SNMP CTS Object Identifiers

The OIDs related to SNMP monitoring of CTS follow guidance described in RFC 1271.

The OIDs listed in this section include the prefix assigned to ForgeRock, enterprises.36733. They also include the entries associated with AM (1), SNMP (2), and CTS monitoring (3): 1.2.3.

Therefore, the root OID for all CTS monitored components is enterprises.36733.1.2.3. All individual monitored CTS components are suffixes that are consistent with the image shown here.

Diagram of CTS OIDs
Diagram of CTS OIDs

CTS Token Type OIDs

The table below shows how OIDs are split into different token types. Do not forget the prefix. For example, the complete OID for monitoring SAML v2.0 tokens is enterprises.36733.1.2.3.1.1.2

The options for the token table are shown in the following table. For example, the token table OID for SAML v2.0 is based on the entries associated with ForgeRock, enterprises.36733, AM 1, SNMP 2, CTS Monitoring 3, token table 1, entry 1, and SAML v2.0 2, which is enterprises.36733.1.2.3.1.1.2.

CTS Monitoring OID Categories
OID, by Token TypeDescription
enterprises.36733.1.2.3.1.1.1Session
enterprises.36733.1.2.3.1.1.2SAML v2.0
enterprises.36733.1.2.3.1.1.3OAuth 2.0
enterprises.36733.1.2.3.1.1.4REST
enterprises.36733.1.2.3.1.1.5OAuth 2.0 CSRF Protection
enterprises.36733.1.2.3.1.1.6UMA Resource
enterprises.36733.1.2.3.1.1.7UMA Permission Ticket
enterprises.36733.1.2.3.1.1.8UMA Requesting Party
enterprises.36733.1.2.3.1.1.9UMA Audit Entry
enterprises.36733.1.2.3.1.1.10Session Blacklist
enterprises.36733.1.2.3.1.1.11UMA Pending Request
enterprises.36733.1.2.3.1.1.12Security Token Service
enterprises.36733.1.2.3.1.1.13OAuth 2.0 Blacklist
enterprises.36733.1.2.3.1.1.14OAuth 2.0 Client-Based
enterprises.36733.1.2.3.1.1.15Push Notification
enterprises.36733.1.2.3.1.1.16Cluster-wide Notification

CTS Monitoring Operation Types

OIDs related to CTS monitoring operations are based on basic CRUD operations (plus list).

The options for the operation table are shown in the following table.

CTS Monitoring Operation Types
OID, by OperationDescription
enterprises.36733.1.2.3.2.1.1Create
enterprises.36733.1.2.3.2.1.2Read
enterprises.36733.1.2.3.2.1.3Update
enterprises.36733.1.2.3.2.1.4Delete
enterprises.36733.1.2.3.2.1.5List

CTS Monitoring Entry Data Types

CTS monitoring entries use the following data types:

Counter64

A 64-bit, unsigned integer type.

Counter64 is a standard data type returned by SNMP OIDs. For more information, see Structure of Management Information Version 2.

Float2dp

A floating point number with the value d-2 in the DISPLAY-HINT clause. SNMP clients that handle the DISPLAY-HINT clause will correctly display the value as a floating point number with two decimal places. Other types of clients that do not handle the DISPLAY-HINT clause will incorrectly display the value as an integer that is one hundred times larger than the correct value.

Float2dp is a custom data type returned by some ForgeRock CTS OIDs.

CTS CRUD Operation Entries

The OIDs in this table relate to all CRUD (and list) operations.

The options for the CRUD operations table are shown in the following tables. Each value is associated with CRUD and list operations.

CTS CRUD Operation Entries
OID, by Operation EntryData TypeDescription
enterprises.36733.1.2.3.3.1.1Counter64Cumulative count
enterprises.36733.1.2.3.3.1.2Float2dpAverage (in period)
enterprises.36733.1.2.3.3.1.3Counter64Minimum (in period)
enterprises.36733.1.2.3.3.1.4Counter64Maximum (in period)
enterprises.36733.1.2.3.3.1.5Counter64Cumulative failure count
enterprises.36733.1.2.3.3.1.6Float2dpAverage failures (in period)
enterprises.36733.1.2.3.3.1.7Counter64Minimum failures (in period)
enterprises.36733.1.2.3.3.1.8Counter64Maximum failures (in period)

Each of the options in this table can be divided into CRUD and list related operations. The suffix OID for such operations is as follows:

