Note: this component is designated "advanced", which means that objects of this type are not expected to be created or altered in most environments. If you believe that such a change is necessary, you may want to contact support in order to understand the potential impact of that change.
The Alert Backend provides information about administrative alerts that have been generated recently within the server.
↓Parent Component
↓Properties
↓dsconfig Usage
The Alert Backend component inherits from the Notification Backend
The properties supported by this managed object are as follows:
General Configuration Basic Properties: | Advanced Properties: |
---|---|
↓ description | ↓ backend-id |
↓ enabled | ↓ base-dn |
↓ writability-mode | ↓ set-degraded-alert-when-disabled |
↓ return-unavailable-when-disabled | |
↓ backup-file-permissions | |
↓ notification-manager | |
Storage Configuration Basic Properties: | Advanced Properties: |
None | ↓ ldif-file |
Alert Configuration Basic Properties: | Advanced Properties: |
↓ alert-retention-time | None |
↓ max-alerts | |
↓ disabled-alert-type |
Property Group | General Configuration |
Description | A description for this Backend |
Default Value | None |
Allowed Values | A string |
Multi-Valued | No |
Required | No |
Admin Action Required | None. Modification requires no further action |
Property Group | General Configuration |
Description | Indicates whether the backend is enabled in the server. If a backend is not enabled, then its contents are not accessible when processing operations. |
Default Value | None |
Allowed Values | true false |
Multi-Valued | No |
Required | Yes |
Admin Action Required | None. Modification requires no further action |
Property Group | General Configuration |
Description | Specifies the behavior that the backend should use when processing write operations. |
Default Value | enabled |
Allowed Values | enabled - Allows write operations to be performed in that backend (if the requested operation is valid, the user has permission to perform the operation, the backend supports that type of write operation, and the global writability-mode property is also enabled). disabled - Causes all write attempts to fail. internal-only - Causes external write attempts to fail but allows writes by replication and internal operations. |
Multi-Valued | No |
Required | Yes |
Admin Action Required | None. Modification requires no further action |
Property Group | Alert Configuration |
Description | Specifies the maximum length of time that information about generated alerts should be maintained before they will be purged. |
Default Value | 7 days |
Allowed Values | A duration. Lower limit is 0 milliseconds. |
Multi-Valued | No |
Required | Yes |
Admin Action Required | None. Modification requires no further action |
Property Group | Alert Configuration |
Description | Specifies the maximum number of alerts that should be retained. If more alerts than this configured maximum are generated within the alert retention time, then the oldest alerts will be purged to achieve this maximum. A value of zero indicates that no limit should be enforced on the maximum number of alerts. |
Default Value | 1000 |
Allowed Values | An integer value. Lower limit is 0. |
Multi-Valued | No |
Required | No |
Admin Action Required | None. Modification requires no further action |
Property Group | Alert Configuration |
Description | Specifies the names of the alert types that should not be added to the backend. This can be used to suppress high volume alerts that might trigger hitting the max-alerts limit sooner than desired. Disabled alert types will not be sent out over persistent searches on this backend. |
Default Value | Alerts of all types will be added to the backend. |
Allowed Values | access-control-change - Indicates that a change has been made to the set of access control rules defined in the server. access-control-disabled - Indicates that access control evaluation has been disabled. access-control-enabled - Indicates that access control evaluation has been enabled. access-control-parse-failure - Indicates that an error occurred while trying to parse an access control rule. access-log-criteria-matched - Indicates that the server has processed an operation which matched the criteria for the admin alert access log publisher. alarm-cleared - Indicates that a previously reported alarm severity has been cleared. This does not indicate necessarily that an alarm has returned to normal as previous alarms may also be cleared before they worsen in severity. alarm-critical - Indicates that a service affecting condition has occurred and an immediate corrective action is required. Such a severity can be reported, for example, when a managed object becomes totally out of service and its capability must be restored. alarm-major - Indicates that a service affecting condition has developed and an urgent corrective action is required. Such a severity can be reported, for example, when there is a severe degradation in the capability of the managed object and its full capability must be restored. alarm-minor - Indicates the existence of a non-service affecting fault condition and that corrective action should be taken in order to prevent a more serious (for example, service affecting) fault. Such a severity can be reported, for example, when the detected alarm condition is not currently degrading the capacity of the managed object. alarm-warning - Indicates the detection of a potential or impending service affecting fault, before any significant effects have been felt. Action should be taken to