Core Token Service (CTS) Object Identifiers The OIDs related to SNMP monitoring of CTS follow guidance described in RFC 1271. The OIDs listed in this section include the prefix assigned to ForgeRock, enterprises.36733. They also include the entries associated with OpenAM (1), SNMP (2), and CTS monitoring (3): 1.2.3. Therefore, the root OID for all CTS monitored components is enterprises.36733.1.2.3. All individual monitored CTS components are suffixes that are consistent with the image shown here. CTS Token Type OIDs The table below shows how OIDs are split into different token types. Do not forget the prefix. For example, the complete OID for monitoring SAML v2.0 tokens is enterprises.36733.1.2.3.1.1.2 The options for the token table are shown in the following table. For example, the token table OID for SAML v2.0 is based on the entries associated with ForgeRock, enterprises.36733, OpenAM 1, SNMP 2, CTS Monitoring 3, token table 1, entry 1, and SAML v2.0 2, which is enterprises.36733.1.2.3.1.1.2. CTS Monitoring OID Categories OID, by Token Type Description enterprises.36733.1.2.3.1.1.1 Session enterprises.36733.1.2.3.1.1.2 SAML v2.0 enterprises.36733.1.2.3.1.1.3 OAuth 2.0 enterprises.36733.1.2.3.1.1.4 REST enterprises.36733.1.2.3.1.1.5 OAuth 2.0 CSRF Protection enterprises.36733.1.2.3.1.1.6 Resource Set enterprises.36733.1.2.3.1.1.7 UMA Permission Ticket enterprises.36733.1.2.3.1.1.8 UMA Requesting Party enterprises.36733.1.2.3.1.1.9 UMA Audit Entry enterprises.36733.1.2.3.1.1.10 Session Blacklist enterprises.36733.1.2.3.1.1.11 UMA Pending Request enterprises.36733.1.2.3.1.1.12 Security Token Service enterprises.36733.1.2.3.1.1.13 OAuth 2.0 Blacklist enterprises.36733.1.2.3.1.1.14 OAuth 2.0 Stateless enterprises.36733.1.2.3.1.1.15 Push Notification enterprises.36733.1.2.3.1.1.16 Cluster-wide Notification CTS Monitoring Operation Types OIDs related to CTS monitoring operations are based on basic CRUD operations (plus list). The options for the operation table are shown in the following table. CTS Monitoring Operation Types OID, by Operation Description enterprises.36733.1.2.3.2.1.1 Create enterprises.36733.1.2.3.2.1.2 Read enterprises.36733.1.2.3.2.1.3 Update enterprises.36733.1.2.3.2.1.4 Delete enterprises.36733.1.2.3.2.1.5 List CTS Monitoring Entry Data Types CTS monitoring entries use the following data types: Counter64 A 64-bit, unsigned integer type. Counter64 is a standard data type returned by SNMP OIDs. For more information, see Structure of Management Information Version 2. Float2dp A floating point number with the value d-2 in the DISPLAY-HINT clause. SNMP clients that handle the DISPLAY-HINT clause will correctly display the value as a floating point number with two decimal places. Other types of clients that do not handle the DISPLAY-HINT clause will incorrectly display the value as an integer that is one hundred times larger than the correct value. Float2dp is a custom data type returned by some ForgeRock CTS OIDs. CTS CRUD Operation Entries The OIDs in this table relate to all CRUD (and list) operations. The options for the CRUD operations table are shown in the following tables. Each value is associated with CRUD and list operations. CTS CRUD Operation Entries OID, by Operation Entry Data Type Description enterprises.36733.1.2.3.3.1.1 Counter64 Cumulative count enterprises.36733.1.2.3.3.1.2 Float2dp Average (in period) enterprises.36733.1.2.3.3.1.3 Counter64 Minimum (in period) enterprises.36733.1.2.3.3.1.4 Counter64 Maximum (in period) enterprises.36733.1.2.3.3.1.5 Counter64 Cumulative failure count enterprises.36733.1.2.3.3.1.6 Float2dp Average failures (in period) enterprises.36733.1.2.3.3.1.7 Counter64 Minimum failures (in period) enterprises.36733.1.2.3.3.1.8 Counter64 Maximum failures (in period) Each of the options in this table can be divided into CRUD and list related operations. The suffix OID for such operations is as follows: 1: Create 2: