Authentication Types
6.1. Administrative API
6.1.9. Get Status and Statistics Function
The GET_STATS function returns the current status of ASIS and statistical data regarding all of the user authentications ASIS has performed since it was last loaded.
Authentication statistics include the number of authentications now in progress and the number that succeeded, failed, or were declined since the time ASIS became active. It also includes the current number of worker activities available to handle authentications within ASIS.
No security privilege is required to perform this function.
Function Name GET_STATS
A new version 1 packet format is supported for the GET_STATS administrative interface to supply additional information about usage of the authentication API. The existing version 0 packet is still supported.
Packet Version 0
0 version reserved
1 debug mode single-thread mode
2 trace level reserved
3 current timestamp
4 ASIS state
5 authentications in progress
6 authentication worker count
7 startup timestamp
010 total authentications
011 authentications passed
012 authentications failed
013 authentications declined
014 authentications aborted
015-030 ASIS version
where:
current timestamp is the current time to which the following status and statistic values apply. It is returned in time_t calendar time as documented with the time functions in the standard C library. This value can then be used as input to library functions such as localtime( ) and ctime( ).
startup timestamp is the time when ASIS begins handling authentications.
Together with the current timestamp, it specifies the interval during which the following statistics are
accumulated. This value is also returned as the type time_t.
debug mode and single-thread mode
are test modes described in 6.1.12.
trace level is the current ASIS trace level. The higher the trace level, the more detail in the ASIS trace file. If the trace level is 0, nearly all ASIS traces are turned off.
Note: If the trace level is set to 14 or higher,
security-sensitive information-like passwords may appear in the ASIS*ASIS$TRACE$ file.
ASIS state is the current state of ASIS. The values are inactive,
initializing, active, draining, and terminating. If an ASIS state of inactive or initializing is returned, all the other statistics in the packet are invalid.
words 010 through 014
provide counts of authentications processed and their disposition.
total authentications includes authentications in progress.
authentications aborted
includes terminal timeouts and AM requests to terminate an authentication by using reportError.
ASIS version is a 48-character identifier of the current ASIS version.
Packet Version 1 (getStatsPktV1_t Defined in admin.h) Items new or changed in version 1 are highlighted in bold.
0 version reserved
1 debug mode single-thread mode
2 trace level reserved
3 current timestamp
4 ASIS state
5 authentications in progress
6 authentication worker count
7 startup timestamp
010 total authentications
011 authentications passed
012 authentications failed
013 authentications declined
014 authentications aborted
015 – 030 ASIS version
031 API authentications total 032 API authentications passed 033 API authentications failed 034 API authentications declined 035 API authentications aborted 036 API authentications continued 037 API authentications AUTH_USER 040 API authentications AUTH_CONTEXT 041 API calls in active hacker frustration delay
042 API hacker frustration records existing 043 API hacker frustration records returned 044 - xxx API hacker frustration records
where:
version (I) is the authentication packet version, currently version 1.
Version 0 remains supported, but only contains words 0 - 030.
reserved (O) is the reserved field; must be 0.
debug mode (O) is true if ASIS debug mode is enabled.
single-thread mode (O)
is true if ASIS single-thread mode is enabled.
trace level (O) is the current ASIS trace level.
current timestamp (O) is the current time to which these status values apply, in time_t format. time_t is calendar time (current date and time) used as input to library functions such as localtime() or ctime().
ASIS state (O) is the current state of ASIS. The values are inactive, initializing, active, draining, and terminating. If an ASIS state of inactive or initializing is returned, all the other statistics in the packet are invalid.
authentications in progress (O)
is the total number of authentications currently in progress.
authentication worker count (O)
is the number of authentication worker activities available to ASIS.
startup timestamp (O) is the time when ASIS begins handling authentications.
Together with the current timestamp, it specifies the interval during which the following statistics are accumulated. This value is also returned as the type time_t.
total authentications (O)
is the total number of authentications (both Exec and API);
includes those currently in progress.
authentications passed (O)
is the total number of authentications (both Exec and API) that passed.
authentications failed (O)
is the total number of authentications (both Exec and API) that failed.
authentications declined (O)
is the total number of authentications (both Exec and API) that were declined by ASIS.
authentications aborted (O)
is the total number of authentications (both Exec and API), that aborted. Aborted authentications include terminal timeouts and AM requests to terminate an authentication
ASIS version (O) is the 48-character identifier of the current ASIS version.
API authentications total (O)
is the total number of authentications received through the authentication API including those currently in progress. To determine the number of authentications received from the Exec, subtract this field from total authentications.
API authentications passed (O)
is the total number of authentications received through the authentication API that passed.
API authentications failed (O)
is the total number of authentications received through the authentication API that failed.
API authentications declined (O)
is the total number of authentications received through the authentication API that were declined by ASIS.
API authentications aborted (O)
is the total number of authentications received through the authentication API that aborted.
API authentications continued (O)
is the total number of authentications received through the authentication API (AUTH_CONTEXT) that were given a continue status.
Note: These are included in the total number of authentications, but may never result in a pass, fail, or decline, because the caller may never continue the authentication.
API authentications AUTH_USER (O)
is the total number of authentications received through the authentication API AUTH_USER.
API authentications AUTH_ CONTEXT (O)
is the total number of authentications received through the authentication API AUTH_ CONTEXT.
API calls in active hacker frustration delay (O)
is the number of authentications received through the authentication API that are currently being actively delayed in ASIS due to hacker frustration.
API hacker frustration records existing (O)
is the number of hacker delay records that currently exist within ASIS.
API hacker frustration records returned (O)
is the number of hacker delay records returned in the packet. This may be less than the total number of records that exist if all do not fit in the packet.
API hacker frustration records (O)
are hacker delay records detailing the current hacker delay activity. See the following text section, “Hacker Delay Record Format.”
Additional Statuses Returned None.