-
Title
How to monitor the health of the Authentication Services client? -
Description
How to monitor the health of the Authentication Services client?
-
Resolution
The /opt/quest/bin/vastool status command can be used to check the health of Authentication Services. The vastool status command runs the /opt/quest/libexec/vas/scripts/vas_status.sh script.
If it is in a healthy state the last line will say Result:
. If there is a problem it will report a message in the form of: {FAILURE|CRITICAL|WARNING|INFO}:
- For failure messages are most issues that breaks something in Authentication Services such as configuration issue.
- For critical messages are major break that will stop authentication, cant continue testing, major files missing/corrupt/etc
- For warnings and information messages returned it does not necessarily mean there is a problem.
Search our Knowledge Base if a vastool status message appears for how to resolve it: https://support.oneidentity.com/authentication-services/kb
The latest version of vas_status.sh is always available from: ftp://ftp.vintela.com/vas/support/vas_status.sh.gz
Below are different ways of setting up automatic monitoring:
RESOLUTION 1:
The Management Console for Unix (MCU) 2.5 can be configured to check QAS agent status automatically. Please refer to Management Console For Unix 2.5 Admin Guide for more information on how to set this up.
RESOLUTION 2:
You can create a cronjob to monitor QAS. The script will report issues that can potentially affect the machine from being able to authenticate users.How often to run it is up to each company to decide. Once an hour is common. Some choose just nightly, more critical environaments are every 15 minutes.
RESOLUTION 3:
You can also use vas_status.sh with already established montoring method, tivoli, cfengine, nagios, etc