further diagnose (if necessary) and correct the problem in order to prevent it from becoming a more serious service affecting fault. backend-disabled - Indicates that a Directory Server backend is disabled. backend-initialization-failed - Indicates that an error occurred while attempting to initialize a Directory Server backend. backup-failed - Indicates that an error occurred while trying to perform a backup. cannot-acquire-shared-backend-lock - Indicates that an error occurred while trying to acquire a shared lock for a backend. cannot-copy-schema-files - Indicates that an error occurred while trying to copy schema files during a schema update. cannot-decode-entry - Indicates that an error occurred while trying to decode an entry stored in a Directory Server backend. cannot-find-recurring-task - Indicates that the server could not find the task definition for a recurring task in order to schedule the next iteration. cannot-register-backend - Indicates that an error occurred while trying to register a backend. cannot-release-shared-backend-lock - Indicates that an error occurred while trying to release a shared lock for a backend. cannot-rename-current-task-file - Indicates that an error occurred while trying to rename the current task file. cannot-rename-new-task-file - Indicates that an error occurred while trying to rename the new task file. cannot-restore-backup - Indicates that an error occurred while trying to restore a backup. cannot-schedule-recurring-task-iteration - Indicates that an error occurred while trying to schedule a recurring task iteration. cannot-write-configuration - Indicates that an error occurred while trying to write an updated copy of the server configuration. cannot-write-new-schema-files - Indicates that an error occurred while trying to write a new copy of schema files during a schema update. cannot-write-server-state-file - Indicates that an error occurred while trying to write the server state file. cannot-write-task-backing-file - Indicates that an error occurred while trying to write to the task backing file. config-change - Indicates that a configuration change has been made in the Directory Server. crypto-manager-error - Indicates that the CryptoManager encountered an expected error while attempting to synchronize settings between the topology registry and the trust store backend. continuous-garbage-collection-detected - Indicates that the JVM garbage collector is running continuously. deadlock-detected - Indicates that a deadlock has been detected in the JVM in which the server is running. debug-logging-enabled - Indicates that Debug Logging is enabled. delegated-admin-configuration-errors - Indicates that Delegated Admin is not configured properly. duplicate-alerts-suppressed - This alert type is no longer used. Use the per-severity values, such as duplicate-error-alerts-suppressed, instead. duplicate-error-alerts-suppressed - Indicates that the server suppressed one or more duplicate error alert notifications. duplicate-fatal-alerts-suppressed - Indicates that the server suppressed one or more duplicate fatal alert notifications. duplicate-info-alerts-suppressed - Indicates that the server suppressed one or more duplicate info alert notifications. duplicate-warning-alerts-suppressed - Indicates that the server suppressed one or more duplicate warning alert notifications. entering-lockdown-mode - Indicates that the server is entering lockdown mode, in which case it will only accept requests from users holding the lockdown-mode privilege, and only on connections from the loopback interface. entry-references-removed-attribute-type - Indicates that the server has encountered an entry whose encoded representation references an attribute type that was once defined in the server schema, but whose definition has since been removed. exec-task-launching-command - Indicates that the server is launching a command via the exec task. exploded-index-background-delete-cleanup-failed - Indicates that an error was encountered while attempting to clean up after performing a background delete of an exploded index key. exploded-index-background-delete-failed - Indicates that an error was encountered while attempting to perform a background delete of an exploded index key. external-config-file-edit-handled - Indicates that the server has detected an external modification to the configuration file and copied that modification to a separate file. external-config-file-edit-lost - Indicates that the server has detected an external modification to the configuration file but that change was lost. external-server-initialization-failed - Indicates that an attempt to initialize an external server failed. failed-to-apply-mirrored-configuration - Indicates that although mirrored configuration was synchronized successfully from the master server, there were errors when applying it to the local server. A server restart is recommended in this case. file-retention-task-delete-failure - Indicates that a file retention task was unable to delete a file that matched the filename pattern and was outside the configured retention criteria. force-gc-complete - Indicates that the server has completed a forced synchronous garbage collection. force-gc-starting - Indicates that the server is about to invoke a forced synchronous garbage collection. http-connection-handler-duplicate-context-path - Indicates that more than one HTTP servlet or web application extension is registered to handle the same context path. The extension that handles requests for this context path will be indeterminate until the conflict is