  • 1: Create

  • 2: Read

  • 3: Update

  • 4: Delete

  • 5: List

For example, since the OID for cumulative count is enterprises.36733.1.2.3.3.1.1, the OID for the cumulative count of delete operations is enterprises.36733.1.2.3.3.1.1.4

CTS CRUD Operation Table Cumulative Operations
Cumulative Count Operations OIDData TypeDescription
enterprises.36733.1.2.3.3.1.1.1Counter64Cumulative count of CREATE operations
enterprises.36733.1.2.3.3.1.1.2Counter64Cumulative count of READ operations
enterprises.36733.1.2.3.3.1.1.3Counter64Cumulative count of UPDATE operations
enterprises.36733.1.2.3.3.1.1.4Counter64Cumulative count of DELETE operations
enterprises.36733.1.2.3.3.1.1.5Counter64Cumulative count of LIST operations

CTS CRUD Operation Table Average Operations (In Period)
Average Number Operations OIDData TypeDescription
enterprises.36733.1.2.3.3.1.2.1Float2dpAverage number of CREATE operations (in period)
enterprises.36733.1.2.3.3.1.2.2Float2dpAverage number of READ operations (in period)
enterprises.36733.1.2.3.3.1.2.3Float2dpAverage number of UPDATE operations (in period)
enterprises.36733.1.2.3.3.1.2.4Float2dpAverage number of DELETE operations (in period)
enterprises.36733.1.2.3.3.1.2.5Float2dpAverage number of LIST operations (in period)

CTS CRUD Operation Table Minimum Operations (In Period)
Minimum Number Operations OIDData TypeDescription
enterprises.36733.1.2.3.3.1.3.1Counter64Minimum number of CREATE operations (in period)
enterprises.36733.1.2.3.3.1.3.2Counter64Minimum number of READ operations (in period)
enterprises.36733.1.2.3.3.1.3.3Counter64Minimum number of UPDATE operations (in period)
enterprises.36733.1.2.3.3.1.3.4Counter64Minimum number of DELETE operations (in period)
enterprises.36733.1.2.3.3.1.3.5Counter64Minimum number of LIST operations (in period)

CTS CRUD Operation Table Maximum Operations (In Period)
Maximum Number Operations OIDData TypeDescription
enterprises.36733.1.2.3.3.1.4.1Counter64Maximum number of CREATE operations (in period)
enterprises.36733.1.2.3.3.1.4.2Counter64Maximum number of READ operations (in period)
enterprises.36733.1.2.3.3.1.4.3Counter64Maximum number of UPDATE operations (in period)
enterprises.36733.1.2.3.3.1.4.4Counter64Maximum number of DELETE operations (in period)
enterprises.36733.1.2.3.3.1.4.5Counter64Maximum number of LIST operations (in period)

CTS CRUD Operation Table Cumulative Failure Operations
Cumulative Failure Operations OIDData TypeDescription
enterprises.36733.1.2.3.3.1.5.1Counter64Cumulative Failure of CREATE operations (in period)
enterprises.36733.1.2.3.3.1.5.2Counter64Cumulative Failure of READ operations (in period)
enterprises.36733.1.2.3.3.1.5.3Counter64Cumulative Failure of UPDATE operations (in period)
enterprises.36733.1.2.3.3.1.5.4Counter64Cumulative Failure of DELETE operations (in period)
enterprises.36733.1.2.3.3.1.5.5Counter64Cumulative Failure of LIST operations (in period)

CTS CRUD Operation Table Average Failure Operations in Period
Average Number, Failure Operations OIDData TypeDescription
enterprises.36733.1.2.3.3.1.6.1Float2dpAverage number of CREATE operations failures (in period)
enterprises.36733.1.2.3.3.1.6.2Float2dpAverage number of READ operations failures (in period)
enterprises.36733.1.2.3.3.1.6.3Float2dpAverage number of UPDATE operations failures (in period)
enterprises.36733.1.2.3.3.1.6.4Float2dpAverage number of DELETE operations failures (in period)
enterprises.36733.1.2.3.3.1.6.5Float2dpAverage number of LIST operations failures (in period)

CTS CRUD Operation Table Minimum Operations Failures in Period
Minimum Number, Operations Failures OIDData TypeDescription
enterprises.36733.1.2.3.3.1.7.1Counter64Minimum number of CREATE operations failures (in period)
enterprises.36733.1.2.3.3.1.7.2Counter64Minimum number of READ operations failures (in period)
enterprises.36733.1.2.3.3.1.7.3Counter64Minimum number of UPDATE operations failures (in period)
enterprises.36733.1.2.3.3.1.7.4Counter64Minimum number of DELETE operations failures (in period)
enterprises.36733.1.2.3.3.1.7.5Counter64Minimum number of LIST operations failures (in period)

