Keith Stevenson

@chriscorcoran Thanks for the post. We can see no unexpected load or performance issues. Can you clarify where it appears to be slow as well as login to hornbill.com as this will run an instance check from your location\browser to identify any network issues. Kind Regards Hornbill

All, Thanks for the replies and Teams meetings. We have identified a possible cause (Origin Header for some requests being NULL) which could account for the issue. We are working on a patch ASAP. This issue appears to be effecting only a small percentage of machines at any given site and some of those effected have managed to overcome the issue by clearing cookies or a Ctrl+F5 refresh. WE will provide an update at 10AM on the Patch status if not before. Kind Regards

@Met Thanks for the feedback. When you say a hard refresh can you clarify, as Clearing cookies didnt seem enough for others. Kind Regards

@Adrian Simpkins Excellent . Have sent you a teams link via private message Kind Regards

@Adrian Simpkins We are unable to see any errors, however we would like to try a couple of tests but need more instant feedbaclk. Are you available for a remote teams session? Kind Regards

@Adrian Simpkins Thanks for the post. Can you confirm if the issue still occurs if you clear all cookies? Kind Regards Hornbill cloud Team

@Osman Thanks for the reply. Out of interest do you happen to know which URL and where the Proxy Filter list came from. We probably cant do anything about 3rd parties getting a wrong list but it would be interesting to know. We can also confirm that the Hornbill domains and URLs do not contain any pornography Kind Regards Keith Stevenson

@Mark Priest There has been no changes to Hornbill over the last few days (Last release of Live was 8 days ago which would not have impacted login) and no changes to any of the URLS or IPS for some time (Many months). It seems whatever Virus scanner you have in place is incorrectly blocking URLs\IPs and that should be addressed by the maintainer of the Virus scanner KInd Regards Hornbill

@Mark Priest We saw 2 Health checks submitted under your account, the first was success. The second showed a local network issue (The check also shows that at the time the check was performed the instance was OK from the machine hosting the check - which is outside our Data Centers). This suggests a local network issue at the clients side. You will need to ensure that all the URLs and ports listed in the below are accessible from the clients machines https://wiki.hornbill.com/index.php?title=Hornbill_Cloud_and_Platform KInd Regards Hornbill

@Mark Priest Thanks for the post. We are seeing no issues from any of our monitoring systems. Can you get the people effected to perform a Check from Hornbill.com as this will show where any connectivity issues resides. Kind Regards Hornbill

@Claire Holtham Thanks for the post. Apart from a DNS issue within 1 DC ((lasted 8 minutes) There has been no issues with instance availability in the last 28 days (And then 2 instances had upto 25 minutes neither of them yours.) . Our monitoring checks from 5 locations every 5 minutes to ensure that all instances are responding. If during the time your colleagues see an issue they can perform a system health check from hornbill.com that will show where the issue in connection lies. KInd Regards Hornbill

Mark, Thanks for the reply. The issue was a DNS resolving issue for our CDN and resolved by updating DNS records. Kind Regards

All, Can you confirm that you are still getting the error. KInd Regards Hornbill Cloud Team

@sjg To also clarify what was said above. We can provide the logs however without a clear understanding of what is normal and understanding of what the logs "mean" then it wont help to detect a problem. We have a number of ways of monitoring instances to detect abnormal functions. So this is an overview of how SIEM works We collect and store 100s of metrics every 15 seconds which gives us an understanding of what is normal for any instance and instances in general. Because people and large groups of people are creatures of habit which is further enforced by work patterns and routines we are able to see patterns in the data that lend themselves to statistical analysis. An example of this is API counts. People generally do the same thing every day , they get up in the morning at same time (the alarms set), they goto work at the same time (its in their contract) and they perform the same actions at nearly the same time every day (First thing read your email, then read posts, then check BBC, then go for coffee, then do them process new calls, then off hold calls etc) . The pattern repeats and because of this we see on every instance a similar number of API calls per hour (within 1 standard deviation of normal) every day during the week and another pattern during the weekend. This is further enhanced by the use of automation , and things like scheduled reports or scheduled jobs which also always happen at the same time. If we take these counts of API per hour for a given instance we see the pattern similar to the example below, and we can then look for anomalies in the data every hour when comparing to previous 6 or 12 months for that hour. Any change to peoples work patterns may initially cause alerts but over a longer enough period these become the new normal. We can also look for daily, weekly , shift and other patterns and anything that is statistically significant (1 or more Standard deviations from the normal ) is investigated. We perform this analysis every hour of every day on all instances and anything found gets flagged to the cloud team SIEM workspace for review. A manual review is then used to try and understand the events and then any remaining concerns escalated to the contacts for the given instance. We perform the same statistical analysis on Load, Database, data in\Out and other metrics as well as API count to have a understanding of what is "Normal" and what is not. In the below image, it shows a fingerprint for a demo instance , the patterns we look for (its compared data ) , and what happens when an alert is generated. This is just 1 of many ways the instances and the infrastructure supporting it are monitored for patterns\weirdness. Kind Regards Hornbill Cloud Team

@mmensah Thanks for the post. Can you confirm how you did this. When you try to rename a BPM it checks and will show a warning preventing you from overwriting if one with that name already exists. Kind Regards Hornbill

@DRiley Heres a link to the wiki page https://wiki.hornbill.com/index.php?title=Hornbill_Editions Kind Regards Hornbill Cloud Team

All, The view for Security Audit is Enterprise Only . If you dont have the Enterprise Edition and search for it you will be taken to the Users Page currently (We are looking to replace this with a more usefull "This is available in Enterprise" description. We have also updated the Wiki page accordingly Kind Regards Hornbill Cloud Team

@Malcolm Thanks for the post. We were actually already investigating an issue with your node that our monitoring had detected when you posted. It seems that 1 email was corrupt on reciept which was causing the mail importer to repeatedly fail. We have deleted the offending email and the blockage is now clear with all other emails being recieved. We will send you the details of the offending mail in a Private message. We will also look at expanding our monitoring checks to quicker alert us to this type of issue. Kind Regards Hornbill Cloud Team

Will Thanks for the post. This has been resolved and api page is now available again. Kind Regards Hornbill Cloud Team

@will.good The figure is in bytes, 1024 Bytes to a KB. Kind Regards Hornbill Cloud Team

@JAquino You are configured to send your email via MIMECAST . This has performance issues at the moment. Please see https://status.mimecast.com/ This is not a Hornbill issue (Infact we strongly recommend Direct Outbound Email rather than SMTP Relay to avoid these kinds of issues. ) Kind Regards Hornbill Cloud Team

All, Due to a number of customers still expecting the URL redirect, this has been re-enabled. This will now be disabled on May 2nd at 0900. Kind Regards Hornbill Cloud Team

All, Following the above end of Service Portal in January the Service URL redirect has been removed. All email tempaltes should be updated to use live.hornbill.com and all customers informed that they should use live.hornbill.com. Kind Regards Hornbill Cloud Team

Harry, The list of IPs is available from https://wiki.hornbill.com/index.php?title=Hornbill_Cloud_and_Platform Kind Regards Hornbill Cloud Team

All, As Victor says, if your are using 0365 you either need to configure the 0365 account specified in your Domain Router config within Hornbill to allow it to SEND AS the other accounts (Your 0365 administrator should be able to assist with this) . If you do not wish to do this then you will need to change to Direct Outbound rather than SMART HOST (See https://wiki.hornbill.com/index.php?title=Outbound_Mail_Routing) It should also be noted that Direct Outbound is the recommend option for all customers as this prevents any number of issues sending via O365 with rate limits or similar. Kind Regards Hornbill Cloud Team