Identity Cloud

Monitor your tenant

Identity Cloud lets you monitor uptime status and system performance.

Identity Cloud also provides APIs for extracting log data. For more information, see View audit and debug logs.

Monitor uptime status

Tenant status page

Use your tenant status page to monitor uptime and historical trends for your production and staging tenant environments.

Production environment

For the production environment, the tenant status page shows individual statuses for these services:

  • Access Management

  • Identity Management

  • End User UI

  • Login UI

  • Registration UI

  • Administrator UI

  • Logs

    400

Staging environment

For the staging environment, the tenant status page combines the individual service statuses into a single status.

Access your tenant status page

  1. Identify your tenant domain name by removing the protocol and any trailing slash from your tenant FQDN.

    Example: openam-mycompany-mytenant-usw1.id.forgerock.io

  2. Obtain your tenant status page URL by appending your tenant domain name to the Identity Cloud status page URL, https://status.id.forgerock.io.

    Example: https://status.id.forgerock.io/openam-mycompany-mytenant-usw1.id.forgerock.io

  3. Open your tenant status page URL in a browser.

  4. On the sign-in page, enter the credentials you received when you registered with Identity Cloud.

    If you don’t have access to this page, submit a support ticket: Go to Backstage, and click Support.

  5. Click Authenticate.

View and filter your tenant status page

You can view real-time status of your staging and production environments, and a listing of service incidents.

400

For more details, click View historical uptime. Then, for the production environment only, click Filter Components to view reports on incidents in selected Identity Cloud services.

400

Add more tenant administrators to the tenant status page

If monitoring Identity Cloud uptime status is part of a particular tenant administrator’s role, submit a support request to give the individual access to the tenant status page.

  • To submit a support request, go to Backstage, and click Support.

  • You can request access on behalf of one or more tenant administrators, including yourself.

  • In the request, provide the email address of each tenant administrator you want to have status page access.

Monitor system performance

Identity Cloud provides monitoring endpoints you can use with Prometheus.

Endpoint Purpose

/monitoring/prometheus/am

Produces Prometheus-formatted metrics for Access Management

/monitoring/prometheus/idm

Produces Prometheus-formatted metrics for Identity Management

You must obtain API credentials to authenticate to these endpoints. See Obtaining API Credentials.

You can download and run a Docker-based example of a Grafana dashboard. The demo requires that you have Docker Desktop installed, and requires macOS.

To try the demo:

  1. Download and extract the ForgeRock Identity Cloud Monitoring Demo ZIP file.

  2. Edit the setup_monitoring_config.sh file:

    1. In the TENANT_DOMAIN variable, enter the domain name of your tenant.

      Do not include the protocol, and do not add a trailing slash.

      For example:

      TENANT_DOMAIN="openam-mycompany-mytenant-usw1.id.forgerock.io"
    2. In the API_KEY_ID and API_KEY_SECRET variables, enter the API credentials you obtained earlier.

      For example:

      API_KEY_ID="b977d5724ef...562e4c57"
      API_KEY_SECRET="d3628be865ce152f49...870e5fd3506c4"
    3. Save your changes.

  3. Run the setup_monitoring_config.sh script.

    The Shell script will set up the following config files:

    Config File Description

    prometheus/prometheus.yml

    The script populates the tenant domain and API credentials.

    docker/docker-compose.yml

    The script populates the working directory path.

  4. Run the following Docker command:

    docker-compose -f docker/docker-compose.yml up

    The command downloads a Prometheus Docker image and configures it for your tenant. It also downloads a Grafana Docker image, and configures it to use the Prometheus image as a data source.

  5. When the command output for the "grafana_1" container displays a message that contains "HTTP Server Listen", open http://localhost:3000 in a web browser.

  6. Log in with username "admin", password "admin".

  7. Enter a new password to use for the administrator, or click Skip.

  8. On the Grafana Home page, select Dashboards, and then select Manage.

  9. On the Dashboards page, select AM Overview.

    The AM Overview dashboard opens:

    Sample AM Grafana Dashboard

    View the Prometheus dashboard at http://localhost:9090.
Copyright © 2010-2023 ForgeRock, all rights reserved.