Collecting Replicated Agent Authentication Records on the Primary Instance
The RSA Authentication Manager primary instance checks log records at regular intervals for new authentication records and information on the authentication agents that are installed in your deployment. You can use these collected records to run the List All Installed Agents report. AM looks for timestamps that are later than the last time that it checked the log files, unless you define an offset value to collect earlier records that were delayed by replication. By default, the offset value is 0 hours.
For example, suppose that a replica instance authenticates a user at 10:59 AM. The primary instance checks the log files for authentication records at 11:00 AM, and the replica instance sends data to the primary instance at 11:10 AM. When the primary instance checks the log files again, at 11:00 PM, it looks for authentication records with a timestamp that is 11:00 AM or later. If you set the offset value to 1 hour, then the primary instance looks for records with timestamps that are later than 10:00 AM, and it collects the replicated authentication record from 10:59 AM.
Before you begin
- You must be an Operations Console administrator.
- Obtain the rsaadmin operating system password for the primary instance.
- Secure shell (SSH) must be enabled on the primary instance. For instructions, see Enable Secure Shell on the Appliance.
Procedure
On the primary instance, log on to the appliance using an SSH client.
Change directories:
cd /opt/rsa/am/utils
- Type the following command, and press ENTER:
./rsautil store -o admin -p password$ -a update_config ims.agent.monitor.offset time GLOBAL 503
Where:
admin is the Operations Console administrator user name.
password is the Operations Console administrator password. For security reasons, instead of entering your password on the command line, you can wait for the utility prompt you for it.
time is the offset in hours to check for new agent authentication records that were synchronized after the last time that Authentication Manager checked log files. For example, 1 hour.
You do not need to restart the server.
Related Articles
Update the Primary Instance Hostname and IP Address on a Replica Instance Number of Views Authentication error with LDAP user assigned the Super Admin role while providing additional credentials to the RSA Authen… Number of Views Replica fails to attach to the RSA Authentication Manager 8.1 primary instance Number of Views User Access Review in RSA Via L&G selects all the reviewers mentioned in Reviewers tab and coverage file Number of Views How to fix Account Collector for Active Directory when it fails with java.lang.NoClassDefFoundError in RSA Via Lifcycle an… Number of Views
Trending Articles
RSA Authentication Manager 8.9 Release Notes (January 2026) RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide RSA-2026-07: RSA Authentication Manager Security Update for Third-Party Component Vulnerabilities Downloading RSA Authentication Manager license files or RSA Software token seed records RSA MFA Agent 2.5 for Microsoft Windows Installation and Administration Guide
