.
For more information on how to add Internal Parameters, see: Qlik Replicate: How to set Internal Parameters and what are they for?
Qlik Replicate MS-CDC source endpoint
This article gives an overview of the available blocks in the Alation Cloud Catalog connector in Qlik Application Automation. It will also go over a basic usecase creating a datasource and a table linked to it using this connector.
More information on this connector can be found here: Using the Alation Cloud Catalog connctor
This connector consists of:
There are also a few blocks available for managing metadata and jobs, for example, to trigger or see details of a job. You can use the Raw API blocks in order to configure other endpoints that are not covered by default.
For authenticating, you will need to provide your username, password, and specify your Alation subdomain.
Let's now go over a basic example of how to create a datasource and a table linked to that datasource using the Alation Cloud Catalog connector:
The information in this article is provided as-is and to be used at own discretion. Depending on tool(s) used, customization(s), and/or other factors ongoing support on the solution below may not be provided by Qlik Support.
Before reading this, please refer to the official QlikView Authentication - Qlik Online Help and your specific version for details.
QlikView allows for a number of 3rd party, custom authentication methods to be implemented, which may leverage an Identity Provider (IdP) of choice. However, many aspects of this integration is limited to best-effort support from Qlik Technical Support. See How and When to Contact the Consulting Team?
By default. QlikView only interacts with Windows using the appropriate APIs in the background, allowing Windows to carry out any authentication attempts and passing that information to the QlikView system. Custom Users in the Directory Service connector are a second option, which allows QlikView itself to do authentication.
Any other user repository will require external, 3rd party implementations.
! The information in this article is provided as-is and to be used at your own discretion. Depending on the tool(s) used, customization(s), and/or other factors ongoing support on the solution below may not be provided by Qlik Support.
This document includes some possible examples in a QlikView 11 implementation of WebTickets and Header authentication, with examples from .NET, PHP, and LDAP integrations. The examples are provided as is.
! The document references http://localhost:4730/qtds.asmx, which was a valid URL used in QlikView 10 (no longer supported).
This function has been removed in QlikView 11.
! The document references a WebTicket implementation limitation:
A current limitation is that the QVWS or IIS used in steps 2 and 3 (i.e. the server you collect the ticker from and the server you redirect the user to) must be the same machine.
This limitation no longer applies in the current QlikView 12 and 11.20 versions.
This article gives an explanation of some of the common error messages.
Error 1:
Error 400 - Bad request
Contact your system administrator. The user cannot be authenticated by the SAML response through the following virtual proxy:
Error 2:
SAML mandatory attribute for user ID is missing
Error 3:
SAML assertion is expired
Error 4:
Error 500 - Internal server error
Internal server error
Error 5:
SAML assertion must be encrypted on an unsecured connection
Qlik Sense Enterprise on Windows
This is the most common error message that is encountered when using SAML. It basically means that the SAML request is malformed, missing some mandatory information, or we are encountering a time sync issue.
The first step to take when this error appears is to check the Servername_Audit_Proxy.txt (C:\Programdata\Qlik\Sense\log\Proxy\Trace)
WARN QlikServer2 Audit.Proxy.Proxy.SessionEstablishment.Authentication.SAML.SamlAuthenticationHandler 47 82c8cc12-5bf4-42a5-af04-b8e2c64d5c50 DOMAIN\Administrator SAML mandatory attribute for user ID is missing 0
The error is sometimes obvious as in the above example. An attribute is missing.
The second step would be to look into the SAML response and see if the SAML attribute you have set for your user ID is in there:
Check if you have an element <saml:Attribute ... Name="Nameofyourattribute" > inside the <saml:AttributeStatement> element.
In this example, the attribute we were trying to use for the User ID is Email. We see that it is not present in the <saml:AttributeStatement> element.
Verify that the SAML request is not rejected because it is "expired" or "SAML assertion is expired" and also result in "400: Bad request". This can happen if for example an AWS server with Sense installed on it was not configured to automatically update its date/time settings. The time difference between the identity provider and Sense can then lead to the message being rejected.
In this case, adjust time settings accordingly.
This can have different reasons but the troubleshooting process is similar to the example above.
In SAML, error 500 usually indicates an error with the certificate used. Either the certificate used is incorrect or does not have the proper Cryptographic Provider.
In order to use SHA-256 in Qlik Sense with SAML, the cryptographic provider for the certificate applied on the Qlik Sense proxy must be "Microsoft Enhanced RSA and AES Cryptographic Provider".
This limitation does not apply to the certificate used by the Identity provider.
The Servername_Audit_Proxy.txt (C:\Programdata\Qlik\Sense\log\Proxy\Trace) will either indicate "could not decrypt data" or an error with ComponentSpace.SAML2.Exceptions.SAMLSignatureException.
