Follow the steps to generate a token statistics report via command line that includes unassigned tokens, unexpired tokens, unassigned and disabled tokens and unassigned and enabled tokens.

1. Launch an SSH client, such as PuTTY.
2. Login to the primary Authentication Manager server as rsaadmin and enter the operating system password.

Note that during Quick Setup another user name may have been selected. Use that user name to login.

3. Navigate to /opt/rsa/am/utils.
4. Run the command ./rsautil manage-secrets -a get com.rsa.db.dba.password to get the database password.

login as: rsaadmin 
Using keyboard-interactive authentication.
Password: <enter operating system password>
Last login: Fri Jul 10 11:56:49 2015 from dh7u02ua3361dr7.uhc.com
RSA Authentication Manager Installation Directory: /opt/rsa/am
rsaadmin@securid:~> cd /opt/rsa/am/utils/
rsaadmin@securid:/opt/rsa/am/utils> ./rsautil manage-secrets -a get com.rsa.db.dba.password
Please enter OC Administrator username: <enter Operations Console administrator user name>
Please enter OC Administrator password:<enter Operations Console administrstor password>
com.rsa.db.dba.password: EVPGOtr6Er2CFqP9g9W3yOTtzIHMHt 

The appropriate method would be to create a read-only user for database access. Remember to run the commadn with the appropriate Operations Console administrative account details.
 

5. Using a file transfer app such as WinSCP, copy the attached count_tokens.sql to /opt/rsa/am/utils.
6. In /opt/rsa/am/utils folder run the following command to generate a CSV output file using SQL script called count_tokens.sql: 

/opt/rsa/am/pgsql/bin/psql -h localhost -p 7050 -d db -U rsa_dba -A -F , -X -t -f count_tokens.sql -o count_tokens.csv

7. When prompted, enter the password obtained from step 4.
8. Review the file count_tokens.csv.