Cybersecurity
DevOps Cloud (ADM)
IT Operations Cloud
Summary
This guide will show various steps to check logs for Risk based policy.
Products
Access Manager (NAM)
Environment
NetIQ Access Manager 5.0.2
Resolution
Below are the steps:
1) Please use rule validation utility: https://<identity-server-base-url>:port/nidp/test/risk
2) Please use HTTPS request response in browser developer tool using F12
3) Configure NAM logging with the steps below:
a. Under IDP logging and auditing set the below fields to DEBUG:
- Application
- Web Service Consumer
- Web Service Provider
After that, go to IDP server -> tailf /var/opt/novell/nam/logs/idp/tomcat/catalina.out > issue_idp_1
for logging of RBA based issue in catalina.out
b. In the collected catalina.out search for ‘risk’ strings
-> Verify risk authentication class run
RiskBasedAuthenticationClass.doAuthenticate
-> Verify rules are evaluated
RiskManager.evaluateRisk
->Verify risk score calculated
RiskBasedAuthenticationClass.A
4) Please use fiddler trace:
Open the browser, clear the cookie with a fresh session
Open fiddler, capture the traffic (Please make sure tools->fiddler option -> capture Http Connects and Decrypt HTTPS traffic is enabled)
URL Name
KM000010245