resolved. http-connection-handler-duplicate-servlet-extension - Indicates that two or more HTTP servlet extensions registered to an HTTP connection handler are based on the same type, but only one extension of that type may be assigned to the same HTTP connection handler. index-corrupt - Indicates that an index has been determined to have corrupt keys and needs to be rebuilt in order for those keys to yield correct results. The index will continue to function correctly for other keys. index-degraded - Indicates that a backend has an index in a degraded state which must be rebuilt before that index may be used. index-rebuild-completed - Indicates that a backend has completed the process of rebuilding an index. index-rebuild-in-progress - Indicates that a backend has started the process of rebuilding an index. insecure-access-token-validator-enabled - Indicates that a Mock Access Token Validator is enabled. Mock Access Token Validators allow unauthenticated access to HTTP APIs, and should only be enabled in test or demonstration deployments. invalid-privilege - Indicates that a user has been configured with an invalid privilege. je-background-sync-failed - Indicates that an error occurred while attempting to perform a synchronous write in a background thread to improve durability and smooth overall write performance. je-cleaner-disabled - Indicates that the Berkeley DB Java Edition cleaner has been disabled for a local DB backend and that the server will not attempt to restrain the size of the database environment. je-daemon-thread-exception - Indicates that an exception was encountered in the processing performed by a Berkeley DB Java Edition daemon thread. je-environment-not-closed-cleanly - Indicates that a Berkeley DB Java Edition environment may not have been closed cleanly and could require a potentially time-consuming recovery process. je-recovery-required - Indicates that a backend using the Berkeley DB Java Edition has encountered an error and must be restarted so that it can attempt to run recovery. jvm-misconfiguration - Indicates that the recommended JVM flags for this server are either missing or misconfigured. large-attribute-update-failure - Indicates that a failure occurred while attempting to update information in the large attribute backend that may have resulted in large attribute information being out of sync with the rest of the entry contents. ldap-connection-handler-cannot-listen - Indicates that an LDAP connection encountered an error when it attempted to begin listening for client connections and will therefore be disabled. ldap-connection-handler-consecutive-failures - Indicates that an LDAP connection handler has encountered consecutive failures and will be disabled. ldap-connection-handler-uncaught-error - Indicates that an LDAP connection handler has encountered an uncaught error and will be disabled. ldif-backend-cannot-write - Indicates that a problem has occurred while trying to write to the backing file for an LDIF backend. ldif-connection-handler-parse-error - Indicates that an error occurred while trying to parse an LDIF file provided to an LDIF connection handler. ldif-connection-handler-io-error - Indicates that an LDIF connection handler has encountered an I/O error while trying to look for or process a set of changes. leaving-lockdown-mode - Indicates that the server is leaving lockdown mode and resuming normal operation. log-file-rotation-listener-invoke-error - Indicates that an error has occurred while attempting to invoke a log file rotation listener. log-file-rotation-listener-processing-takes-too-long - Indicates that one or more of the configured log file rotation listeners is taking too long to complete (log files are being rotated more quickly than the listeners can be invoked to process them). logging-error - Indicates that an error has occurred while attempting to log a message. low-disk-space-error - Indicates that the amount of usable disk space has dropped below the low space error threshold. low-disk-space-warning - Indicates that the amount of usable disk space has dropped below the low space warning threshold. mirrored-subtree-manager-forced-as-master-error - Indicates that the mirrored subtree manager, which is used to keep configuration data up-to-date across servers, found that more than one server was forced to act as master either because no master could be found, or because more than one master was detected. mirrored-subtree-manager-forced-as-master-warning - Indicates that the mirrored subtree manager, which is used to keep configuration data up-to-date across servers, found that a server was forced to act as master either because no master could be found, or because more than one master was detected. mirrored-subtree-manager-no-master-found - Indicates that the mirrored subtree manager, which is used to keep configuration data up-to-date across servers, was unable to determine a suitable server to act as the master of the topology, which means that mirrored data cannot be updated. mirrored-subtree-server-not-in-topology - Indicates that this server is no longer functional because it does not exist in the topology registry most likely because it was removed from the topology with the remove-defunct-server tool. mirrored-subtree-manager-operation-error - Indicates that the mirrored subtree manager, which is used to keep configuration data up-to-date across servers, encountered an unexpected error while processing an update operation. mirrored-subtree-manager-failed-outbound-connection - Indicates that the mirrored subtree manager, which is