What do the various acronyms in CA Strong Authentication and CA Risk Authentication logs stand for ?

book

Article ID: 16842

calendar_today

Updated On:

Products

CA Rapid App Security CA Advanced Authentication CA API Gateway

Issue/Introduction

CA Strong Authentication and Risk Authentication logs contain useful information that summarizes the transaction that has ended. Some of the performance information is displayed as arcronyms. Per Advanced Authentication components, these acronyms are shared below. 



What do the various acronyms in CA Strong Authentication and CA Risk Authentication logs stand for ? 

Environment

Production / Lower Environments

Resolution

CA Strong Authentication Server (AKA Webfort / Authminder)

 

Client/client SDK logs:

2017-03-24 12:26:38,580 [http-apr-8080-exec-6] INFO  TxnMarker,(http-apr-8080-exec-6:30) - Txn-Begin : OP=create | CTxID=_E19K_1_44

2017-03-24 12:26:38,674 [http-apr-8080-exec-6] INFO  TxnMarker,(http-apr-8080-exec-6:44) -  Txn-End : OP=create | CTxID=_E19K_1_44 | STxID=8004 | RC=0 | REC=0 | TOT=94 | SRT=72 | TGC=16 | TRC=0 | TWR=0 | TRD=62 | TCR=-1 | RTC=0 | NCA=-1 | NCB=-1

Fields Description:

OP                          - Identifier for the operation or Operation to be requested to the server

CTxID                    - Client (i.e. Java SDK) transaction identifier

STxID                     - WebFort server transaction identifier

RC                           - Response code, indicates the final status of the transaction

REC                        - Further detailed status of the transaction, typically applicable in case of failure

TOT                        -Total time taken to process the API call

SRT                         - Time taken by the server to process and respond to the request

TGC                        - Time taken to get the connection from the

TRC                        - Time taken to return the connection to the pool

TWR                       - Time take to write to the socket

TRD                        - Time take to read from the socket

TCR                        - Time taken to create a new connection

RTC                        - Retry count, number of attempts made on the pool to get the connection

NCA                       - Number of connections available in the pool at this point in time

NCB                       - Number of connections borrowed from the pool at this point in time

 

Web fort Server logs:

03/09/17 14:07:13.405 INFO TXN_WS -321016976 465169637 - Txn-End : TxnID=465169637 | ClientTxnID=[] | Processor=20 (ISSUANCE) | Operation=2103 (ISSUANCE_CRED_FETCH) | Response=0 (SUCCESS) | Reason=0 (UNDEFINED) | RespSize=3857 | Time=93 | DBT=35 | NQ=3 | ExtEvents={ NONE } | AddInfo=[Credential(s) : {ARCOTID}] | LTB=01375 | LNL=0009/0009 | LML=154

Fields Description:

TxnID                     - Transaction identifier generated by Web fort Server upon client request.                            

ClientTxnID=[]   - Client (typically Java SDK) transaction identifier

Processor            - Internal identifier for processing module

Operation           - Identifier for the operation which is associated with Processor

Response            - Response code, indicates the final status of the transaction

Reason                 - Further detailed status of the transaction, typically applicable in case of failure

RespSize              - Size of the response sent to the client in bytes

Time                      - Time taken to process the request

uDBT                     - Total DB Queries Execution Time

nNQ                       - Total Executed DB Queries Count

ExtEvents            - Any external events triggered, this is applicable in case of plug-in/call-out

Additional Info:

Credential(s)       - Credential Type

LTB                         - Total Number of Bytes Logged

LNL                         - Total Number of lines logged/attempted

 (Total Num Calls Served/Total Num Calls)

LML                        - Max Number of Bytes among the Calls Served 

 

Risk Fort Server:

 

Client/client SDK logs:

2017-03-24 14:15:05,015 [http-apr-8080-exec-7] INFO  arcot.riskfortAPI.RFPerfLogger(30)  -> [http-apr-8080-exec-7]Txn-Begin : Operation=PE | SId=2:21

