PingAM

Monitoring

amster service name: Monitoring

Configuration

The following settings appear on the Configuration tab:

Monitoring Status

Enable / Disable the monitoring system

Default value: false

amster attribute: enabled

Monitoring HTTP Port

Port number for the HTTP monitoring interface

Default value: 8082

amster attribute: httpPort

Monitoring HTTP interface status

Enable / Disable the HTTP access to the monitoring system

Default value: false

amster attribute: httpEnabled

Monitoring HTTP interface authentication file path

Path to the monitoring system authentication file

The openam_mon_auth file contains the username and password of the account used to protect the monitoring interfaces. The default username is demo with a password of changeit. Use the ampassword command to encrypt a new password.

Default value: %BASE_DIR%/security/openam_mon_auth

amster attribute: authfilePath

Monitoring RMI Port

Port number for the JMX monitoring interface

Default value: 9999

amster attribute: rmiPort

Monitoring RMI interface status

Enable / Disable the JMX access to the monitoring system

Default value: false

amster attribute: rmiEnabled

Monitoring SNMP Port

SNMP monitoring is no longer supported. Refer to the AM release notes for details.
Monitoring SNMP interface status

SNMP monitoring is no longer supported. Refer to the AM release notes for details.
Policy evaluation monitoring history size

Size of the window of most recent policy evaluations to record to expose via monitoring system. Valid range is 100 - 1000000.

Default value: 10000

amster attribute: policyHistoryWindowSize

Session monitoring history size

Size of the window of most recent session operations to record to expose via monitoring system. Valid range is 100 - 1000000.

Default value: 10000

amster attribute: sessionHistoryWindowSize

Secondary configurations

This service has the following secondary configurations.

crest

Enabled

Default value: false

amster attribute: enabled

graphite

Hostname

The hostname of the Graphite server to which metrics should be published.

amster attribute: host

Port

The port of the Graphite server to which metrics should be published.

Default value: 2004

amster attribute: port

Frequency

The frequency (in seconds) at which metrics should be published.

Default value: 30

amster attribute: frequency

prometheus

Enabled

Default value: false

amster attribute: enabled

Authentication Type

The type of authentication determines whether Prometheus needs to authenticate: None or HTTP Basic.

Default value: HTTP Basic

amster attribute: authenticationType

Username

If the authentication type is HTTP Basic, specify a username for Prometheus to use when accessing the endpoint.

Default value: prometheus

amster attribute: username

Password

If the authentication type is HTTP Basic, specify a password for Prometheus to use when accessing the endpoint.

If you set a Secret Label Identifier and PingAM finds a matching secret in a secret store, the Password is ignored.

amster attribute: password

Secret Label Identifier

PingAM uses this identifier to create a specific secret label, using the template am.services.monitoring.prometheus.identifier.secret where identifier is the value of Secret Label Identifier.

The identifier can only contain alphanumeric characters a-z, A-Z, 0-9, and periods (.). It can’t start or end with a period.

If you set a Secret Label Identifier and PingAM finds a matching secret in a secret store, the Password is ignored.

amster attribute: password