CTS CRUD Operation Table Maximum Operations Failures in Period
Maximum Number, Operations Failures OIDData TypeDescription
enterprises.36733.1.2.3.3.1.8.1Counter64Maximum number of CREATE operations failures (in period)
enterprises.36733.1.2.3.3.1.8.2Counter64Maximum number of READ operations failures (in period)
enterprises.36733.1.2.3.3.1.8.3Counter64Maximum number of UPDATE operations failures (in period)
enterprises.36733.1.2.3.3.1.8.4Counter64Maximum number of DELETE operations failures (in period)
enterprises.36733.1.2.3.3.1.8.5Counter64Maximum number of LIST operations failures (in period)

CTS CRUD Operations Per Token Type

OIDs that start with enterprises.36733.1.2.3.4.1 are labels for CTS CRUD operations per token type.

Tokens of each type can be created, read, updated, deleted, and listed. Each of these types can be measured cumulatively. They can also be measured over a period of time (default=10 seconds), as an average, minimum, and maximum.

OID suffixes for CRUD operations are defined according to the following rules.

The first part of the OID is enterprises.36733.1.2.3.4.1.

The next OID suffix specifies a metric:

CTS CRUD Operation Metrics
OID SuffixData TypeMetric
1 Counter64 Cumulative count
2 Float2dp Average (in period)
3 Counter64 Minimum (in period)
4 Counter64 Maximum (in period)

The next OID suffix specifies a token type:

CTS CRUD Operation Token Types
OID SuffixToken Type
1 Session
2 SAML v2.0
3 OAuth 2
4 REST
5 OAuth 2.0 CSRF Protection
6 UMA Resource
7 UMA Permission Ticket
8 UMA Requesting Party
9 UMA Audit Entry
10 Session Blacklist
11 UMA Pending Request
12 Security Token Service
13 OAuth 2.0 Blacklist
14 OAuth 2.0 Client-Based
15 Push Notification
16 Cluster-wide Notification

The final OID suffix specifies an operation:

CTS CRUD Operations
OID SuffixOperation
1 Create
2 Read
3 Update
4 Delete
5 List

The following examples illustrate OID construction for CTS CRUD operations per token type.

OID Examples for CTS CRUD Operations Per Token Type
OIDData TypeDescription
enterprises.36733.1.2.3.4.1.1.1.3 Counter64 Cumulative count of updated Session tokens
enterprises.36733.1.2.3.4.1.4.3.4 Counter64 Maximum deleted OAuth 2.0 tokens (in period)
enterprises.36733.1.2.3.4.1.2.10.5 Float2dp Average listed Session Blacklist tokens (in period)

CTS Token Operation Status

The CTS token OIDs defined in this section specify the total number of tokens of each type and their average current lifetimes.

The options for token operations are shown in the following tables. Total and average current lifetimes are associated with each CTS token type.

CTS Total Tokens, by Type
Total Tokens, by TypeData TypeDescription
enterprises.36733.1.2.3.5.1.1.1Counter64Total number of Session tokens
enterprises.36733.1.2.3.5.1.1.2Counter64Total number of SAML v2.0 tokens
enterprises.36733.1.2.3.5.1.1.3Counter64Total number of OAuth 2.0 tokens
enterprises.36733.1.2.3.5.1.1.4Counter64Total number of REST tokens
enterprises.36733.1.2.3.5.1.1.5Counter64Total number of OAuth 2.0 CSRF Protection tokens
enterprises.36733.1.2.3.5.1.1.6Counter64Total number of UMA Resource tokens
enterprises.36733.1.2.3.5.1.1.7Counter64Total number of UMA Permission Ticket tokens
enterprises.36733.1.2.3.5.1.1.8Counter64Total number of UMA Requesting Party tokens
enterprises.36733.1.2.3.5.1.1.9Counter64Total number of UMA Audit Entry tokens
enterprises.36733.1.2.3.5.1.1.10Counter64Total number of Session Blacklist tokens
enterprises.36733.1.2.3.5.1.1.11Counter64Total number of UMA Pending Request tokens
enterprises.36733.1.2.3.5.1.1.12Counter64Total number of Security Token Service tokens
enterprises.36733.1.2.3.5.1.1.13Counter64Total number of OAuth 2.0 Blacklist tokens
enterprises.36733.1.2.3.5.1.1.14Counter64Total number of OAuth 2.0 client-based tokens
enterprises.36733.1.2.3.5.1.1.15Counter64Total number of Push Notification tokens
enterprises.36733.1.2.3.5.1.1.16Counter64Total number of Cluster-wide Notification tokens

