This website uses cookies. By clicking OK, you consent to the use of cookies. Click Here to learn more about how we use cookies.
OK
  • RSA.com
  • Products
    • Archer®
      • Archer®
      • Advisories
      • Blog
      • Discussions
      • Documentation
      • Downloads
      • Ideas
      • Knowledge Base
      • Archer® Exchange
      • Training
      • Upcoming Events
      • Videos
    • RSA® Fraud & Risk Intelligence Suite
      • RSA® Fraud & Risk Intelligence Suite
      • RSA® Adaptive Authentication Cloud
      • RSA® Adaptive Authentication On-Premise
      • RSA® Adaptive Authentication On-Premise (Cassandra)
      • RSA® Adaptive Authentication for eCommerce
      • RSA® FraudAction Services
      • RSA® Web Threat Detection
      • Upcoming Events
      • Videos
    • RSA® Adaptive Authentication Cloud
      • RSA® Adaptive Authentication Cloud
      • Advisories
      • Blog
      • Discussions
      • Documentation
      • Downloads
      • Events
      • Ideas
      • Knowledge Base
      • Training
      • Upcoming Patch Content
      • Videos
    • RSA® Adaptive Authentication Mobile SDK
      • RSA® Adaptive Authentication Mobile SDK
      • Advisories
      • Events
      • Ideas
      • Knowledge Base
      • Request Access
      • Training
    • RSA® Adaptive Authentication On-Premise
      • RSA® Adaptive Authentication On-Premise
      • Advisories
      • Blog
      • Discussions
      • Documentation
      • Downloads
      • Events
      • Ideas
      • Knowledge Base
      • Training
      • Videos
    • RSA® Adaptive Authentication On-Premise (Cassandra)
      • RSA® Adaptive Authentication On-Premise (Cassandra)
      • Advisories
      • Blog
      • Discussions
      • Documentation
      • Downloads
      • Events
      • Ideas
      • Knowledge Base
      • Training
      • Videos
    • RSA® Adaptive Authentication for eCommerce
      • RSA® Adaptive Authentication for eCommerce
      • Advisories
      • Blog
      • Discussions
      • Documentation
      • Ideas
      • Knowledge Base
      • Training
      • Videos
    • RSA® FraudAction Services
      • RSA® FraudAction Services
      • Advisories
      • Discussions
      • Documentation
      • Ideas
      • Videos
    • RSA® Web Threat Detection
      • RSA® Web Threat Detection
      • Advisories
      • Blog
      • Discussions
      • Documentation
      • Downloads
      • Ideas
      • Knowledge Base
      • Videos
    • RSA NetWitness® Platform
      • RSA NetWitness® Platform
      • Advisories
      • Blog
      • Discussions
      • Documentation
      • Downloads
      • Ideas
      • Integrations
      • Knowledge Base
      • Training
      • Upcoming Events
      • Videos
    • RSA NetWitness® Detect AI
      • RSA NetWitness® Detect AI
      • Documentation
      •  
      •  
      •  
      •  
      •  
      •  
      •  
      •  
      •  
      •  
    • RSA NetWitness® Investigator
      • RSA NetWitness® Investigator
      • Documentation
      • Download the Client
      •  
      •  
      •  
      •  
      •  
      •  
      •  
      •  
      •  
      •  
    • RSA NetWitness® Orchestrator
      • RSA NetWitness® Orchestrator
      • Overview
      • Documentation
      •  
      •  
      •  
      •  
      •  
      •  
      •  
      •  
      •  
      •  
    • RSA SecurID® Suite
      • RSA SecurID® Suite
      • Advisories
      • Blog
      • Discussions
      • Documentation
      • Downloads
      • Knowledge Base
      • Ideas
      • Integrations
      • Training
      • Videos
    • RSA® Identity Governance & Lifecycle
      • RSA® Identity Governance & Lifecycle
      • Advisories
      • Blog
      • Community Exchange
      • Discussions
      • Documentation
      • Downloads
      • Ideas
      • Knowledge Base
      • Training
      • Upcoming Events
      • Videos
    • RSA SecurID® Access
      • RSA SecurID® Access
      • Advisories
      • Blog
      • Discussions
      • Documentation
      • Downloads
      • Ideas
      • Integrations
      • Knowledge Base
      • Training
      • Upcoming Events
      • Videos
    • Other RSA® Products
      • Other RSA® Products
      • RSA® Access Manager
      • RSA® Data Loss Prevention
      • RSA® Digital Certificate Solutions
      • RSA enVision®
      • RSA® Federated Identity Manager
      •  
      •  
      •  
      •  
      •  
      •  
      •  
      •  
      •  
      •  
  • Resources
    • Advisories
      • Product Advisories on RSA Link
      • Archer®
      • RSA® Adaptive Authentication Cloud
      • RSA® Adaptive Authentication Hosted
      • RSA® Adaptive Authentication On-Premise
      • RSA® Adaptive Authentication On-Premise (Cassandra)
      • RSA® Adaptive Authentication for eCommerce
      • RSA® FraudAction Services
      • RSA® Identity Governance & Lifecycle
      • RSA NetWitness® Platform
      • RSA SecurID® Access
      • RSA® Web Threat Detection
