SNMP CTS object identifiers
The OIDs related to SNMP monitoring of CTS follow guidance described in RFC 1271.
|
The interface stability of the legacy SNMP monitoring feature is deprecated. |
The OIDs listed in this section include the prefix assigned to ForgeRock, enterprises.36733.
They also include the entries associated with AM (1), SNMP (2), and CTS monitoring (3): 1.2.3.
Therefore, the root OID for all CTS monitored components is enterprises.36733.1.2.3.
All individual monitored CTS components are suffixes that are consistent with the image shown here.
CTS token type OIDs
This table shows how OIDs are split into different token types. Do not forget the prefix.
For example, the complete OID for monitoring SAML v2.0 tokens is enterprises.36733.1.2.3.1.1.2.
The options for the token table are also shown.
For example, the token table OID for SAML v2.0 is based on the entries associated with ForgeRock, enterprises.36733,
AM 1, SNMP 2, CTS Monitoring 3, token table 1, entry 1, and SAML v2.0 2,
which is enterprises.36733.1.2.3.1.1.2.
| OID by token type | Description |
|---|---|
|
Session |
|
SAML v2.0 |
|
OAuth 2.0 |
|
REST |
|
OAuth 2.0 CSRF Protection |
|
UMA Resource |
|
UMA Permission Ticket |
|
UMA Requesting Party |
|
UMA Audit Entry |
|
Session Blacklist |
|
UMA Pending Request |
|
Security Token Service |
|
OAuth 2.0 Blacklist |
|
OAuth 2.0 Client-Based |
|
Push Notification |
|
Cluster-wide Notification |
CTS monitoring operation types
OIDs related to CTS monitoring operations are based on basic CRUD operations (plus list).
This table shows the options for the operation table.
| OID by operation | Description |
|---|---|
|
Create |
|
Read |
|
Update |
|
Delete |
|
List |
CTS monitoring entry data types
CTS monitoring entries use the following data types:
Counter64-
A 64-bit, unsigned integer type.
Counter64is a standard data type returned by SNMP OIDs. For more information, refer to Structure of Management Information Version 2. Float2dp-
A floating point number with the value d-2 in the
DISPLAY-HINTclause. SNMP clients that handle theDISPLAY-HINTclause will correctly display the value as a floating point number with two decimal places. Other types of clients that do not handle theDISPLAY-HINTclause will incorrectly display the value as an integer that is one hundred times larger than the correct value.Float2dpis a custom data type returned by some ForgeRock CTS OIDs.
CTS CRUD operation entries
The OIDs in this table relate to all CRUD (and list) operations.
The options for the CRUD operations table are shown in the following tables. Each value is associated with CRUD and list operations.
| OID by operation entry | Data type | Description |
|---|---|---|
|
|
Cumulative count |
|
|
Average (in period) |
|
|
Minimum (in period) |
|
|
Maximum (in period) |
|
|
Cumulative failure count |
|
|
Average failures (in period) |
|
|
Minimum failures (in period) |
|
|
Maximum failures (in period) |
Each of the options in this table can be divided into CRUD and list related operations. The suffix OID for such operations is as follows:
-
1: Create
-
2: Read
-
3: Update
-
4: Delete
-
5: List
For example, since the OID for cumulative count is enterprises.36733.1.2.3.3.1.1,
the OID for the cumulative count of delete operations is enterprises.36733.1.2.3.3.1.1.4
| Cumulative count operations OID | Data type | Description |
|---|---|---|
|
|
Cumulative count of CREATE operations |
|
|
Cumulative count of READ operations |
|
|
Cumulative count of UPDATE operations |
|
|
Cumulative count of DELETE operations |
|
|
Cumulative count of LIST operations |
| Average number operations OID | Data type | Description |
|---|---|---|
|
|
Average number of CREATE operations (in period) |
|
|
Average number of READ operations (in period) |
|
|
Average number of UPDATE operations (in period) |
|
|
Average number of DELETE operations (in period) |
|
|
Average number of LIST operations (in period) |