2017-03-24 14:15:05,015 [http-apr-8080-exec-7] DEBUG arcot.riskfortAPI.RiskXActionAPI(364)  -> PostEvaluate: Transaction ID of evaluateRisk = 2:21| SecondaryAuthStatus = true

2017-03-24 14:15:05,015 [http-apr-8080-exec-7] DEBUG arcot.riskfortAPI.RiskXActionAPI(369)  -> PostEvaluate: UserName = user2

2017-03-24 14:15:05,015 [http-apr-8080-exec-7] DEBUG arcot.riskfortAPI.RiskXActionAPI(815)  -> updateAttributes: XML Request

Server response logs received by client:

2017-03-24 14:15:05,062 [http-apr-8080-exec-7] INFO  arcot.riskfortAPI.RFPerfLogger(39)  -> [http-apr-8080-exec-7]Txn-End : Operation=UA | CTID=RF_E_WCvR_http-apr-8080-exec-7_3 |SId=2:21 | TxnId=2:22 | Time=47 | TGC=0 | TRC=0 | TWR=0 | TRD=32 | TCR=-1 | RTC=0 | NCA=-1 | NCB=-1

2017-03-24 14:15:05,062 [http-apr-8080-exec-7] DEBUG arcot.riskfortAPI.RiskXActionAPI(474)  -> PostEvaluate: PostEvaluateResponse: Transaction ID = 2:22, isAllowed = true

2017-03-24 14:15:05,062 [http-apr-8080-exec-7] INFO  arcot.riskfortAPI.RFPerfLogger(56)  -> [http-apr-8080-exec-7]Txn-End : Operation=PE | SId=2:21 | Time=47

Fields Description:

http-apr-8080-exec-7     - http request created by client

Operation                            - Operation requested by client or user

CTID                                       - Client transaction identifier

Session ID                            - Session identifier

TxnId -                                  - Server Transaction identifier received by client

Time                                      - Time taken to process the request

TGC                                        - Time taken to get the connection from the pool

TRC                                        - Time taken to return the connection to the pool

TRD                                        - Time take to read from the socket

TCR                                        - Time taken to create a new connection

RTC                                        - Retry count, number of attempts made on the pool to get the connection

NCA                                       - Number of connections available in the pool at this point in time

NCB                                       - Number of connections borrowed from the pool at this point in time

 

CA Risk Authentication (AKA RiskFort/Riskminder) Server Logs:

Thu Mar 09 14:13:58.308 2017 INFO: pid 25551 tid 4118780784: 8: 7:56607694: TE:SDKTID=[RF_E_6K47_[ACTIVE] ExecuteThread: '169' for queue: 'weblogic.kernel.Default (self-tuning)'_43]| Op=[1]| CID=[AFM]| RC=[0] | RS=[949]| XMLT=[0]| RT=[112]| PT=[147]| NDB=[11]| DBT=[60]| DIDT=[-1] NUDS=[1] UDST=[47] RVLKUP=[0]

Fields Description:

TE:SDKTID           - SDK transaction identifier ( client request ID )

Op                          - Operation to be performed by server and requested by client

CID                         - If the request received by client then it is the combination of  "callerID | session ID"

                                   If it is requested by AFM then it is "AFM"

RC                           - Response code, indicates the final status of the transaction

RS                           - Response size

XMLT                     -Time taken for parsing the xml message received by the server.

RT                           -Time taken b/w receiving the message to sending the message

PT                           -Time taken b/w receiving the message and creating a case (if any).

NDB                       -Total Number of DB Queries Execution Time

DBT                        -Time taken by the DB Queries execution

DIDT                      -Time taken for device id generation

NUDS                    -Total number of UDS request for a transaction.

UDST                     -Total time taken by UDS requests for a transaction

RVLKUP                -If the client/User is not provided with Device ID then this flag will be set by client. Server will get the associated device ID from DB.

If the client/User is provided with Device ID then this flag has no effect on the transaction.