Our PAM administrators see the following messages on top of the PAM dashboard after login:
PAM-CMN-3136: Metrics auto archive failed. Please check configuration.
PAM-CMN-3137: Audit Log auto archive failed. Please check configuration.
How can we resolve this?
Release : All supported releases as of June 2022
Component : PRIVILEGED ACCESS MANAGEMENT
All PAM releases have configurations for automatic purging of metric and auditlog data from Credential Management. Data are archived to the session recording share by default. The configuration is found on the Settings > Credential Manager > Auto-Archive page in. Possible reasons for a failed auto-archive attempt are:
- No session recording share is configured on the Configuration > Logs > Session Recording > External Storage page.
- The share is configured but currently not available.
- Share permissions do not allow creation of sub-directories for the storage of session recording data.
Also note that the warnings do not disappear automatically once the archive process starts working.
Review your session recording share configuration and make sure that the share shows as Mounted and available on the Settings > Credential Manager > Auto-Archive page. Clear the dashboard messages by clicking the RESET DASHBOARD WARNINGS button at the bottom of this page. This is a necessary step. The messages will not clear automatically when the archive process starts working.
When the archive process works, you will find subdirectories "server-<Hardware ID>/auditlogs-<Hardware ID>" and "server-<Hardware ID>/metrics-<Hardware ID>" on the recording share. In these subdirectories you will find files containing copies of the data that was purged out of the PAM database.
If the messages come back the next day even when the configured mount is shown as available, go to the Configuration > Diagnostics > Diagnostic Logs > Download page and download the tomcat log by clicking on DOWNLOAD in the top row. Check for messages around 12:05 AM. This is the time that the archive process kicks off. If there are messages reporting a failure to create directories, check the permissions on the configured share.
If you can't resolve the problem on your own, please open a support case and attach a screenshot showing the share availability, the tomcat log and the session logs retrieved from the Sessions > Logs page.