| Minimum number operations OID | Data type | Description |
|---|---|---|
|
|
Minimum number of CREATE operations (in period) |
|
|
Minimum number of READ operations (in period) |
|
|
Minimum number of UPDATE operations (in period) |
|
|
Minimum number of DELETE operations (in period) |
|
|
Minimum number of LIST operations (in period) |
| Maximum Number Operations OID | Data Type | Description |
|---|---|---|
|
|
Maximum number of CREATE operations (in period) |
|
|
Maximum number of READ operations (in period) |
|
|
Maximum number of UPDATE operations (in period) |
|
|
Maximum number of DELETE operations (in period) |
|
|
Maximum number of LIST operations (in period) |
| Cumulative failure operations OID | Data type | Description |
|---|---|---|
|
|
Cumulative Failure of CREATE operations (in period) |
|
|
Cumulative Failure of READ operations (in period) |
|
|
Cumulative Failure of UPDATE operations (in period) |
|
|
Cumulative Failure of DELETE operations (in period) |
|
|
Cumulative Failure of LIST operations (in period) |
| Average number, failure operations OID | Data type | Description |
|---|---|---|
|
|
Average number of CREATE operations failures (in period) |
|
|
Average number of READ operations failures (in period) |
|
|
Average number of UPDATE operations failures (in period) |
|
|
Average number of DELETE operations failures (in period) |
|
|
Average number of LIST operations failures (in period) |
| Minimum number, operations failures OID | Data type | Description |
|---|---|---|
|
|
Minimum number of CREATE operations failures (in period) |
|
|
Minimum number of READ operations failures (in period) |
|
|
Minimum number of UPDATE operations failures (in period) |
|
|
Minimum number of DELETE operations failures (in period) |
|
|
Minimum number of LIST operations failures (in period) |
| Maximum number, operations failures OID | Data type | Description |
|---|---|---|
|
|
Maximum number of CREATE operations failures (in period) |
|
|
Maximum number of READ operations failures (in period) |
|
|
Maximum number of UPDATE operations failures (in period) |
|
|
Maximum number of DELETE operations failures (in period) |
|
|
Maximum number of LIST operations failures (in period) |
CTS CRUD operations per token type
OIDs that start with enterprises.36733.1.2.3.4.1 are labels for CTS CRUD operations per token type.
Tokens of each type can be created, read, updated, deleted, and listed. Each of these types can be measured cumulatively. They can also be measured over a period of time (default=10 seconds), as an average, minimum, and maximum.
OID suffixes for CRUD operations are defined according to the following rules.
The first part of the OID is enterprises.36733.1.2.3.4.1.
The next OID suffix specifies a metric:
| OID suffix | Data type | Metric |
|---|---|---|
1 |
|
Cumulative count |
2 |
|
Average (in period) |
3 |
|
Minimum (in period) |
4 |
|
Maximum (in period) |
The next OID suffix specifies a token type:
| OID suffix | Token type |
|---|---|
1 |
Session |
2 |
SAML v2.0 |
3 |
OAuth 2 |
4 |
REST |
5 |
OAuth 2.0 CSRF Protection |
6 |
UMA Resource |
7 |
UMA Permission Ticket |
8 |
UMA Requesting Party |
9 |
UMA Audit Entry |
10 |
Session Blacklist |
11 |
UMA Pending Request |
12 |
Security Token Service |
13 |
OAuth 2.0 Blacklist |
14 |
OAuth 2.0 Client-Based |
15 |
Push Notification |
16 |
Cluster-wide Notification |
The final OID suffix specifies an operation:
| OID suffix | Operation |
|---|---|
1 |
Create |
2 |
Read |
3 |
Update |
4 |
Delete |
5 |
List |
The following examples illustrate OID construction for CTS CRUD operations per token type.
| OID | Data type | Description |
|---|---|---|
|
|
Cumulative count of updated Session tokens |
|
|
Maximum deleted OAuth 2.0 tokens (in period) |
|
|
Average listed Session Blacklist tokens (in period) |
CTS token operation status
The CTS token OIDs defined in this section specify the total number of tokens of each type and their average current lifetimes.
