We have installed CA PAM in a clustered environment with 2 nodes and one Threat Analytics server with AD as an authentication source. We also configured NFS for session recordings and I can confirm that the storage is mounted and the sessions are saved to the mounted folder. I also configured metric and audit auto-archive with Archive to PRIMARY mount, then purge with age set to 14 days. For the folder, I tested with archives and also an empty string, but the next morning I got for both cases the error PAM-CMN-3136: Metrics auto archive failed. Please check Settings and, Credential Man in the dashboard.
The NFS admin confirmed that the NFS export does have privileges to create folders.
In the tomcat logs, there are messages like:
00:05:00.008+0000 SEVERE [MetricAutoArchiveThread] com.cloakware.cspm.server.app.impl.AbstractAutoArchiveThread.doRun MetricAutoArchiveThread.could not obtain the AutoArchive process lock.
00:10:00.008+0000 SEVERE [AuditLogAutoArchiveThread] com.cloakware.cspm.server.app.impl.AbstractAutoArchiveThread.doRun AuditLogAutoArchiveThread.could not obtain the AutoArchive process lock.
Release : 3.3x, 4.x
Component : PRIVILEGED ACCESS MANAGEMENT
The folder that was supposed to be created to hold the archived data was not created for this issue, this could be a configuration issue or an environmental problem with no permission for creating folders in the NFS location from CA PAM
Creating the required folders for Audit and Metric logs manually in the NFS location resolves the problem.