RSA Support will often ask you to send us the internal log files, or bundle logs, from one or more of the IDRs in your deployment. You can also proactively send them to us when you open a case.
The bundle logs can only be downloaded from the Identity Router itself. It is not possible to get IDR bundle logs from the RSA Cloud Administration Console.
IDR bundle logs are not the same as an IDR's View Log option in the Cloud Administration Console. View Log is an excerpt of only the last 1000 lines of an IDR's system log. That is usually not sufficient for RSA Support troubleshooting. In contrast, what we call "bundle logs" are a Zip file, containing many different log and configuration files.
When you send us bundle logs, make sure you also tell us the date and time (with time zone) and the username/email address for any authentications or other activity you need us to investigate in the logs.
In rare circumstances the issue being investigated may make the IDR's setup.jsp pages inaccessible. The IDR's bundle logs can still be downloaded if you have access to SSH for the IDR. To obtain the bundle logs using SSH, follow these steps:
Enter the following command at the SSH prompt to generate the bundle logs' Zip file. Note that the command may "hang" with no output for a short while, as it gathers the necessary files:
The command will eventually display a long list of files on the screen. At the end will be a message that tells you where the bundle logs' Zip file was saved on the IDR. For example:
Written to /tmp/idr9p_2021-08-19_06-31-38.zip
Download the bundle logs' Zip file from the IDR to your local machine, using SFTP (Secure File Transfer Protocol on port TCP 22) to the IDR's management / eth0 IP address. Use the IDR's idradmin credentials for SFTP.
If you are unable to access an IDR's setup.jsp page or SSH or SFTP:
Check that the IDR's VM is running. If not, start it.