used to keep configuration data up-to-date across servers, encountered an error while establishing a connection to a peer server within the configured grace period. mirrored-subtree-manager-connection-asymmetry - Indicates that the mirrored subtree manager, which is used to keep configuration data up-to-date across servers, has had an unequal number of outbound and inbound connections with its peer servers for more than the configured grace period. missing-schema-elements-referenced-by-backend - Indicates that a backend detected references to one or more schema elements that have been removed from the schema. monitoring-endpoint-unable-to-connect - Indicates that a monitoring endpoint was unable to connect or write to the configured host and port. no-enabled-alert-handlers - Indicates that this server does not have any alert handlers enabled beyond the default that logs to logs/error. offline-config-change-detected - Indicates that the server detected that an offline configuration change was made. out-of-disk-space-error - Indicates that the amount of usable disk space has dropped below the out of space error threshold. replication-backlogged - Indicates that the server replication backlog has exceeded the replication alert backlog threshold for longer than the replication alert backlog duration. replication-metadata-decode-failure - Indicates that an error was encountered while attempting to decode ds-sync-hist content used for replication conflict resolution. replication-missing-changes - Indicates that a Replication Server may have missed some replication changes. replication-monitor-data-unavailable - Indicates that replication monitor data is unavailable from cn=monitor. replication-plugin-message-serialization-failure - Indicates that the replication plugin failed to serialize or deserialize a replication message. replication-server-changelog-failure - Indicates that the replication server encountered an error while accessing the replication changelog database. replication-server-listen-failure - Indicates that the replication server encountered an error while trying to listen on the configured replication port. There may be another application listening on the same port or the replication server host name may not be resolvable replication-unresolved-conflict - Indicates that replication has detected a conflict that could not be automatically resolved. replication-unsent-changes - Indicates that one or more replicas were unable to send all pending update messages to the replication server before completing the shutdown process. These updates will be submitted when the server starts up. replication-replay-failed - Indicates that the server has failed to replay a replication operation. restart-required - Indicates that the server must be restarted for configuration changes to take effect. schema-checking-disabled - Indicates that schema checking is disabled in the server. restricted-subtree-accessibility - Indicates that a subtree has been read-only or hidden for longer than the configured time limit. server-shutting-down - Indicates that the server has begun the shutdown process. server-starting - Indicates that the server has begun its startup process. server-started - Indicates that the server has completed its startup process. subtree-delete-interrupted - Indicates that a subtree delete operation has been interrupted for some reason and the target subtree may have been only partially deleted. system-nanotime-stopped - Indicates that Java's System.nanoTime() has stopped returning updated values. system-current-time-shifted - Indicates that Java's System Current Time has shifted backwards. task-started - Indicates that an administrative task has started running. task-completed - Indicates that an administrative task completed successfully. task-failed - Indicates that an administrative task failed to complete successfully. third-party-extension-exception - Indicates that a third-party extension threw an unexpected exception. thread-exit-holding-lock - Indicates that a thread has exited while still holding one or more locks. uncaught-exception - Indicates that the server has detected an uncaught exception that may have caused a thread to terminate. unindexed-internal-search - Indicates that an internal component has initiated an unindexed search. unique-attribute-sync-conflict - Indicates that the server has detected a unique attribute conflict as the result of a replicated change. unique-attribute-sync-error - Indicates that the server has encountered an error while trying to detect unique attribute conflicts introduced through replication. unlicensed-product - Indicates that the server's license key is not set, is invalid, or has expired. unrecognized-alert-type - Indicates that the server encountered an alert type that it did not recognize. user-defined-error - Indicates that an externally-developed component has generated an error alert notification. user-defined-fatal - Indicates that an externally-developed component has generated a fatal error alert notification. user-defined-info - Indicates that an externally-developed component has generated an informational alert notification. user-defined-warning - Indicates that an externally-developed component has generated a warning alert notification. worker-thread-caught-error - Indicates that a worker thread encountered an unexpected error that has caused it to terminate. work-queue-backlogged - Indicates that the work queue has accumulated a significant backlog. work-queue-full - Indicates that the server work queue has reached its maximum capacity and has begun rejecting client requests. work-queue-no-threads-remaining - Indicates that the server will shut down because all worker threads have exited due to errors. server-jvm-paused - Indicates that the server's JVM paused possibly due to misconfiguration. sensitive-trace-data-logged-warning - Indicates that the configuration of a Trace Log Publisher might result in sensitive information being logged. replication-generation-id-mismatch - Indicates that the generation ID stored in the backend does not match the generation ID stored in the replication changelog database. |