Read 3: Update 4: Delete 5: List For example, since the OID for cumulative count is enterprises.36733.1.2.3.3.1.1, the OID for the cumulative count of delete operations is enterprises.36733.1.2.3.3.1.1.4 CTS CRUD Operation Table Cumulative Operations Cumulative Count Operations OID Data Type Description enterprises.36733.1.2.3.3.1.1.1 Counter64 Cumulative count of CREATE operations enterprises.36733.1.2.3.3.1.1.2 Counter64 Cumulative count of READ operations enterprises.36733.1.2.3.3.1.1.3 Counter64 Cumulative count of UPDATE operations enterprises.36733.1.2.3.3.1.1.4 Counter64 Cumulative count of DELETE operations enterprises.36733.1.2.3.3.1.1.5 Counter64 Cumulative count of LIST operations CTS CRUD Operation Table Average Operations (In Period) Average Number Operations OID Data Type Description enterprises.36733.1.2.3.3.1.2.1 Float2dp Average number of CREATE operations (in period) enterprises.36733.1.2.3.3.1.2.2 Float2dp Average number of READ operations (in period) enterprises.36733.1.2.3.3.1.2.3 Float2dp Average number of UPDATE operations (in period) enterprises.36733.1.2.3.3.1.2.4 Float2dp Average number of DELETE operations (in period) enterprises.36733.1.2.3.3.1.2.5 Float2dp Average number of LIST operations (in period) CTS CRUD Operation Table Minimum Operations (In Period) Minimum Number Operations OID Data Type Description enterprises.36733.1.2.3.3.1.3.1 Counter64 Minimum number of CREATE operations (in period) enterprises.36733.1.2.3.3.1.3.2 Counter64 Minimum number of READ operations (in period) enterprises.36733.1.2.3.3.1.3.3 Counter64 Minimum number of UPDATE operations (in period) enterprises.36733.1.2.3.3.1.3.4 Counter64 Minimum number of DELETE operations (in period) enterprises.36733.1.2.3.3.1.3.5 Counter64 Minimum number of LIST operations (in period) CTS CRUD Operation Table Maximum Operations (In Period) Maximum Number Operations OID Data Type Description enterprises.36733.1.2.3.3.1.4.1 Counter64 Maximum number of CREATE operations (in period) enterprises.36733.1.2.3.3.1.4.2 Counter64 Maximum number of READ operations (in period) enterprises.36733.1.2.3.3.1.4.3 Counter64 Maximum number of UPDATE operations (in period) enterprises.36733.1.2.3.3.1.4.4 Counter64 Maximum number of DELETE operations (in period) enterprises.36733.1.2.3.3.1.4.5 Counter64 Maximum number of LIST operations (in period) CTS CRUD Operation Table Cumulative Failure Operations Cumulative Failure Operations OID Data Type Description enterprises.36733.1.2.3.3.1.5.1 Counter64 Cumulative Failure of CREATE operations (in period) enterprises.36733.1.2.3.3.1.5.2 Counter64 Cumulative Failure of READ operations (in period) enterprises.36733.1.2.3.3.1.5.3 Counter64 Cumulative Failure of UPDATE operations (in period) enterprises.36733.1.2.3.3.1.5.4 Counter64 Cumulative Failure of DELETE operations (in period) enterprises.36733.1.2.3.3.1.5.5 Counter64 Cumulative Failure of LIST operations (in period) CTS CRUD Operation Table Average Failure Operations in Period Average Number, Failure Operations OID Data Type Description enterprises.36733.1.2.3.3.1.6.1 Float2dp Average number of CREATE operations failures (in period) enterprises.36733.1.2.3.3.1.6.2 Float2dp Average number of READ operations failures (in period) enterprises.36733.1.2.3.3.1.6.3 Float2dp Average number of UPDATE operations failures (in period) enterprises.36733.1.2.3.3.1.6.4 Float2dp Average number of DELETE operations failures (in period) enterprises.36733.1.2.3.3.1.6.5 Float2dp Average number of LIST operations failures (in period) CTS CRUD Operation Table Minimum Operations Failures in Period Minimum Number, Operations Failures OID Data Type Description enterprises.36733.1.2.3.3.1.7.1 Counter64 Minimum number of CREATE operations failures (in period) enterprises.36733.1.2.3.3.1.7.2 Counter64 Minimum number of READ operations failures (in period) enterprises.36733.1.2.3.3.1.7.3 Counter64 Minimum number of UPDATE operations