This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

RSA® Access Manager Knowledge Base

Find answers to your questions and identify resolutions for known issues with knowledge base articles written by RSA Access Manager experts.

Artifacts to gather in RSA Access Manager

Article Number

000037625

Applies To

RSA Product Set: Access Manager

 

Issue

This article outlines what files and information are required by RSA Customer Support for RSA Access Manager Server and RSA Access Manager Agent issues.

Resolution

Table of Contents

Contents
Table of Contents. 1
RSA Access Manager Server. 1
Logs directory. 1
Conf directory. 1
RSA Access Manager Admin GUI 1
RSA Access Manager Agents. 1
RSA Access Manager Web Agents. 1
Windows. 1
Unix. 1
RSA Access Manager Application Agents. 1
Windows. 1
Unix. 1
RSA Access Manager Runtime API 1

 

RSA Access Manager Server

Logs directory

Located in the logs directory for each instance of RSA Access Manager.  There could be more than on RSA Access Manager instance for redundancy.  For Microsoft Windows, this is typical “C:\Program Files\RSA\Access Manager Servers 6.2\logs”.  For Unix, this is typical “/app/ctrust/logs”.  You should archive all the logs in this directory for analysis.  If there are a large number or rotated logs archive only the most recent logs.
  • lserver.log -  (optional).  If the server is configured for central logging there will be one file per instance, or one file per installation. The name of the file is lserver.log.  Rotated log files will be named lserver1.log.  This file contains all normal log events from all RSA Access Manager Processes.
Alternately if no lserver is configured the log files are as follows
  • aserver.log – events for the Authorization Server (aserver)
  • eserver.log – events for the Entitlements Server (eserver)
  • dispatcher.log – events for the Dispatcher server (dispatcher) and the Keyserver (keyserver).  (These run in the same process).
  • isever.log – (optional) logs for instrumentation server (iserver).

Conf directory

Located in the conf directory for each instance of RSA Access Manager.  There could be more than on RSA Access Manager instance for redundancy.  For Microsoft Windows, this is typical “C:\Program Files\RSA\Access Manager Servers 6.2\conf”.   For Unix, this is typical “/app/ctrust/conf”.  If a review of the configuration is warranted, you should archive all the conf files in this directory for analysis. 
  • adaptive-auth-onpremise.conf – only used if Adaptive Authentication is configured (optional)
  • aserver.conf – for all of the Authentication Servers on this machine.  Typically, customers will have two aservers on each machine.
  • ca_keystore.jks – Java JKS keystore used to store any trusted root certificates for LDAP binds.
  • dcp.conf – for distributed credentials (optional)
  • dispatcher.conf – for the dispatcher for this machine
  • ehcache.xsd
  • eserver.conf – for the entitlement’s server.  There should only be one of these in use.
  • iserver.conf – for the instrumentation server (optional)
  • jcifs.conf
  • keyserver.conf for the keyserver on this machine
  • ldap-adlds.conf – (copy only of default ldap.conf for adlds)
  • ldap.conf – LDAP configuration file for the user and policy datastore.  For SQL server this would be replaced by sql.conf file.
  • license.xml – license file
  • lserver.conf – for the log server.  There should only be one of these.  (optional)
  • rsa-axm-ehcache.xml
  • snmp-access-policy.xml
  • uus.conf – for the unique user session tracking feature (optional)
  • words.txt

RSA Access Manager Admin GUI

The administrative application is a Web Application that can be deployed on any application server as a WAR file. Most application servers are supported (Tomcat shown).
  • http://axm-server.vcloud.local:8080/axm-admin-gui-6.2/Home.jsp - RSA Administrative Console (Admin GUI) home page.
  • C:\Program Files\Apache Software Foundation\Tomcat 8.5\webapps\axm-admin-gui-6.2\WEB-INF\web.xml – Notably this file contains a reference to the location of the Admin GUI configuration file in the webgui.config.directory parameter
  • C:\Program Files\RSA\Access Manager Servers 6.2\webapp\admingui.cfg – Admin GUI configuration file default location (maybe different location as specified above.)

Debug Mode

RSA Access Manager servers can be started in DEBUG mode by passing the -DDEBUG flag on the Java command line when starting the servers.  This can be done by starting the servers manually from the command line.
  

C:\Program Files\RSA\Access Manager Servers 6.2\bin>aserver.bat debug
RSA Access Manager Authorization Server
Version 6.2 (Build ID: 20130125033301-0500-1355387)
 
  • C:\Program Files\RSA\Access Manager Servers 6.2\bin\aserver.bat – command line batch file to start aserver on windows
  • /app/ctrust/bin/aserver.sh – command line batch file to start aserver on windows.
See the following KB article for more information on DEBUG mode.

RSA Access Manager Agents

RSA Access Manager Web Agents

Windows

Logs directory

Located in the logs directory.  The default location is “C:\Program Files\RSA\Access Manager Agent 5.0 SP4\IIS\logs\”.   The log file may have different names depending on the settings but typically is called ctagent.log with a number representing the rollover date.  Logs have different log levels (None, Config, Misconfig, Critical, Error, Warning, Security, Info, Debug and Massive) as defined in the webagent.conf file.
  • C:\Program Files\RSA\Access Manager Agent 5.0 SP4\IIS\logs\ctagent.20190605160645.log – agent log file
  • C:\Program Files\RSA\Access Manager Agent 5.0 SP4\IIS\RSA_Access_Manager_Agent_5.0_SP4_for_IIS_InstallLog.log – agent installation file

Conf directory

Located in the conf directory. Default location is C:\Program Files\RSA\Access Manager Agent 5.0 SP4\IIS\conf\. 
  • C:\Program Files\RSA\Access Manager Agent 5.0 SP4\IIS\logs\webagent.conf

Unix

On Unix, the install location of the agent is in /opt but the configuration and log files are in subdirectories named for the webserver that is installed.

Logs directory

  • /opt/RSA_Access_Manager_Agent_5.0_for_Apache_InstallLog.log – Agent installation log
  • /var/log/httpd/error_log – Apache Web Server error log file
  • /var/www/html – Apache Web Server http root document directory
  • /opt/rsa-axm/agent-50-apache/webservers/Apache_2.4.6/logs/ctagent.20190607121648.log Agent log file

Conf directory

  • /opt/rsa-axm/agent-50-apache/webservers/Apache_2.4.6/conf/webagent.conf – conf file
  • /opt/rsa-axm/agent-50-apache/htdocs/ct_logon_en.html – default logon page
Other

RSA Access Manager Application Agents

Windows

Logs directory

Conf directory

 

Unix

RSA Access Manager Runtime API


 

0 Likes
Was this article helpful? Yes No
No ratings

In this article

Version history
Last update:
‎2021-04-24 12:29 AM
Updated by:
Administrator Administrator

Related Content

© 2023 RSA Security LLC or its affiliates. All rights reserved.