CTS Token Average Lifetime, by Type
Average Token Lifetime, by TypeData TypeDescription
enterprises.36733.1.2.3.5.1.2.1Counter64Average lifetime of Session tokens in seconds
enterprises.36733.1.2.3.5.1.2.2Counter64Average lifetime of SAML v2.0 tokens in seconds
enterprises.36733.1.2.3.5.1.2.3Counter64Average lifetime of OAuth 2.0 tokens in seconds
enterprises.36733.1.2.3.5.1.2.4Counter64Average lifetime of REST tokens in seconds
enterprises.36733.1.2.3.5.1.2.5Counter64Average lifetime of OAuth 2.0 CSRF Protection tokens in seconds
enterprises.36733.1.2.3.5.1.2.6Counter64Average lifetime of UMA Resource tokens in seconds
enterprises.36733.1.2.3.5.1.2.7Counter64Average lifetime of UMA Permission Ticket tokens in seconds
enterprises.36733.1.2.3.5.1.2.8Counter64Average lifetime of UMA Requesting Party tokens in seconds
enterprises.36733.1.2.3.5.1.2.9Counter64Average lifetime of UMA Audit Entry tokens in seconds
enterprises.36733.1.2.3.5.1.2.10Counter64Average lifetime of Session Blacklist tokens in seconds
enterprises.36733.1.2.3.5.1.2.11Counter64Average lifetime of UMA Pending Request tokens in seconds
enterprises.36733.1.2.3.5.1.2.12Counter64Average lifetime of Security Token Service tokens in seconds
enterprises.36733.1.2.3.5.1.2.13Counter64Average lifetime of OAuth 2.0 Blacklist tokens in seconds
enterprises.36733.1.2.3.5.1.2.14Counter64Average lifetime of OAuth 2.0 client-based tokens in seconds
enterprises.36733.1.2.3.5.1.2.15Counter64Average lifetime of Push Notification tokens in seconds
enterprises.36733.1.2.3.5.1.2.16Counter64Average lifetime of Cluster-wide Notification tokens in seconds

CTS Reaper Run Information

The CTS reaper deletes unused or expired tokens. Unless AM is in a shutdown cycle, the CTS reaper is designed to run continuously. By default, the CTS reaper runs in fixed intervals, unless AM is in the process of shutting down.

A single OID, enterprises.36733.1.2.3.6.0, relates to the CTS reaper. This OID:

  • Specifies the average rate of deleted tokens per CTS reaper run

  • Has the Float2dpdata type.

CTS Connection Factory OIDs

Every request for a CTS token is a request to the CTSConnectionFactory. Such requests can either succeed or fail. The following OIDs provide measures for both such connections. The CTSConnectionFactory OIDs are also measured using a rate window system, similar to all the other CTS OIDs, except the CTS Reaper.

As there are no indexes required to look up the value of CTSConnectionFactory OIDs, they end in 0. Success or failure of these OIDs are not specific to any operation or token type.

The following tables list the OIDs related to the CTSConnectionFactory.

CTSConnectionFactory, Successful Connections
Successes, CTSConnectionFactoryData TypeDescription
enterprises.36733.1.2.3.7.1.1.0Counter64Cumulative number of successful connections
enterprises.36733.1.2.3.7.1.2.0Float2dpAverage number of successful connections (in period)
enterprises.36733.1.2.3.7.1.3.0Counter64Minimum number of successful connections (in period)
enterprises.36733.1.2.3.7.1.4.0Counter64Maximum number of successful connections (in period)

CTSConnectionFactory, Failed Connections
Failures, CTSConnectionFactoryData TypeDescription
enterprises.36733.1.2.3.7.2.1.0Counter64Cumulative number of failed connections
enterprises.36733.1.2.3.7.2.2.0Float2dpAverage number of failed connections (in period)
enterprises.36733.1.2.3.7.2.3.0Counter64Minimum number of failed connections (in period)
enterprises.36733.1.2.3.7.2.4.0Counter64Maximum number of failed connections (in period)

Read a different version of :