Article Number
000039831
Applies To
RSA Product Set: RSA SecurID Access
RSA Product/Service Type: Identity Router
RSA Version/Condition: Any
Issue
RSA Support will often ask you to send us the internal log files, or
bundle logs, from one or more of the IDRs in your deployment. You can also proactively send them to us when you open a case.
The bundle logs
can only be downloaded from the Identity Router itself. It is not possible to get IDR bundle logs from the RSA Cloud Administration Console.
Tips
- IDR bundle logs are not the same as an IDR's View Log option in the Cloud Administration Console. View Log is an excerpt of only the last 1000 lines of an IDR's system log. That is usually not sufficient for RSA Support troubleshooting. In contrast, what we call "bundle logs" are a Zip file, containing many different log and configuration files.
- When you send us bundle logs, make sure you also tell us the date and time (with time zone) and the username/email address for any authentications or other activity you need us to investigate in the logs.
Task
There are two methods to obtain IDR bundle logs.
setup.jsp
This is the recommended and easiest method. An IDR's bundle logs should normally be generated and downloaded from the IDR's setup.jsp pages, by following the steps in the online help on RSA Link here:
Generate and Download the Identity Router Log Bundle.
SSH
In rare circumstances the issue being investigated may make the IDR's setup.jsp pages inaccessible. The IDR's bundle logs can still be downloaded if you have access to SSH for the IDR. To obtain the bundle logs using SSH, follow these steps:
- Access SSH and login as idradmin.
- Enter the following command at the SSH prompt to generate the bundle logs' Zip file. Note that the command may "hang" with no output for a short while, as it gathers the necessary files:
bundlelogs
- The command will eventually display a long list of files on the screen. At the end will be a message that tells you where the bundle logs' Zip file was saved on the IDR. For example:
Written to /tmp/idr9p_2021-08-19_06-31-38.zip
- Download the bundle logs' Zip file from the IDR to your local machine, using SFTP (Secure File Transfer Protocol on port TCP 22) to the IDR's management / eth0 IP address. Use the IDR's idradmin credentials for SFTP.
Notes
If you are unable to access an IDR's setup.jsp page or SSH or SFTP:
- Check that the IDR's VM is running. If not, start it.
- Check from the RSA Cloud Administration Console that the IDR's SSH port is open.
- Check that your organization's firewalls are not blocking access to the IDR's IP(s) or interface(s) or the SSH or HTTPS or SFTP ports.
Inform the RSA Support Engineer for your case if you still cannot access the IDR to get the bundle logs. If you do not yet have a support case open,
contact RSA Support.