Identity Router Status Servlet Conditions

Document created by RSA Information Design and Development on Oct 20, 2017Last modified by RSA Information Design and Development on Nov 16, 2018
Version 12Show Document
  • View in full screen mode
  

When queried by a load balancer, the identity router status servlet delivers a text-based report that describes usage and operational status of the hardware and services running on the identity router.

The status servlet is accessible at http://<identityrouterIP>:<port>/status/v2/lbstatus, where <identityrouterIP> is the IP address of the identity router, and <port> is the port number. For identity routers in the Amazon cloud, use port 9786. For on-premises identity routers, use the management interface IP address and port 443 or 8080.

Note:  Traffic to port 8080 is blocked by the default identity router firewall rules. You must configure a custom firewall rule to access the status servlet on port 8080.

Refer to your load balancer documentation for information about configuring status queries. Your load balancer must have specific capabilities to connect to the identity router. For more information, see Load Balancer Requirements.

The following table describes each section of the identity router status report.

                                                                                   
SectionDescriptionExample
Global Status

General status of the identity router, and the date and time when the status report was last updated.

GlobalStatus.status returns OK when all resources and services on the identity router are working. Cross-site replication does not affect this status.

#LAST UPDATE : Tue, 10 May 2016 23:26:20 +0000

GlobalStatus.status=OK

GlobalStatus.lastUpdate=1462922780254

RSA SecurID AccessServices

Status of RSA SecurID Access services hosted by the identity router.

Active services list, and a count of services in each state (running, paused, stopped).

ServicesStatus.status returns OK when all RSA SecurID Access services are working.

Services related to SSO Agent or RADIUS which are stopped or paused because those features are disabled do not affect this status.

### ServicesStatus ###

ServicesStatus.status=OK

ServicesStatus.runningServiceCount=73

ServicesStatus.runningServiceList=bootstrapService,

templateCacheService,templateService,spService,

networkBridge,updateConfigService,applicationServerService,

adapterService,dynamicLoaderService,ssoService,

customerService,dlpService,securityTokenService,

strongAuthenticationService,storageService,

clusterCacheStoreService,crossSiteClusterAdminService,

cacheFactoryService,clusterLockingService,

loginGuardService,cipherService,

tokenReplayPreventionService,sessionCacheService,

sessionService,delegatedAuthenticationService,

sessionsResource,sessionResource,sessionInfoService,

userProfileService,keychainsResource,keychainResource,

applicationKeyResource,backupService,

dataImportExportService,endUserCountService,

wsApiAccountService,auditService,

userStoresResource,userStoreResource,

portalConfigurationResource,applicationResource,

applianceSetupService,modsinglepointRequestServer,

applianceScheduleService,keystoreService,featuresService,

keychainUpdateService,keychainRetrievalService,

networkService,simpleLinkVpnService,

virtualUserStoreService,authorization,

authorizedApplicationsResource,authentication,

virtualIwaService,policyEngineService,

cookiePoolService,sloService,logoutService,

loginService,directAuthenticationService,

userPasswordManagerService,cookieFilterService,

userResource,provisioningService,provisioningPollingService,

customRouteService,portalImageService,

applicationsResource,customizedPortalImageService,

idpService,httpFedDirectLoginService,customerInfoService,

ServicesStatus.pausedServiceCount=0

ServicesStatus.stoppedServiceCount=0

System Services

Status of essential system services running on the identity router.

SystemServiceStatus.status returns OK when all essential system services are working.

SystemServiceStatus.ntp indicates if the NTP service is running on the identity router.

SystemServiceStatus.ntpSynchronization indicates if the service is synchronized with the time server specified in the Identity Router Setup Console.

### SystemServiceStatus ###

SystemServiceStatus.status=OK

SystemServiceStatus.dnsmasq=true

SystemServiceStatus.syslog=true

SystemServiceStatus.ntp=true

SystemServiceStatus.ntpSynchronization=true

SystemServiceStatus.apache2=true

Sessions

Status of user sessions being managed by the identity router.

Total active user sessions, and sessions rejected by the identity router.

SessionStatus.status returns OK when the identity router can retrieve session information.

### SessionStatus ###

SessionStatus.status=OK

SessionStatus.total=0

SessionStatus.rejected=0

System Memory

Status of system memory on the identity router.

Total system memory and the free memory space available.