All network traffic has to be encrypted, that means it's mandatory to use the port 443 in order to have a secure connection.
You may notice fiber loop errors appearing in the Windows, QlikView and Qlik Sense logs.
e.g:
StdServer: Fiber loop (10b74b020) stall detected: last fiber loop iteration started 120917 ms ago.
Fiber loop is an entirely normal error to see and is usually just a sign of a busy server. It may not show any symptoms to the end user.
Fiber-loop stalls indicate a problem with a Windows fiber (a kind of thread) that has taken too long to respond. It shows up in the Windows error logs and the user may experience this a client crash as the session has been closed. If the browser is refreshed then a new session is created.
If the peak memory usage is sufficient to drive the server up towards the upper control limit (High Working Set default is 90%), then one can expect to see some level of degraded performance and unusual failures as the in-engine cache will be mostly drained of memory. The required and recurring re-calculations of results will also use a lot of CPU, and this is also likely the path of explanation for the observed stalls.
Fiber-loop stalls indicate a problem with a Windows fiber (a kind of thread) that has taken too long to respond.
Generally caused by a busy server that may or may not be oversubscribed (causing peaks in resource usage) and/or by slow network performance particularly when working with large apps stored on network device or share.
It would be more a case of investigating the overall server performance, size of the Apps (if these are very large and stored on a network device) perhaps there are issues with Network speed/performance.
Any performance issues should be investigated with their local IT team to help reduce the number of fiber loop errors reported.
See What are fiber loop errors in the QlikView server event log? for more details, as well as related content below.
Generating ETL instructions (both basic and all validations) for a data warehouse task fails at random for different tasks with the following error:
Undefined error
Clicking on more details shows no additional information. The same task will generate the instructions successfully at a different time.
This may occur after an upgrade of the Snowflake ODBC drivers (for example from 2.24 to 2.25.11).
As a troubleshooting step, turning up the Qlik Compose logs to verbose does not capture the undefined error, but the Windows Event logs show a crash of the Qlik Compose service.
Review the Windows Events (Application) log for Application Errors. Opening the log reveals an error such as:
Faulting application name: ComposeCtl.exe, version
Faulting module name: SnowflakeDSll.dll
Exception code: 0xc0000005
A defect in the 2.25.11 Snowflake driver is causing this issue. Downgrading to 2.25.6 resolves the ‘undefined’ error and prevents the crash.
See Snowflake ODBC Driver Release Notes.
Qlik Compose 2021.02 and above
IMPORTANT - If you make a support request we might ask you to turn on logging, reproduce the issue and send the relevant log file to us in order to help us identify the issue.
Occasionally, access tokens and other sensitive information might end up saved in the log file - we would recommend before sending us any log file that you first review it and delete anything which looks like an access token, credential or other sensitive information.
The procedure you follow will depend on the Qlik Web Connectors edition you are using.
From where you can either open the log file in your browser or download to disk.
Alternatively, you should be able to navigate to the App_Data folder underneath your Qlik Web Connectorsfolder, locate the GUID for the user who you are using Qlik Web Connectors as and underneath you should find a 'Logs' folder.
The log files are placed in:
[Install_dir]\App_Data\Logs
And the API log files in:
[Install_dir]\App_Data\<User>\Logs
To install or upgrade your existing Qlik NPrinting governance dashboard, simply deploy the new QVF and reload the app: NPrinting Governance Dashboard - version3
If and only if you have altered the engine.config file(s) on your NPrinting Engine computer(s) to change the default 'resolvers-count' value, then go to the 'deployment summary' sheet and enter the 'resolvers-count' value under 'Available Resolvers'. This value sets a baseline that the new concurrency metric can evaluate to ensure your NPrinting environment is not core constrained.
Please enjoy and post comments/suggestions in GitHub preferably, or in the community comments below.
Version 3.0 (4/12/2022)
-Fixed a bug introduced by NP May 2021 SR3 where the reload fails in the load script:
< Field 'id' not found FROM "nprinting"."public"."task_execution" >
-Updated background colours on the "Task Recipients" Pivot Table to green
Version 2.0
Deployment Summary Sheet:
-New KPI "Peak Connection Concurrency". This is the number of unique connections used at any one time by executing publish tasks, subscriptions, on-demand requests, or metadata reload requests. It does not include preview requests. If this number exceeds 60% of your resolver count, queuing is expected to occur and reports will take longer to run. The metric will turn red indicating it is time to add logical engine processors to your NPrinting Engine(s) to a maximum of 16 logical processors per engine.
