000037625 - Artifacts to gather in RSA Access Manager

Document created by RSA Customer Support Employee on Jul 13, 2019
Version 1Show Document
  • View in full screen mode

Article Content

Article Number000037625
Applies ToRSA Product Set: Access Manager

 
IssueThis article outlines what files and information are required by RSA Customer Support for RSA Access Manager Server and RSA Access Manager Agent issues.
Resolution

Table of Contents


Contents
Table of Contents
RSA Access Manager Server
Logs directory
Conf directory
RSA Access Manager Admin GUI
RSA Access Manager Agents
RSA Access Manager Web Agents
Windows
Unix
RSA Access Manager Application Agents
Windows
Unix
RSA Access Manager Runtime API

 

RSA Access Manager Server



Logs directory


Located in the logs directory for each instance of RSA Access Manager.  There could be more than on RSA Access Manager instance for redundancy.  For Microsoft Windows, this is typical “C:\Program Files\RSA\Access Manager Servers 6.2\logs”.  For Unix, this is typical “/app/ctrust/logs”.  You should archive all the logs in this directory for analysis.  If there are a large number or rotated logs archive only the most recent logs.

  • lserver.log -  (optional).  If the server is configured for central logging there will be one file per instance, or one file per installation. The name of the file is lserver.log.  Rotated log files will be named lserver1.log.  This file contains all normal log events from all RSA Access Manager Processes.
Alternately if no lserver is configured the log files are as follows

  • aserver.log – events for the Authorization Server (aserver)
  • eserver.log – events for the Entitlements Server (eserver)
  • dispatcher.log – events for the Dispatcher server (dispatcher) and the Keyserver (keyserver).  (These run in the same process).
  • isever.log – (optional) logs for instrumentation server (iserver).

Conf directory


Located in the conf directory for each instance of RSA Access Manager.  There could be more than on RSA Access Manager instance for redundancy.  For Microsoft Windows, this is typical “C:\Program Files\RSA\Access Manager Servers 6.2\conf”.   For Unix, this is typical “/app/ctrust/conf”.  If a review of the configuration is warranted, you should archive all the conf files in this directory for analysis. 

  • adaptive-auth-onpremise.conf – only used if Adaptive Authentication is configured (optional)
  • aserver.conf – for all of the Authentication Servers on this machine.  Typically, customers will have two aservers on each machine.
  • ca_keystore.jks – Java JKS keystore used to store any trusted root certificates for LDAP binds.
  • dcp.conf – for distributed credentials (optional)
  • dispatcher.conf – for the dispatcher for this machine
  • ehcache.xsd
  • eserver.conf – for the entitlement’s server.  There should only be one of these in use.
  • iserver.conf – for the instrumentation server (optional)
  • jcifs.conf
  • keyserver.conf for the keyserver on this machine
  • ldap-adlds.conf – (copy only of default ldap.conf for adlds)
  • ldap.conf – LDAP configuration file for the user and policy datastore.  For SQL server this would be replaced by sql.conf file.
  • license.xml – license file
  • lserver.conf – for the log server.  There should only be one of these.  (optional)
  • rsa-axm-ehcache.xml
  • snmp-access-policy.xml
  • uus.conf – for the unique user session tracking feature (optional)
  • words.txt

RSA Access Manager Admin GUI


The administrative application is a Web Application that can be deployed on any application server as a WAR file. Most application servers are supported (Tomcat shown).

  • http://axm-server.vcloud.local:8080/axm-admin-gui-6.2/Home.jsp - RSA Administrative Console (Admin GUI) home page.
  • C:\Program Files\Apache Software Foundation\Tomcat 8.5\webapps\axm-admin-gui-6.2\WEB-INF\web.xml – Notably this file contains a reference to the location of the Admin GUI configuration file in the webgui.config.directory parameter
  • C:\Program Files\RSA\Access Manager Servers 6.2\webapp\admingui.cfg – Admin GUI configuration file default location (maybe different location as specified above.)

Debug Mode


RSA Access Manager servers can be started in DEBUG mode by passing the -DDEBUG flag on the Java command line when starting the servers.  This can be done by starting the servers manually from the command line.
 

C:\Program Files\RSA\Access Manager Servers 6.2\bin>aserver.bat debug
RSA Access Manager Authorization Server
Version 6.2 (Build ID: 20130125033301-0500-1355387)

 

  • C:\Program Files\RSA\Access Manager Servers 6.2\bin\aserver.bat – command line batch file to start aserver on windows
  • /app/ctrust/bin/aserver.sh – command line batch file to start aserver on windows.
See the following KB article for more information on DEBUG mode.

RSA Access Manager Agents



RSA Access Manager Web Agents



Windows



Logs directory


Located in the logs directory.  The default location is “C:\Program Files\RSA\Access Manager Agent 5.0 SP4\IIS\logs\”.   The log file may have different names depending on the settings but typically is called ctagent.log with a number representing the rollover date.  Logs have different log levels (None, Config, Misconfig, Critical, Error, Warning, Security, Info, Debug and Massive) as defined in the webagent.conf file.

  • C:\Program Files\RSA\Access Manager Agent 5.0 SP4\IIS\logs\ctagent.20190605160645.log – agent log file
  • C:\Program Files\RSA\Access Manager Agent 5.0 SP4\IIS\RSA_Access_Manager_Agent_5.0_SP4_for_IIS_InstallLog.log – agent installation file

Conf directory


Located in the conf directory. Default location is C:\Program Files\RSA\Access Manager Agent 5.0 SP4\IIS\conf\. 

  • C:\Program Files\RSA\Access Manager Agent 5.0 SP4\IIS\logs\webagent.conf

Unix


On Unix, the install location of the agent is in /opt but the configuration and log files are in subdirectories named for the webserver that is installed.

Logs directory



  • /opt/RSA_Access_Manager_Agent_5.0_for_Apache_InstallLog.log – Agent installation log
  • /var/log/httpd/error_log – Apache Web Server error log file
  • /var/www/html – Apache Web Server http root document directory
  • /opt/rsa-axm/agent-50-apache/webservers/Apache_2.4.6/logs/ctagent.20190607121648.log Agent log file

Conf directory



  • /opt/rsa-axm/agent-50-apache/webservers/Apache_2.4.6/conf/webagent.conf – conf file
  • /opt/rsa-axm/agent-50-apache/htdocs/ct_logon_en.html – default logon page

Other


RSA Access Manager Application Agents



Windows



Logs directory



Conf directory


 

Unix



RSA Access Manager Runtime API




 

Attachments

    Outcomes