000031956 - How to monitor replication status using SNMP in RSA Authentication Manager 8.x

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 5Show Document
  • View in full screen mode

Article Content

Article Number000031956
Applies ToRSA Product Set: SecurID
RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 8.1.x
 
IssueQuerying SNMP OID .1.3.6.1.4.1.2197.20.21.1.5 (replication status) with a parameter on primary is working fine but it is not working on replica instance.
 
ResolutionSNMP OID .1.3.6.1.4.1.2197.20.21.1.5 is used to query replicationStatus from the path: .iso.org.dod.internet.private.enterprises.rsa.ims.instanceTable.instanceEntry.replicationStatus where SNMP OID .1.3.6.1.4.1.2197.20.21.1.5 either returns HEALTHY, OUT_OF_SYNC or SYNCHRONIZING depending on the status of the replications.
Where an administrator queries the replicationStatus on a primary instance, an additional value or parameter can be added to the OID, for example: SNMP OID .1.3.6.1.4.1.2197.20.21.1.5.0 (for the primary instance) or SNMP OID .1.3.6.1.4.1.2197.20.21.1.5.1 (for the replica instance)
Example of snmpwalk on primary instance:
rsaadmin@app81p:~> snmpwalk -v 3 -u snmpuser -l authPriv -a MD5 -x DES -A "Password01." -X "Password01." 127.0.0.1 .1.3.6.1.4.1.2197.20.21.1.5.0
RFC1155-SMI::enterprises.2197.20.21.1.5.0 = STRING: "HEALTHY"
rsaadmin@app81p:~> snmpwalk -v 3 -u snmpuser -l authPriv -a MD5 -x DES -A "Password01." -X "Password01." 127.0.0.1 .1.3.6.1.4.1.2197.20.21.1.5.1
RFC1155-SMI::enterprises.2197.20.21.1.5.1 = STRING: "HEALTHY"
rsaadmin@app81p:~>

An administrator would query the replica instance with one OID value to return the value of replicationStatus for example: SNMP OID .1.3.6.1.4.1.2197.20.21.1.5.0
Example of snmpwalk on a replica instance:
rsaadmin@app81r:~> snmpwalk -v 3 -u snmpuser -l authPriv -a MD5 -x DES -A "Password01." -X "Password01." 127.0.0.1 .1.3.6.1.4.1.2197.20.21.1.5.0
RFC1155-SMI::enterprises.2197.20.21.1.5.0 = STRING: "HEALTHY"
rsaadmin@app81r:~>

NOTE: the values in the snmpwalk command were configured in the Security Console > Setup > System Settings > Advanced Settings: Network Monitoring (SNMP) > select Instance Type and click Next button
snmpwalk command:
snmpwalk -v 3 -u <Security Name> -l <Security Level> -a <Authentication Protocol> -x <Privacy Protocol> -A <Authentication Password> -X <Privacy Password> <hostname/IP address> <OID value>

Example from Security Console on where the values can be found for the snmpwalk command:
User-added image
 
NotesCustomers can use snmpwalk commands in scripts or from 3rd party products to monitor replication status where customers can engage RSA Professional Services for this type of assistance.

Attachments

    Outcomes