failures (in period) enterprises.36733.1.2.3.3.1.7.4 Counter64 Minimum number of DELETE operations failures (in period) enterprises.36733.1.2.3.3.1.7.5 Counter64 Minimum number of LIST operations failures (in period) CTS CRUD Operation Table Maximum Operations Failures in Period Maximum Number, Operations Failures OID Data Type Description enterprises.36733.1.2.3.3.1.8.1 Counter64 Maximum number of CREATE operations failures (in period) enterprises.36733.1.2.3.3.1.8.2 Counter64 Maximum number of READ operations failures (in period) enterprises.36733.1.2.3.3.1.8.3 Counter64 Maximum number of UPDATE operations failures (in period) enterprises.36733.1.2.3.3.1.8.4 Counter64 Maximum number of DELETE operations failures (in period) enterprises.36733.1.2.3.3.1.8.5 Counter64 Maximum number of LIST operations failures (in period) CTS CRUD Operations Per Token Type OIDs that start with enterprises.36733.1.2.3.4.1 are labels for CTS CRUD operations per token type. Tokens of each type can be created, read, updated, deleted, and listed. Each of these types can be measured cumulatively. They can also be measured over a period of time (default=10 seconds), as an average, minimum, and maximum. OID suffixes for CRUD operations are defined according to the following rules. The first part of the OID is enterprises.36733.1.2.3.4.1. The next OID suffix specifies a metric: CTS CRUD Operation Metrics OID Suffix Data Type Metric 1 Counter64 Cumulative count 2 Float2dp Average (in period) 3 Counter64 Minimum (in period) 4 Counter64 Maximum (in period) The next OID suffix specifies a token type: CTS CRUD Operation Token Types OID Suffix Token Type 1 Session 2 SAML v2.0 3 OAuth 2 4 REST 5 OAuth 2.0 CSRF Protection 6 Resource Set 7 UMA Permission Ticket 8 UMA Requesting Party 9 UMA Audit Entry 10 Session Blacklist 11 UMA Pending Request 12 Security Token Service 13 OAuth 2.0 Blacklist 14 OAuth 2.0 Stateless 15 Push Notification 16 Cluster-wide Notification The final OID suffix specifies an operation: CTS CRUD Operations OID Suffix Operation 1 Create 2 Read 3 Update 4 Delete 5 List The following examples illustrate OID construction for CTS CRUD operations per token type. OID Examples for CTS CRUD Operations Per Token Type OID Data Type Description enterprises.36733.1.2.3.4.1.1.1.3 Counter64 Cumulative count of updated Session tokens enterprises.36733.1.2.3.4.1.4.3.4 Counter64 Maximum deleted OAuth 2.0 tokens (in period) enterprises.36733.1.2.3.4.1.2.10.5 Float2dp Average listed Session Blacklist tokens (in period) CTS Token Operation Status The CTS token OIDs defined in this section specify the total number of tokens of each type and their average current lifetimes. The options for token operations are shown in the following tables. Total and average current lifetimes are associated with each CTS token type. CTS Total Tokens, by Type Total Tokens, by Type Data Type Description enterprises.36733.1.2.3.5.1.1.1 Counter64 Total number of Session tokens enterprises.36733.1.2.3.5.1.1.2 Counter64 Total number of SAML v2.0 tokens enterprises.36733.1.2.3.5.1.1.3 Counter64 Total number of OAuth 2.0 tokens enterprises.36733.1.2.3.5.1.1.4 Counter64 Total number of REST tokens enterprises.36733.1.2.3.5.1.1.5 Counter64 Total number of OAuth 2.0 CSRF Protection tokens enterprises.36733.1.2.3.5.1.1.6 Counter64 Total number of Resource Set tokens enterprises.36733.1.2.3.5.1.1.7 Counter64 Total number of UMA Permission Ticket tokens enterprises.36733.1.2.3.5.1.1.8 Counter64 Total number of UMA Requesting Party tokens enterprises.36733.1.2.3.5.1.1.9 Counter64 Total number of UMA Audit Entry tokens enterprises.36733.1.2.3.5.1.1.10 Counter64 Total number of Session Blacklist tokens enterprises.36733.1.2.3.5.1.1.11 Counter64 Total number of UMA Pending Request tokens enterprises.36733.1.2.3.5.1.1.12 Counter64 Total number of Security Token Service tokens enterprises.36733.1.2.3.5.1.1.13 Counter64 Total number of