      • All Product Advisories
    • Blogs
      • Blogs on RSA Link
      • Archer®
      • RSA® Adaptive Authentication Cloud
      • RSA® Adaptive Authentication On-Premise
      • RSA® Adaptive Authentication On-Premise (Cassandra)
      • RSA® Adaptive Authentication for eCommerce
      • RSA® Identity Governance & Lifecycle
      • RSA NetWitness® Platform
      • RSA SecurID® Access
      • RSA® Web Threat Detection
      • All Blogs on RSA Link
    • Discussion Forums
      • Discussion Forums
      • Archer®
      • RSA® Adaptive Authentication Cloud
      • RSA® Adaptive Authentication On-Premise
      • RSA® Adaptive Authentication On-Premise (Cassandra)
      • RSA® Adaptive Authentication for eCommerce
      • RSA® FraudAction Services
      • RSA® Identity Governance & Lifecycle
      • RSA NetWitness® Platform
      • RSA SecurID® Access
      • RSA® Web Threat Detection
      • All Discussion Forums on RSA Link
    • Documentation
      • Product Documentation
      • Archer®
      • RSA® Adaptive Authentication Cloud
      • RSA® Adaptive Authentication Mobile SDK
      • RSA® Adaptive Authentication On-Premise
      • RSA® Adaptive Authentication On-Premise (Cassandra)
      • RSA® Adaptive Authentication for eCommerce
      • RSA® FraudAction Services
      • RSA® Identity Governance & Lifecycle
      • RSA NetWitness® Platform
      • RSA SecurID® Access
      • RSA® Web Threat Detection
      • All Documentation on RSA Link
    • Downloads
      • Product Downloads
      • Archer®
      • RSA® Adaptive Authentication Cloud
      • RSA® Adaptive Authentication On-Premise
      • RSA® Adaptive Authentication On-Premise (Cassandra)
      • RSA® Identity Governance & Lifecycle
      • RSA NetWitness® Platform
      • RSA SecurID® Access
      • RSA® Web Threat Detection
      • All Downloads on RSA Link
    • Ideas
      • Idea Exchange
      • Archer®
      • RSA® Adaptive Authentication Cloud
      • RSA® Adaptive Authentication Mobile SDK
      • RSA® Adaptive Authentication On-Premise
      • RSA® Adaptive Authentication On-Premise (Cassandra)
      • RSA® Adaptive Authentication for eCommerce
      • RSA® FraudAction Services
      • RSA® Identity Governance & Lifecycle
      • RSA NetWitness® Platform
      • RSA SecurID® Access
      • RSA® Web Threat Detection
      • All Documentation on RSA Link
    • Knowledge Base
      • Knowledge Base
      • Archer®
      • RSA® Adaptive Authentication Cloud
      • RSA® Adaptive Authentication Mobile SDK
      • RSA® Adaptive Authentication On-Premise
      • RSA® Adaptive Authentication On-Premise (Cassandra)
      • RSA® Adaptive Authentication for eCommerce
      • RSA® Identity Governance & Lifecycle
      • RSA NetWitness® Platform
      • RSA SecurID® Access
      • RSA® Web Threat Detection
      • All Knowledge Base Pages on RSA Link
    • Upcoming Events on RSA Link
      • Upcoming Events
    • Videos
      • Videos on RSA Link
      • Archer®
      • RSA® Adaptive Authentication Cloud
      • RSA® Adaptive Authentication On-Premise
      • RSA® Adaptive Authentication On-Premise (Cassandra)
      • RSA® Adaptive Authentication for eCommerce
      • RSA® Identity Governance & Lifecycle
      • RSA NetWitness® Platform
      • RSA SecurID® Access
      • RSA® Web Threat Detection
      • All Videos on RSA Link
  • Support
    • RSA Link Support
      • RSA Link Support
      • News & Announcements
      • Getting Started
      • Support Forum
      • Support Knowledge Base
      • Ideas & Suggestions
    • RSA Product Support
      • RSA Product Support
      • General Security Advisories and Statements
      • Product Life Cycle
      • Support Information
      •  
      •  
      •  
      •  
      •  
  • RSA Ready
  • RSA University
    • Certification Program
      • Certification Program
    • Course Catalogs
      • Course Catalogs
      • Archer®
      • RSA NetWitness® Platform
      • RSA SecurID® Suite
    • On-Demand Subscriptions
      • On-Demand Subscriptions
      • Archer®
      • RSA NetWitness® Platform
      • RSA SecurID® Suite
    • Product Training
      • Product Training
      • Archer®
      • RSA® Fraud & Risk Intelligence Suite
      • RSA® Identity Governance & Lifecycle
      • RSA NeWitness® Platform
      • RSA SecurID® Access
    • Student Resources
      • Student Resources
      • Access On-Demand Learning
      • Access Virtual Labs
      • Contact RSA University
      • Enrollments & Transcripts
      • Frequently Asked Questions
      • Getting Started
      • Learning Modalities
      • Payments & Cancellations
      • Private Training
      • Training Center Locations
      • Training Credits
      • YouTube Channel
    • Upcoming Events
      • Upcoming Events
      • Full Calendar
      • Conferences
      • Live Classroom Training
      • Live Virtual Classroom Training
      • Webinars
Sign In Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements

Visit the Known Issues dashboard if you are experiencing issues on RSA Link

View Dashboard

RSA SecurID® Access Discussions

Browse the SecurID Access discussion board to get product help and collaborate with other users of SecurID Access.
  • RSA Link
  • :
  • Products
  • :
  • RSA SecurID Suite
  • :
  • RSA SecurID Access
  • :
  • Discussions
  • :
  • SecurID authentication manager ODA delivery logs
  • Options
    • Subscribe to RSS Feed
    • Mark Topic as New
    • Mark Topic as Read
    • Float this Topic for Current User
    • Bookmark
    • Subscribe
    • Mute
    • Printer Friendly Page
JohnRumball
JohnRumball Beginner
Beginner
‎2019-02-21 11:54 AM
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

SecurID authentication manager ODA delivery logs

Jump to solution

Where can I find these types of logs in AM v8.2?  I'm guessing there should be a record of an ODA token being delivered to a user, either by SMS or by email.  I know there are logs recorded when authentication is successful, but to me, there should be a record of the delivery attempt even before authentication occurs.

 

This has come up because we are trying to troubleshoot the regular occurrence of delayed token delivery, specifically by email.

 

Thanks in advance.

 

John

Labels (1)
Labels
  • Labels:
  • Authenticators

  • Tags:
  • Authenticator
  • Authenticators
  • Community Thread
  • Discussion
  • Forum Thread
  • Logs
  • oda
  • RSA SecurID
  • RSA SecurID Access
  • SecurID
  • Token
  • Token Auth
  • Token Authentication
  • Token Authenticator
  • Token Authenticators
  • token delivery
1 Like
Share
Reply
  • All forum topics
  • Previous Topic
  • Next Topic
1 Solution

Accepted Solutions
EdwardDavis
Employee EdwardDavis
Employee
‎2019-02-22 04:12 PM
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Jump to solution

There is not a way in the web browser interface to do this.

 

However, to do temporary troubleshooting looking for an issue there are two advanced level debug actions that can be performed on the Primary, and logs will be in /opt/rsa/am/server/logs directory of (Primary or Replica).

 

This will result in enhanced debug output in the /opt/rsa/am/server/logs/imsTrace.log, but use caution as if you leave this debug on, over time (weeks/months) the trace logs may fill up too much disk space,  and you'll need to monitor how much extra logs and disk space you use with these commands.