Multi-Valued | Yes |
Required | No |
Admin Action Required | None. Modification requires no further action |
backend-id (Advanced Property, Read-Only)
Property Group | General Configuration |
Description | Specifies a name to identify the associated backend. The name must be unique among all backends in the server. The backend ID may not be altered after the backend is created in the server. |
Default Value | alerts |
Allowed Values | A string |
Multi-Valued | No |
Required | Yes |
Admin Action Required | None. Modification requires no further action |
base-dn (Advanced Property, Read-Only)
Property Group | General Configuration |
Description | Specifies the base DN(s) for the data that the backend handles. A single backend may be responsible for one or more base DNs. Note that no two backends may have the same base DN although one backend may have a base DN that is below a base DN provided by another backend (similar to the use of sub-suffixes in the Sun Java System Directory Server). If any of the base DNs is subordinate to a base DN for another backend, then all base DNs for that backend must be subordinate to that same base DN. |
Default Value | cn=alerts |
Allowed Values | A valid DN. |
Multi-Valued | Yes |
Required | Yes |
Admin Action Required | No administrative action is required by default although some action may be required on a per-backend basis before the new base DN may be used.
Although it is currently supported, the use of multiple base DNs per backend is not recommended and this capability may be removed in the future. If you are considering the use of multiple base DNs in a backend, you should first contact Ping Identity support to discuss this configuration |
set-degraded-alert-when-disabled (Advanced Property)
Property Group | General Configuration |
Description | Determines whether the Directory Server enters a DEGRADED state (and sends a corresponding alert) when this Backend is disabled. |
Default Value | true |
Allowed Values | true false |
Multi-Valued | No |
Required | No |
Admin Action Required | None. Modification requires no further action |
return-unavailable-when-disabled (Advanced Property)
Property Group | General Configuration |
Description | Determines whether any LDAP operation that would use this Backend is to return UNAVAILABLE when this Backend is disabled. |
Default Value | true |
Allowed Values | true false |
Multi-Valued | No |
Required | No |
Admin Action Required | None. Modification requires no further action |
backup-file-permissions (Advanced Property)
Property Group | General Configuration | ||||||
Description | Specifies the permissions that should be applied to files and directories created by a backup of the backend. They should be expressed as three-digit octal values, which is the traditional representation for UNIX file permissions. The three digits represent the permissions that are available for the file or directory's owner, group members, and other users (in that order), and each digit is the octal representation of the read, write, and execute bits. Execute permissions are only applied to directories. If the underlying platform does not allow the full level of granularity specified in the permissions, then an attempt will be made to set them as closely as possible to the provided permissions, erring on the side of security. Due to Java platform limitations, it may not be possible to set group member permissions independently of other user permissions, even on UNIX. | ||||||
Default Value | 700 | ||||||
Allowed Values | Any octal value between 700 and 777 (the owner must always have read, write, and execute permissions). Example values
| ||||||
Multi-Valued | No | ||||||
Required | No | ||||||
Admin Action Required | None. Modification requires no further action |
notification-manager (Advanced Property)
Property Group | General Configuration |
Description | Specifies a notification manager for changes resulting from operations processed through this Backend |
Default Value | None |
Allowed Values | The DN of any Notification Manager. |
Multi-Valued | No |
Required | No |
Admin Action Required | None. Modification requires no further action |
ldif-file (Advanced Property, Read-Only)
Property Group | Storage Configuration |
Description | Specifies the path to the LDIF file that serves as the backing file for this backend. |
Default Value | config/alerts.ldif |
Allowed Values | A filesystem path |
Multi-Valued | No |
Required | Yes |
Admin Action Required | None. Modification requires no further action |
To list the configured Backends:
dsconfig list-backends [--property {propertyName}] ...
To view the configuration for an existing Backend:
dsconfig get-backend-prop --backend-name {name} [--tab-delimited] [--script-friendly] [--property {propertyName}] ...
To update the configuration for an existing Backend:
dsconfig set-backend-prop --backend-name {name} (--set|--add|--remove) {propertyName}:{propertyValue} [(--set|--add|--remove) {propertyName}:{propertyValue}] ...