OAuth 2.0 Blacklist tokens enterprises.36733.1.2.3.5.1.1.14 Counter64 Total number of OAuth 2.0 Stateless tokens enterprises.36733.1.2.3.5.1.1.15 Counter64 Total number of Push Notification tokens enterprises.36733.1.2.3.5.1.1.16 Counter64 Total number of Cluster-wide Notification tokens CTS Token Average Lifetime, by Type Average Token Lifetime, by Type Data Type Description enterprises.36733.1.2.3.5.1.2.1 Counter64 Average lifetime of Session tokens in seconds enterprises.36733.1.2.3.5.1.2.2 Counter64 Average lifetime of SAML v2.0 tokens in seconds enterprises.36733.1.2.3.5.1.2.3 Counter64 Average lifetime of OAuth 2.0 tokens in seconds enterprises.36733.1.2.3.5.1.2.4 Counter64 Average lifetime of REST tokens in seconds enterprises.36733.1.2.3.5.1.2.5 Counter64 Average lifetime of OAuth 2.0 CSRF Protection tokens in seconds enterprises.36733.1.2.3.5.1.2.6 Counter64 Average lifetime of Resource Set tokens in seconds enterprises.36733.1.2.3.5.1.2.7 Counter64 Average lifetime of UMA Permission Ticket tokens in seconds enterprises.36733.1.2.3.5.1.2.8 Counter64 Average lifetime of UMA Requesting Party tokens in seconds enterprises.36733.1.2.3.5.1.2.9 Counter64 Average lifetime of UMA Audit Entry tokens in seconds enterprises.36733.1.2.3.5.1.2.10 Counter64 Average lifetime of Session Blacklist tokens in seconds enterprises.36733.1.2.3.5.1.2.11 Counter64 Average lifetime of UMA Pending Request tokens in seconds enterprises.36733.1.2.3.5.1.2.12 Counter64 Average lifetime of Security Token Service tokens in seconds enterprises.36733.1.2.3.5.1.2.13 Counter64 Average lifetime of OAuth 2.0 Blacklist tokens in seconds enterprises.36733.1.2.3.5.1.2.14 Counter64 Average lifetime of OAuth 2.0 Stateless tokens in seconds enterprises.36733.1.2.3.5.1.2.15 Counter64 Average lifetime of Push Notification tokens in seconds enterprises.36733.1.2.3.5.1.2.16 Counter64 Average lifetime of Cluster-wide Notification tokens in seconds CTS Reaper Run Information The CTS reaper deletes unused or expired tokens. Unless OpenAM is in a shutdown cycle, the CTS reaper is designed to run continuously. By default, the CTS reaper runs in fixed intervals, unless OpenAM is in the process of shutting down. A single OID, enterprises.36733.1.2.3.6.0, relates to the CTS reaper. This OID: Specifies the average rate of deleted tokens per CTS reaper run Has the Float2dpdata type. CTS Connection Factory OIDs Every request for a CTS token is a request to the CTSConnectionFactory. Such requests can either succeed or fail. The following OIDs provide measures for both such connections. The CTSConnectionFactory OIDs are also measured using a rate window system, similar to all the other CTS OIDs, except the CTS Reaper. As there are no indexes required to look up the value of CTSConnectionFactory OIDs, they end in 0. Success or failure of these OIDs are not specific to any operation or token type. The following tables list the OIDs related to the CTSConnectionFactory. CTSConnectionFactory, Successful Connections Successes, CTSConnectionFactory Data Type Description enterprises.36733.1.2.3.7.1.1.0 Counter64 Cumulative number of successful connections enterprises.36733.1.2.3.7.1.2.0 Float2dp Average number of successful connections (in period) enterprises.36733.1.2.3.7.1.3.0 Counter64 Minimum number of successful connections (in period) enterprises.36733.1.2.3.7.1.4.0 Counter64 Maximum number of successful connections (in period) CTSConnectionFactory, Failed Connections Failures, CTSConnectionFactory Data Type Description enterprises.36733.1.2.3.7.2.1.0 Counter64 Cumulative number of failed connections enterprises.36733.1.2.3.7.2.2.0 Float2dp Average number of failed connections (in period) enterprises.36733.1.2.3.7.2.3.0 Counter64 Minimum number of failed connections (in period) enterprises.36733.1.2.3.7.2.4.0 Counter64 Maximum number of failed connections (in period) XUI Configuration Parameters Log Files and Messages