-New KPI "Peak Execution Concurrency". This is the number of concurrent execution requests at any one time . It is the sum of executing publish tasks + executing subscription requests + executing onDemand Requests + executing Metadata reload requests. If multiple reports are running in a single publish task, it counts as just '1' in this resolver . Does not include 'preview' requests.
Report Delivery Sheet:
-New filters added
Data Connections Sheet:
-New filters added
-Section Access field (yes/no ) added
Qlik Lineage Sheet:
-New filters added
-New KPIs added: Complex reports , Medium reports, simple reports
App Content Sheet:
-new filters added
Task Recipients Sheet:
-new filters added
Execution Analysis Sheet:
-New table "Days when Concurrency Exceeded". Shows the number of days where the peak concurrency connections exceeds 60% of vResolvers.
-New table "Peak Concurrency by Day". Shows peak concurrency by day.
Report Performance Sheet:
-Container with 4 distribution plots showing execution length for publish tasks, subscriptions,ondemand requests and metadata reloads. Colored by status (green = success, red = failed)
-Container with 4 tables showing detailed executions
Users Sheet:
-New Filters added
Execution Log Messages:
-New Filters added
Load Script / Model:
- vResolvers variable set to the sum of logical processors on each NP engine found
section access field added to connections
New master date table intervalmatched to executions.
vMonthsToLoad variable determines how many trailing months to generate in the master date table (default is 3 months)
For anybody upgrading you will need to re-edit the data source in the load script and if and only if you have changed the resolvers-count setting in the NPrinting engine.config file .... then after reloading the app , go to the deployment summary sheet and update the vResolvers variable to be equivalent to the same value as 'resolvers-count' in the engine.config. If you have multiple NP engines, sum the number together and set vResolvers to the sum of the values found in the engine.config files.
This article explains how to implement SAML for NPrinting with Azure as the IdP.
To implement Azure SAML in Nprinting, the following needs to be done:
Generate a Metadata XML file
Federation Metadata XML: Download
<?xml version="1.0"?>
<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://sts.windows.net/b26e23cf-787a-40e8-9d17-f0c9f9ad0821/">
<IDPSSODescriptor xmlns:ds="http://www.w3.org/2000/09/xmldsig#" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<KeyDescriptor use="signing">
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:X509Data>
<ds:X509Certificate>MIIC8DCCAdigAwIBAgIQFUUu6ZQHg5FJ...Ud8tf9A/4A6+2SZm34gf8gcVPTXT/a</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</KeyDescriptor>
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://login.microsoftonline.com/b26e23cf-787a-40e8-9d17-f0c9f9ad0821/saml2"/>
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://login.microsoftonline.com/b26e23cf-787a-40e8-9d17-f0c9f9ad0821/saml2"/>
</IDPSSODescriptor>
</EntityDescriptor>
Potential Troubleshooting Steps
PostgreSQL has identified two security issues. As Qlik Sense Enterprise on Windows relies on PostgreSQL for its repository, we want to provide you with steps on how to mitigate the vulnerabilities.
CREATE
privilege to execute arbitrary code as the bootstrap superuser. Database owners have that right by default, and explicit grants may extend it to other users.SET ROLE
s. Applying an incorrect policy may permit a user to complete otherwise-forbidden reads and modifications. This affects only databases that have used CREATE POLICY
to define a row security policy.
With the next major Qlik Sense Enterprise on Windows release (August 2023), Qlik will update its bundled PostgreSQL database to the latest 14.x version.
As a mitigation for any previous releases, including May 2023, we offer the Qlik Postgres Installer (QPI) to migrate from 9.6 or 12.5 embedded databases to 14.8. We validated PostgreSQL 14.x for all releases back to February 2022.
The Qlik Postgres Installer version 1.3.0 with the updated Postgre SQL version has not yet been released. Watch this article for updates on when it is available. We anticipate to release it in the week of the 28th of May.
There are two possible scenarios which may apply to you:
Use the new Qlik Postgres Installer (version 1.3.0) to upgrade to Postgres 14.8 and migrate Postgres with QPI. Follow the instructions in Upgrading Qlik Sense Repository Database using the Qlik PostgreSQL Installer.
The Qlik Postgres Installer version 1.3.0 with the updated Postgre SQL version has not yet been released. Watch this article for updates on when it is available. We anticipate to release it in the week of the 28th of May.
If you have previously used the Qlik Postgres Installer (version 1.2.1 or earlier), you can simply install the latest PostgreSQL version (within your major release) and install it on top of your current 12.x database.
Steps:
https://www.cybersecurity-help.cz/vdb/SB2023051138
Download PostgreSQL | Enterprisedb.com
Qlik Sense Enterprise on Windows all versions