SystemMemoryStatus.status returns OK when the system can retrieve virtual memory statistics.

### SystemMemoryStatus ###

SystemMemoryStatus.status=OK

SystemMemoryStatus.maxMemory=8193MB

SystemMemoryStatus.freeMemory=5133MB

SystemMemoryStatus.percentFree=62%

CPU

Status of the virtual CPUs on the identity router.

CpuStatus.status returns OK when the system can retrieve virtual processor statistics.

### CpuStatus ###

CpuStatus.status=OK

Uptime

Uptime status for the identity router.

Days, hours, and minutes since the identity router was last powered on. Uptime in total seconds.

UptimeStatus.status returns OK when the system can retrieve uptime data from the /proc/uptime file.

### UptimeStatus ###

UptimeStatus.status=OK

UptimeStatus.uptimeDays=8

UptimeStatus.uptimeHours=22

UptimeStatus.uptimeMinutes=2

UptimeStatus.uptime=770572.41 (s)

Logging

Logging status for the identity router.

Current level of detail for identity router logs. Displays INFO or DEBUG.

LogStatus.status displays OK when the identity router can successfully generate audit logs.

### LogStatus ###

LogStatus.status=OK

LogStatus.logLevel=INFO

Cross-Site Replication

Cross-site replication status for the identity router.

Name of the configured backup cluster.

CrossSiteReplStatus.status returns OK when backup clusters are running and the number of replication failure entries is less than the error threshold.

CrossSiteReplStatus.siteReplStatus can return the following:

NOT_INIT - The backup cluster is not initialized.

OK - There are fewer than 10 failed replication entries.

WARN - There are more than 10 failed replication entries, but fewer than 100.

ERROR- There are more than 100 failed replication entries.

### CrossSiteReplStatus ###

CrossSiteReplStatus.status=OK

CrossSiteReplStatus.siteName=clusterDr

CrossSiteReplStatus.siteReplStatus=OK

Cluster

Cluster status for the identity router.

Number of identity routers in the cluster. Also indicates whether the identity router is operating in read-only or quorum mode, and if it is acting as the cluster coordinator.

ClusterStatus.status returns OK when the clusterCacheStoreService is running.

 

### ClusterStatus ###

ClusterStatus.status=OK

ClusterStatus.clusterSize=3

ClusterStatus.coordinator=true

ClusterStatus.readOnly=false

ClusterStatus.inQuorum=true

ClusterStatus.clusterNodeEnabled=true

File System

File system status for the identity router.

Total file storage space, and available free space.

FileSystemStatus.status returns OK when usable space is at least 10%.

### FileSystemStatus ###

FileSystemStatus.status=OK

FileSystemStatus.total=10078MB

FileSystemStatus.usable=6654MB

Java Memory

Java memory status for the identity router.

Total memory accessible to Java, Java memory currently in use, and the amount of free Java memory available.

JavaMemoryStatus.status returns OK when free Java memory is at least 10%.

### JavaMemoryStatus ###

JavaMemoryStatus.status=OK

JavaMemoryStatus.maximum=3183MB

JavaMemoryStatus.used=160MB

JavaMemoryStatus.free=3022MB

Authentication Load

Authentication load status for the identity router.

Average CPU and IO system load on the identity router over the last one, five, and ten minutes.

LoadStatus.status returns OK when the system can retrieve the load status.

### LoadStatus ###

LoadStatus.status=OK

LoadStatus.1m=0.57

LoadStatus.5m=0.44

LoadStatus.10m=0.42

Keychain Backup Storage

Keychain backup storage status for the identity router.

Indicates the configured storage destination for keychain backups, and whether a non-local storage location is ready, reachable, and writable.

StorageStatus.status returns OK when storageService is running.

StorageStatus.mode can return the following:

ERROR- No storage is configured.

NFS - NFS external storage is configured.

CIFS - CIFS external storage is configured.

LOCAL - Local storage.

INVALID/UNKNOWN - Storage other than above is configured.

### StorageStatus ###

StorageStatus.status=OK

StorageStatus.mode=LOCAL

StorageStatus.isReady=true

StorageStatus.isReachable=true

StorageStatus.isWritable=true

 

 

 

 

You are here
Table of Contents > Identity Routers > Managing Identity Routers > Identity Router Status Servlet Conditions

Attachments

    Outcomes