RSA Product Set: SecurID
RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 8.x

An RSA technical support engineer may require more data than what is provided in the Troubleshooting Files generated in the Operations Console.
This article explains how to generate additional information for RSA Authentication Manager 8.1 SP1 and later by running a shell script.

The attached AMdata_collect.sh script creates the three files listed below and collects the following information:

• Hardware
  • Output of dmidecode data,
  • Disk usage,
  • Output of running top for root processes,
  • Output of top for rsaadmin processes,
  • CPU data, and
  • Memory data.
• Software
  • Listing of software packages installed in the operating system,
  • NTP configuration,
  • SNMP configuration,
  • SYSCTL information, and
  • GRUB data.
• Network information
  • The hostname information,
  • The resolv.conf data,
  • The netstat output,
  • The nsswitch.conf data,
  • The defined network routes,
  • The contents of services file,
  • The contents of the local hosts file, and
  • A list of firewall rules.
• The script compresses9 all *.log files in /opt/rsa/am and subfolders and places them in a .gz file in /tmp.
• The script compresses all log data in the /opt/rsa/am/server/logs folder into a .gz file in /tmp.
• The script provides an option to only compress log files with a .log extension into a .gz file in /tmp.
• The script compresses all archive log data in the /opt/rsa/am/Log_archive folder into a .gz file in /tmp.
• The script compresses all rotated log data in the /opt/rsa/am/server/logs folder into a .gz file in /tmp.
• The script compresses all RSA RADIUS log data in the /opt/rsa/am/radius folder into a .gz file in /tmp.
• Runs SQL statements to query data in the RSA Authentication Manager database:
  • RSA Authentication Manager instances in the deployment with version information,
  • RADIUS servers,
  • All RSA Authentication Agents,
  • All RADIUS clients,
  • All identity sources,
  • Token statistics,
  • Authentication bit flag report,
  • All Security Console administrators,
  • Registered users (and all users in the internal database),
  • All global parameters,
  • Database statistics,
  • License information,
  • Configuration settings report, and
  • System tuning data.

The configuration settings report works only on RSA Authentication Manager 8.2 Service Pack 1 Patch 1 or later. 

The shell script can generate one or more of the following files in /tmp:

• datacollector_YYYYmmddHHMM.log
• RSAAM_logfoles_YYYYmmddHHMM.gz
• RSAAM_server_logfiles_YYYYmmddHHMM.gz
• RSAAM_server_dot_logfiles_YYYYmmddHHMM.gz
• RSAAM_log_archive_YYYYmmddHHMM.gz
• RSAAM_rotated_server_logfiles_YYYYmmddHHMM.gz
• RSAAM_config_YYYYmmddHHMM.csv

Installation

1. Download the AMdata_collect.sh shell script.

2. Using an SFTP client such as WinSCP, copy the script to the /tmp folder on the RSA Authentication Manager instance.

3. Enable Secure Shell on the Appliance.

4. Log on to the Appliance Operating System with SSH.

5. Launch an SSH client, such as PuTTY.

6. Log in to the primary RSA Authentication Manager server as rsaadmin and enter the operating system password.

During Quick Setup another username may have been selected. Use that username to log in.

login as: rsaadmin
Using keyboard-interactive authentication.
Password: <enter operating system password>
Last login: Mon Apr 20 16:39:41 2020 from jumphost.vcloud.local
RSA Authentication Manager Installation Directory: /opt/rsa/am

7. Change the permissions of the script so it can be executed:

chmod 755 /tmp/AMdata_collect.sh

Usage

1. Log in using SSH or local console as rsaadmin.

2. Elevate privileges:

sudo su -

  If you do not change the privileges of the account, the following message appears:

You must be the root user to use this program; exiting...

3. Change to /tmp:

cd /tmp

4. The shell script can be run in one of two ways, as Operations Console user credentials are required.

./AMdata_collect.sh <enter operating Console administrator user> <enter operating Console administrator password> Checking OC credentials.. 
OC credentials validated... redirecting to menu..

