000035451 - Use shell script to collect hardware and software data for RSA Authentication Manager 8.x

Document created by RSA Customer Support Employee on Nov 30, 2017Last modified by RSA Customer Support Employee on Jun 1, 2020
Version 3Show Document
  • View in full screen mode

Article Content

Article Number000035451
Applies ToRSA Product Set: SecurID
RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 8.1 Service Pack 1 or later
IssueAn RSA technical support engineer may require more data than provided in the Troubleshooting Files generated in the Operations Console. This article explains how to generate additional information for RSA Authentication Manager 8.1 SP1 and later by running a shell script.
ResolutionThe attached RSAAMdata_collect.sh creates the three files that are listed below and collects the following information:
  • Hardware
    • Output of dmidecode data,
    • Disk usage,
    • Output of running top for root processes,
    • Output of top for rsaadmin processes,
    • CPU data, and
    • Memory data.
  • Software
    • Listing of software packages installed in the operating system,
    • NTP configuration,
    • SNMP configuration,
    • SYSCTL information, and
    • GRUB data.
  • Network information
    • The hostname information,
    • The resolv.conf data,
    • The netstat output,
    • The nsswitch.conf data,
    • The defined network routes,
    • The contents of services file,
    • The contents of the local hosts file, and
    • A list of firewall rules.
  • The script locates all *.log files in /opt/rsa/am and subfolders and places them in a .tar archive file in /tmp.
  • Runs SQL statements to query data in the RSA Authentication Manager database:
    • RSA Authentication Manager instances in the deployment with version information,
    • RADIUS servers,
    • All RSA Authentication Agents,
    • All RADIUS clients,
    • All identity sources,
    • Token statistics,
    • Authentication bit flag report,
    • All Security Console administrators,
    • Registered users (and all users in the internal database),
    • All global parameters,
    • Database statistics,
    • License information,
    • Configuration settings report, and
    • System tuning data.

The configuration settings report works only on RSA Authentication Manager 8.2 Service Pack 1 patch 1 or later. 



The shell script can generate one or more of the following files in /tmp:
  • datacollector_YYYYmmdd.log
  • RSAAM_logfoles_YYYYmmdd.tar
  • RSAAM_config_YYYYmmdd.csv


Installation



  1. Download the RSAAMdata_collect.sh shell script.
  2. Using a secure FTP client such as WinSCP, copy the script to the /tmp folder on the RSA Authentication Manager primary.
  3. Enable Secure Shell on the Appliance.
  4. Log On to the Appliance Operating System with SSH.
  5. Launch an SSH client, such as PuTTY.
  6. Log in to the primary RSA Authentication Manager server as rsaadmin and enter the operating system password.

During Quick Setup another username may have been selected. Use that username to log in.




login as: rsaadmin
Using keyboard-interactive authentication.
Password: <enter operating system password>
Last login: Mon Apr 20 16:39:41 2020 from jumphost.vcloud.local
RSA Authentication Manager Installation Directory: /opt/rsa/am


  1. Change the permissions of RSAAMdata_collect.sh so it can be run at the command line:


chmod 755 /tmp/RSAAMdata_collect.sh



Usage



  1. Connect to the RSA Authentication Manager instance with the rsaadmin account, either in an SSH session or at the local console.

During Quick Setup another username may have been selected. Use that username to log in.



  1. Elevate the privileges of the rsaadmin account:


sudo su -

  If you do not change the privileges of the account, the following message appears:


You must be the root user to use this program; exiting...


  1. The shell script can be run in one of two ways, as Operations Console user credentials are required.


/tmp/RSAAMdata_collect.sh <enter operating Console administrator user> <enter operating Console administrator password> Checking OC credentials..
OC credentials validated... redirecting to menu..


or 



/tmp/RSAAMdata_collect.sh
Checking OC credentials....missing OC credentials!
Please enter OC Administrator username:<enter Operations Console administrator user name>
Please enter OC Administrator password: <enter Operations Console administrator password>
OC credentials validated... redirecting to menu..


  1.   The shell script menu:


RSA Customer Support (Asia Pacific)

Collecting Data on your Authentication Manager (AM) Instance..

1) Hardware Information
2) Software Information
3) Network Information
4) AM Log Data into a tar file
5) Running SQL Statements on the AM Database
6) License & AM Config Information (where AM is 8.2.1.1.0 or later)
7) All of the above
8) Display filenames
9) Exit

Please select an option



Option 7 (All of the above) generates all three files. The filenames are displayed using option 8.
Notes

The RSAAMdata_collect.sh shell script creates three files on the RSA Authentication Manager instance in the /tmp/ folder and does not change any production data.

This script gathers information from the operating system hosting the RSA Authentication Manager and uses SQL statements to read data from the RSA Authentication Manager database.

Attachments

Outcomes