cancel
Showing results for 
Search instead for 
Did you mean: 
Post a Question

How to configure alert for identity collector

Jump to solution

How to configure alert for identity collector for below condition.

  •  If identity collector got disconnected.
  •  if gateway got disconnected .
  •  If gateway didn't received last hour events.

customer is having both R80.10 and R77.30 version gateway.

1 Solution

Accepted Solutions

Re: How to configure alert for identity collector

Jump to solution

I'm afraid I can't give you full script as it is fully integrated into our own in-house monitoring system so it wouldn't make much sense

but to give you an idea assuming you have multiple IDCs (else you can take away while loop)

currTime=`date +%s`

pdp conn idc | grep ^[1-9] > idc.tmp

while read line; do

   if [ `echo $line | grep -c "No events received in the last hour" ` -eq 0 ]; then
      lastEvent=`echo $line | awk '{print $5" "$6}'`

      lastEvent=`date --date="$lastEvent" +%s`

      let diff=$currTime-$lastEvent

      if [ $diff -gt 120 ]; then

         do something here if no events seen in last 2 minutes
      fi

   fi

done < idc.tmp

0 Kudos
6 Replies

Re: How to configure alert for identity collector

Jump to solution

I could not imagine how to do that. But what i know is that Identity Collector is using the Windows Event Log API for fetching DC´s security logs. And if you know that these conditions show up in logs, you can use SmartEvent for alerting.

0 Kudos

Re: How to configure alert for identity collector

Jump to solution

We have scripted it and are checking update timestamp against current time. Then issue alert if nothing arrives in X minutes depending on the time of the day

It really depends what sort of alert you want to generate. Custom SNMP traps are described here

SNMP Custom Traps for Monitoring Processes 

Re: How to configure alert for identity collector

Jump to solution

Hello Kasparas,

would you be so kind and share scripts please?

or navigate us further where to focus please?

thanks,

Juraj

Re: How to configure alert for identity collector

Jump to solution

I'm afraid I can't give you full script as it is fully integrated into our own in-house monitoring system so it wouldn't make much sense

but to give you an idea assuming you have multiple IDCs (else you can take away while loop)

currTime=`date +%s`

pdp conn idc | grep ^[1-9] > idc.tmp

while read line; do

   if [ `echo $line | grep -c "No events received in the last hour" ` -eq 0 ]; then
      lastEvent=`echo $line | awk '{print $5" "$6}'`

      lastEvent=`date --date="$lastEvent" +%s`

      let diff=$currTime-$lastEvent

      if [ $diff -gt 120 ]; then

         do something here if no events seen in last 2 minutes
      fi

   fi

done < idc.tmp

0 Kudos

Re: How to configure alert for identity collector

Jump to solution

Thank you Kasparas very much...really helpful...

0 Kudos

Re: How to configure alert for identity collector

Jump to solution

Thanks Kasparas ,Its really helpful .

0 Kudos