Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted

How to configure alert for identity collector

Jump to solution

How to configure alert for identity collector for below condition.

  •  If identity collector got disconnected.
  •  if gateway got disconnected .
  •  If gateway didn't received last hour events.

customer is having both R80.10 and R77.30 version gateway.

1 Solution

Accepted Solutions
Highlighted

Re: How to configure alert for identity collector

Jump to solution

I'm afraid I can't give you full script as it is fully integrated into our own in-house monitoring system so it wouldn't make much sense

but to give you an idea assuming you have multiple IDCs (else you can take away while loop)

currTime=`date +%s`

pdp conn idc | grep ^[1-9] > idc.tmp

while read line; do

   if [ `echo $line | grep -c "No events received in the last hour" ` -eq 0 ]; then
      lastEvent=`echo $line | awk '{print $5" "$6}'`

      lastEvent=`date --date="$lastEvent" +%s`

      let diff=$currTime-$lastEvent

      if [ $diff -gt 120 ]; then

         do something here if no events seen in last 2 minutes
      fi

   fi

done < idc.tmp

View solution in original post

0 Kudos
7 Replies
Highlighted

Re: How to configure alert for identity collector

Jump to solution

I could not imagine how to do that. But what i know is that Identity Collector is using the Windows Event Log API for fetching DC´s security logs. And if you know that these conditions show up in logs, you can use SmartEvent for alerting.

0 Kudos
Highlighted

Re: How to configure alert for identity collector

Jump to solution

We have scripted it and are checking update timestamp against current time. Then issue alert if nothing arrives in X minutes depending on the time of the day

It really depends what sort of alert you want to generate. Custom SNMP traps are described here

SNMP Custom Traps for Monitoring Processes 

Highlighted

Re: How to configure alert for identity collector

Jump to solution

Hello Kasparas,

would you be so kind and share scripts please?

or navigate us further where to focus please?

thanks,

Juraj

Highlighted

Re: How to configure alert for identity collector

Jump to solution

I'm afraid I can't give you full script as it is fully integrated into our own in-house monitoring system so it wouldn't make much sense

but to give you an idea assuming you have multiple IDCs (else you can take away while loop)

currTime=`date +%s`

pdp conn idc | grep ^[1-9] > idc.tmp

while read line; do

   if [ `echo $line | grep -c "No events received in the last hour" ` -eq 0 ]; then
      lastEvent=`echo $line | awk '{print $5" "$6}'`

      lastEvent=`date --date="$lastEvent" +%s`

      let diff=$currTime-$lastEvent

      if [ $diff -gt 120 ]; then

         do something here if no events seen in last 2 minutes
      fi

   fi

done < idc.tmp

View solution in original post

0 Kudos
Highlighted

Re: How to configure alert for identity collector

Jump to solution

Thank you Kasparas very much...really helpful...

0 Kudos
Highlighted

Re: How to configure alert for identity collector

Jump to solution

Thanks Kasparas ,Its really helpful .

0 Kudos
Highlighted
Silver

Re: How to configure alert for identity collector

Jump to solution

CP has released better monitoring capability for identity collector in R80.20.  If you look at sk108235 at the 'Monitoring Capability' section, you can get more details.

Basically, you have to enable it on the identity collector server in the registry by adding a key called 'MonitoringEnabled'.  Once enabled, it will send stats from IDC to the attached gateways / PDPs.  You can view that info from the CLI using:

  • cpstat identityServer -f idc (R80.20)
  • pdp idc status (R80.30)

You can also monitor these items via SNMP on the gateway:

  • The SNMP Object Identifiers (OIDs) that points to this information are found in $FWDIR/conf/identity_server.cps

Hope that helps.

0 Kudos