Monitoring the Cloud Authentication Service

• The Cloud Administration Health Check API can be used to query the status of the Cloud Authentication status.
• Uptime for the administration and authentication services of the RSA SecurID Access Cloud Authentication Service can be viewed at https://status.securid.com/.
• Service notifications regarding maintenance activity and service incidents to the Cloud Authentication Service can be subscribed to via the "Subscribe to Updates" button on https://status.securid.com/.

Monitoring Identity Routers

• The RSA SecurID Access Cloud Administration Console contains various status reports and monitoring information for the identity routers.
  • The Platform > Identity Routers page includes information and status indicators for each IDR. See View Identity Router Status in the Cloud Administration Console .
  • More diagnostic information is provided on the Platform > System Event Monitor page and in the identity router audit logs. See System Event Monitor Messages for the Cloud Authentication Service  and Identity Router Audit Log Messages .
• Audit logging can be configured so that system events from one or more identity routers are sent to a syslog server. Steps for configuring audit logging are explained in the Configure Audit Logging in the Cloud Administration Console  document.
  • To view the audit logs, download a log bundle from an identity router using steps that are outlined in Generate and Download the Identity Router Log Bundle . Once downloaded, the following audit logs can be checked:
    • /var/log/symplified/symplified-audit.log
    • /var/log/radiusj/radius-audit.log
• The identity router has a status servlet that can be queried for status information. To query an IDR for this, the SSO Agent service must be enabled on the IDR. Whether the SSO Agent service is enabled can be checked:

1. Go to Cloud Administration Console > Platform > Clusters.
2. Confirm that SSO Agent is set to Enabled for the cluster in which the IDR is located.