Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
soni_kumari1
Participant
Jump to solution

How to configure alert for identity collector

How to configure alert for identity collector for below condition.

  •  If identity collector got disconnected.
  •  if gateway got disconnected .
  •  If gateway didn't received last hour events.

customer is having both R80.10 and R77.30 version gateway.

1 Solution

Accepted Solutions
Kaspars_Zibarts
Employee Employee
Employee

I'm afraid I can't give you full script as it is fully integrated into our own in-house monitoring system so it wouldn't make much sense

but to give you an idea assuming you have multiple IDCs (else you can take away while loop)

currTime=`date +%s`

pdp conn idc | grep ^[1-9] > idc.tmp

while read line; do

   if [ `echo $line | grep -c "No events received in the last hour" ` -eq 0 ]; then
      lastEvent=`echo $line | awk '{print $5" "$6}'`

      lastEvent=`date --date="$lastEvent" +%s`

      let diff=$currTime-$lastEvent

      if [ $diff -gt 120 ]; then

         do something here if no events seen in last 2 minutes
      fi

   fi

done < idc.tmp

View solution in original post

0 Kudos
7 Replies
G_W_Albrecht
Legend Legend
Legend

I could not imagine how to do that. But what i know is that Identity Collector is using the Windows Event Log API for fetching DC´s security logs. And if you know that these conditions show up in logs, you can use SmartEvent for alerting.

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
Kaspars_Zibarts
Employee Employee
Employee

We have scripted it and are checking update timestamp against current time. Then issue alert if nothing arrives in X minutes depending on the time of the day

It really depends what sort of alert you want to generate. Custom SNMP traps are described here

SNMP Custom Traps for Monitoring Processes 

Juraj_Skalny
Contributor

Hello Kasparas,

would you be so kind and share scripts please?

or navigate us further where to focus please?

thanks,

Juraj

Kaspars_Zibarts
Employee Employee
Employee

I'm afraid I can't give you full script as it is fully integrated into our own in-house monitoring system so it wouldn't make much sense

but to give you an idea assuming you have multiple IDCs (else you can take away while loop)

currTime=`date +%s`

pdp conn idc | grep ^[1-9] > idc.tmp

while read line; do

   if [ `echo $line | grep -c "No events received in the last hour" ` -eq 0 ]; then
      lastEvent=`echo $line | awk '{print $5" "$6}'`

      lastEvent=`date --date="$lastEvent" +%s`

      let diff=$currTime-$lastEvent

      if [ $diff -gt 120 ]; then

         do something here if no events seen in last 2 minutes
      fi

   fi

done < idc.tmp

0 Kudos
Juraj_Skalny
Contributor

Thank you Kasparas very much...really helpful...

0 Kudos
soni_kumari1
Participant

Thanks Kasparas ,Its really helpful .

0 Kudos
phlrnnr
Advisor

CP has released better monitoring capability for identity collector in R80.20.  If you look at sk108235 at the 'Monitoring Capability' section, you can get more details.

Basically, you have to enable it on the identity collector server in the registry by adding a key called 'MonitoringEnabled'.  Once enabled, it will send stats from IDC to the attached gateways / PDPs.  You can view that info from the CLI using:

  • cpstat identityServer -f idc (R80.20)
  • pdp idc status (R80.30)

You can also monitor these items via SNMP on the gateway:

  • The SNMP Object Identifiers (OIDs) that points to this information are found in $FWDIR/conf/identity_server.cps

Hope that helps.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events