The options for token operations are shown in the following tables. Total and average current lifetimes are associated with each CTS token type.
| Total tokens, by type | Data type | Description |
|---|---|---|
|
|
Total number of Session tokens |
|
|
Total number of SAML v2.0 tokens |
|
|
Total number of OAuth 2.0 tokens |
|
|
Total number of REST tokens |
|
|
Total number of OAuth 2.0 CSRF Protection tokens |
|
|
Total number of UMA Resource tokens |
|
|
Total number of UMA Permission Ticket tokens |
|
|
Total number of UMA Requesting Party tokens |
|
|
Total number of UMA Audit Entry tokens |
|
|
Total number of Session Blacklist tokens |
|
|
Total number of UMA Pending Request tokens |
|
|
Total number of Security Token Service tokens |
|
|
Total number of OAuth 2.0 Blacklist tokens |
|
|
Total number of OAuth 2.0 client-side tokens |
|
|
Total number of Push Notification tokens |
|
|
Total number of Cluster-wide Notification tokens |
| Average token lifetime, by type | Data type | Description |
|---|---|---|
|
|
Average lifetime of Session tokens in seconds |
|
|
Average lifetime of SAML v2.0 tokens in seconds |
|
|
Average lifetime of OAuth 2.0 tokens in seconds |
|
|
Average lifetime of REST tokens in seconds |
|
|
Average lifetime of OAuth 2.0 CSRF Protection tokens in seconds |
|
|
Average lifetime of UMA Resource tokens in seconds |
|
|
Average lifetime of UMA Permission Ticket tokens in seconds |
|
|
Average lifetime of UMA Requesting Party tokens in seconds |
|
|
Average lifetime of UMA Audit Entry tokens in seconds |
|
|
Average lifetime of Session Blacklist tokens in seconds |
|
|
Average lifetime of UMA Pending Request tokens in seconds |
|
|
Average lifetime of Security Token Service tokens in seconds |
|
|
Average lifetime of OAuth 2.0 denylist tokens in seconds |
|
|
Average lifetime of OAuth 2.0 client-side tokens in seconds |
|
|
Average lifetime of Push Notification tokens in seconds |
|
|
Average lifetime of Cluster-wide Notification tokens in seconds |
CTS reaper run information
The CTS reaper deletes unused or expired tokens. Unless AM is in a shutdown cycle, the CTS reaper is designed to run continuously. By default, the CTS reaper runs in fixed intervals, unless AM is in the process of shutting down.
A single OID, enterprises.36733.1.2.3.6.0, relates to the CTS reaper.
This OID:
-
Specifies the average rate of deleted tokens per CTS reaper run
-
Has the
Float2dpdata type.
CTS connection factory OIDs
Every request for a CTS token is a request to the CTSConnectionFactory.
Such requests can either succeed or fail.
The following OIDs provide measures for both such connections.
The CTSConnectionFactory OIDs are also measured using a rate window system, similar to all the other CTS OIDs,
except the CTS Reaper.
As there are no indexes required to look up the value of CTSConnectionFactory OIDs, they end in 0. Success or failure of these OIDs are not specific to any operation or token type.
The following tables list the OIDs related to the CTSConnectionFactory.
| Successes, CTSConnectionFactory | Data type | Description |
|---|---|---|
|
|
Cumulative number of successful connections |
|
|
Average number of successful connections (in period) |
|
|
Minimum number of successful connections (in period) |
|
|
Maximum number of successful connections (in period) |
| Failures, CTSConnectionFactory | Data type | Description |
|---|---|---|
|
|
Cumulative number of failed connections |
|
|
Average number of failed connections (in period) |
|
|
Minimum number of failed connections (in period) |
|
|
Maximum number of failed connections (in period) |