--------------------------

 

Trace SMS 

/opt/rsa/am/utils

./rsautil set-trace -c trace.com.rsa.authmgr.internal.smsplugin -l VERBOSE

 

 

Trace SMTP  (this will be the one you want, also on Replicas)

/opt/rsa/am/utils

./rsautil set-trace -c trace.com.rsa.ims.smtp -l VERBOSE

 

to enable trace for Replica(s), use the Primary command line....

./rsautil set-trace -c trace.com.rsa.ims.smtp -l VERBOSE -i ReplicaInstance -n

----------------------------------------------

 

Example of What you can see in the log, I have only the smtp example:

2019-02-22 15:52:08,928, [[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'], (SMTPServiceImpl.java:796), trace.com.rsa.ims.smtp.impl.SMTPServiceImpl, DEBUG, edavis-vm150.na.rsa.net,,,,Sending mail to: [administrator@farmco.local], with subject: Your On-Demand Tokencode
2019-02-22 15:52:08,956, [[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'], (SMTPServiceImpl.java:816), trace.com.rsa.ims.smtp.impl.SMTPServiceImpl, DEBUG, edavis-vm150.na.rsa.net,,,,Message successfully sent to: [administrator@farmco.local], with subject: Your On-Demand Tokencode

 

Now, this is in VERBOSE level, there are other levels you may want to experiment with

 -l, --level           Level to set to (VERBOSE, INFO, WARN, ERROR, FATAL, NONE)

 

------------------------------------------

And to see what you have already activated for tracing (so you know what to later disable after troubleshooting)

 

./rsautil set-trace -s

 

Trace category settings for this node (overrides settings from the instance):
Trace category settings for specified instance:
trace.com.rsa.authmgr.internal.smsplugin : VERBOSE
trace.com.rsa.ims.smtp : VERBOSE

------------------------------------------

To disable tracing (set back to normal)

 

put a -r at the end like so and run the trace category

 

./rsautil set-trace -c trace.com.rsa.authmgr.internal.smsplugin -r
Administrator user ID (RETURN to exit): admin
Enter Administrator password: *********

 

and so on

./rsautil set-trace -c trace.com.rsa.ims.smtp -r

 

------------------------------------------

NOTE: If you have a Primary and Replica(s), when users are trying to fetch ODA codes, the RSA AM server that receives the incoming ODA pin request, will be the server sending the outgoing SMS or SMTP, so be aware of additional 'poking around' on Replicas to sort issues.

Also note: to reliably TEST ODA, the Primary Security Console allows you to pick a Replica, and test sending ODA or SMTP, but you actually need to use the Replica Security Console to have that Replica make the attempt...Otherwise the Primary will be doing all the test messages, even if you chose a Replica using the Primary Security Console.

 

 

View solution in original post

5 Likes
Share
Reply
6 Replies
EricaChalfin
Employee EricaChalfin
Employee
‎2019-02-22 03:09 PM
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Jump to solution

John Rumball‌

 

I've moved your question to the RSA SecurID Access" data-type="space space where it will be seen by the product's support engineers, other customers and partners.  Please bookmark this page and use it when you have product-specific questions.

 

Alternatively, from the RSA Customer Support" data-type="space‌ page, click on Ask A Question on the blue navigation bar and choose Ask A Product Related Question.  From there, scroll to RSA SecurID Access" data-type="space and click Ask A Question.  That way your question will appear in the correct space.

 

Regards,

Erica

0 Likes
Share
Reply
JohnRumball
JohnRumball Beginner
Beginner
In response to EricaChalfin
‎2019-02-22 03:43 PM
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Jump to solution

Thank you Erica. My apologies for posting in the wrong group. Not sure how I missed that. ☺

 

John Rumball - Network Analyst

Information Technology Department - Infrastructure and Security

Health Sciences North | Horizon Santé-Nord

Sudbury Outpatient Centre

865 Regent Street South, Sudbury, ON Canada P3E 3Y9

Phone: (705)523-7100 Ext. 3911 Fax: (705)523-7075

Office Hours: 9:00am - 5:00pm Eastern Time

www.hsnsudbury.ca<http://www.hsnsudbury.ca/>

0 Likes
Share
Reply
EdwardDavis
Employee EdwardDavis
Employee
‎2019-02-22 04:12 PM
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Jump to solution

There is not a way in the web browser interface to do this.