./AMdata_collect.sh 
Checking OC credentials....missing OC credentials! 
Please enter OC Administrator username:<enter Operations Console administrator user name>
Please enter OC Administrator password: <enter Operations Console administrator password>
OC credentials validated... redirecting to menu..

5.   The shell script menu:

RSA Customer Support (Asia Pacific)

Collecting Data from an Authentication Manager (AM) Instance..

1) Hardware Information
2) Software Information
3) Network Information
4) Collecting AM data via SQL Statements
5) AM License & Configuration Data
6) All of the above
7) Collecting AM log data options
9) Display filenames
0) Exit

Please select an option

Option 6 (All of the above) will perform options 1 through to 5.

Option 7 provides this menu:

Collecting AM log data options

** Check Disk Space before using these options **

1) All AM Log Data found in /opt/rsa/am & sub-folders with a .log extension
2) All AM Log Data from the /opt/rsa/am/server/logs folder
3) Only AM Log Data with .log extension from /opt/rsa/am/server/logs folder
4) AM Log Archive from /opt/rsa/am/Log_archive folder
5) Rotated AM Log Data found in the /opt/rsa/am/server/logs folder
6) All RSA RADIUS log data found in the /opt/rsa/am/radius folder
9) ** Display disk space on this AM instance **
0) Return to Main Menu

Please select an option

The filenames are displayed using option 9.

Example of using option 6:

RSA Customer Support (Asia Pacific)

Collecting Data from an Authentication Manager (AM) Instance..

1) Hardware Information
2) Software Information
3) Network Information
4) Collecting AM data via SQL Statements
5) AM License & Configuration Data
6) All of the above
7) Collecting AM log data options
9) Display filenames
0) Exit

Please select an option
6
 - Hardware Information being collected..
 - Done!
 - Software Information being collected..
 - Done!
 - Network Information being collected..
 - Done!
 - RSA AM SQL Statements being used to collect data..
 - Done!
 - License information being collected..
 - Done!
 - AM Configuration data being collected..
  -- AM is 8.7.0.0.0 so able to export configuration data..

Configuration Export 8.7.0.0.0 (1428302)
(C) 1994-2022 RSA Security LLC or its affiliates. All Rights Reserved.
Config data exported to: /tmp/RSAAM_config_202207060945.csv

 - Done!
 - Tuning information being collected.. {requires Super Admin credentials - at password prompt hit <ENTER> to bypass!}
  -- Default administrator is scadmin
  -- Enter a valid password for scadmin :  ** validating password **
 - Done!

 ** Press any key to continue... **

Example of using option 9 to display filenames:

RSA Customer Support (Asia Pacific)

Collecting Data from an Authentication Manager (AM) Instance..

1) Hardware Information 
2) Software Information 
3) Network Information 
4) Collecting AM data via SQL Statements
5) AM License & Configuration Data
6) All of the above
7) Collecting AM log data options 
9) Display filenames 
0) Exit

Please select an option
9

 - Report filename : /tmp/datacollector_202309030841.log

 - AM logs filename : /tmp/RSAAM_logfiles_202309030841.gz

 - AM server logs filename : /tmp/RSAAM_server_logfiles_202309030841.gz

 - AM server .logs filename : /tmp/RSAAM_server_dot_logfiles_202309030841.gz

 - AM Log Archive filename : /tmp/RSAAM_log_archive_202309030841.gz

 - AM rotated server logs filename : /tmp/RSAAM_rotated_server_logfiles_202309030841.gz

 - AM Configuration Data filename : /tmp/RSAAM_config_202309030841.csv

 - RSA RADIUS log data filename : /tmp/RSARADIUS_log_data_202309030841.gz

 ** Press any key to continue... **
 

The AMdata_collect.sh shell script creates seven files on the RSA Authentication Manager instance in the /tmp/ folder and does not change any production data.

This script gathers information from the operating system hosting the RSA Authentication Manager and uses SQL statements to read data from the RSA Authentication Manager database.

The 'Collecting AM log data options' could be used by an administrator to perform housekeeping tasks to save disk space. For example, an administrator could save all rotated log files in the /opt/rsa/am/server/logs folder to a .gz file and then manually remove those rotated log files.