 

However, to do temporary troubleshooting looking for an issue there are two advanced level debug actions that can be performed on the Primary, and logs will be in /opt/rsa/am/server/logs directory of (Primary or Replica).

 

This will result in enhanced debug output in the /opt/rsa/am/server/logs/imsTrace.log, but use caution as if you leave this debug on, over time (weeks/months) the trace logs may fill up too much disk space,  and you'll need to monitor how much extra logs and disk space you use with these commands.

--------------------------

 

Trace SMS 

/opt/rsa/am/utils

./rsautil set-trace -c trace.com.rsa.authmgr.internal.smsplugin -l VERBOSE

 

 

Trace SMTP  (this will be the one you want, also on Replicas)

/opt/rsa/am/utils

./rsautil set-trace -c trace.com.rsa.ims.smtp -l VERBOSE

 

to enable trace for Replica(s), use the Primary command line....

./rsautil set-trace -c trace.com.rsa.ims.smtp -l VERBOSE -i ReplicaInstance -n

----------------------------------------------

 

Example of What you can see in the log, I have only the smtp example:

2019-02-22 15:52:08,928, [[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'], (SMTPServiceImpl.java:796), trace.com.rsa.ims.smtp.impl.SMTPServiceImpl, DEBUG, edavis-vm150.na.rsa.net,,,,Sending mail to: [administrator@farmco.local], with subject: Your On-Demand Tokencode
2019-02-22 15:52:08,956, [[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'], (SMTPServiceImpl.java:816), trace.com.rsa.ims.smtp.impl.SMTPServiceImpl, DEBUG, edavis-vm150.na.rsa.net,,,,Message successfully sent to: [administrator@farmco.local], with subject: Your On-Demand Tokencode

 

Now, this is in VERBOSE level, there are other levels you may want to experiment with

 -l, --level           Level to set to (VERBOSE, INFO, WARN, ERROR, FATAL, NONE)

 

------------------------------------------

And to see what you have already activated for tracing (so you know what to later disable after troubleshooting)

 

./rsautil set-trace -s

 

Trace category settings for this node (overrides settings from the instance):
Trace category settings for specified instance:
trace.com.rsa.authmgr.internal.smsplugin : VERBOSE
trace.com.rsa.ims.smtp : VERBOSE

------------------------------------------

To disable tracing (set back to normal)

 

put a -r at the end like so and run the trace category

 

./rsautil set-trace -c trace.com.rsa.authmgr.internal.smsplugin -r
Administrator user ID (RETURN to exit): admin
Enter Administrator password: *********

 

and so on

./rsautil set-trace -c trace.com.rsa.ims.smtp -r

 

------------------------------------------

NOTE: If you have a Primary and Replica(s), when users are trying to fetch ODA codes, the RSA AM server that receives the incoming ODA pin request, will be the server sending the outgoing SMS or SMTP, so be aware of additional 'poking around' on Replicas to sort issues.

Also note: to reliably TEST ODA, the Primary Security Console allows you to pick a Replica, and test sending ODA or SMTP, but you actually need to use the Replica Security Console to have that Replica make the attempt...Otherwise the Primary will be doing all the test messages, even if you chose a Replica using the Primary Security Console.

 

 

View solution in original post

5 Likes
Share
Reply
JohnRumball
JohnRumball Beginner
Beginner
In response to EdwardDavis
‎2019-02-22 04:48 PM
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Jump to solution

Thanks very much Edward... that's perfect!

0 Likes
Share
Reply
EricaChalfin
Employee EricaChalfin
Employee
In response to JohnRumball
‎2019-02-22 05:18 PM
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Jump to solution

John Rumball‌,

 

No worries, happens all the time.  Welcome to the community!

 

Regards,

Erica

0 Likes
Share
Reply
ReggieFisher
ReggieFisher Contributor
Contributor
‎2020-09-03 03:35 PM
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Jump to solution

What if you did not have the debug turned on at the time the message was sent? Is there another way to trace an SMS message?

0 Likes
Share
Reply
Powered by Khoros
  • Products
  • Resources
  • Solutions
  • RSA University
  • Support
  • RSA Labs
  • RSA Ready
  • About RSA Link
  • Terms & Conditions
  • Privacy Statement
  • Provide Feedback
© 2020 RSA Security LLC or its affiliates.
All rights reserved.