hsm information monitor

Sample the HSM to get some statistics, such as, HSM up-time, command counts, and utilization counters.

A single run of this command, without arguments, takes approximately five seconds to complete. One measurement is taken at launch, then after five seconds (the default minimum) a second measurement is taken and compared with the first.

The date and time in the output are derived from:

>The system time

>The HSM count of seconds since reset

In the examples, note the line "HSM Last Reset (+/- 5 Secs Error Margin)..." That margin is due to possible variability of the default system clock. To improve the accuracy of the input to those calculations, we suggest that you use NTP for system time. If that is inconvenient, or is blocked by your security regime, then we suggest using sysconf drift to precisely set the time, and then manage/prevent clock drift.

NOTE For ongoing/continual collection of such HSM information, Thales recommends using SNMP.

See Performance Monitoring.

User Privileges

Users with the following privileges can perform this command:

>Admin

>Operator

>Monitor

Syntax

hsm information monitor [-serial <integer>] [-interval <integer>] [-rounds <integer>] [-noheader] [-save]

Argument(s)	Shortcut	Description
-interval <integer>	-i	Set the interval over which the HSM is polled, in seconds Range: 5 to 999 Default: 5 seconds.
-noheader	-n	Turn off the header and footer that are normally provided with the displayed or saved records. You might choose to omit the header and footer in a saved file, in order to make the file cleaner for concatenation and parsing by your analysis tools.
-rounds <integer>	-r	Set the number of samples to collect during the HSM polling. The default is a single round, which includes a first sample at the time the command is launched, followed by the interval (either the default 5 seconds, or the interval that you specified), followed by a second sample which is compared with the first, to complete the round. The maximum number of rounds for one operation of hsm information monitor is 65535. Range: 1 to 65535 Default: 1
-save	-sa	Save the captured-and-calculated records to a file named hsm_stats, while also displaying the output to your terminal. The filename is not modifiable, so contents are overwritten each time the command is run. Use 'scp' to retrieve the file to a workstation for analysis.
-serial <integer>	-se	Specifies the serial number of HSM to monitor. The default is to use the embedded HSM. This parameter is optional if your Luna Network HSM does not have additional HSMs attached. If you have a USB-connected HSM, such as Luna USB HSM for PKI, then this command defaults to showing utilization data from the embedded HSM, but the serial parameter allows you to select an HSM other than the default. Data is collected for a single HSM when the command is run.

Example

In the examples below, "Average HSM Utilization" is calculated as (<period-uptime> - <period-idle-time>) / (<period-uptime> * 100).

With no arguments (output to terminal):

lunash:>hsm information monitor

-------------------|---------------------------------|---------------------------------
                   |       HSM Command Counts        |        HSM Utilization (%)
 HSM Uptime (Secs) |-----------------|---------------|-----------------|---------------
                   | Since HSM Reset | Last   5 Secs | Since HSM Reset | Last   5 Secs
-------------------|-----------------|---------------|-----------------|---------------
         1,115,399 |      57,468,854 |            30 |            1.27 |          0.21
-------------------|-----------------|---------------|-----------------|---------------

    Average HSM Utilization In This Period  :  0.21%

    HSM Last Reset       :  Mon Jul  4 14:43:20 2016
    HSM Has Been Up For  :  9 day(s), 22:30:40

Command Result : 0 (Success)

With arguments (output to file):

lunash:>hsm information monitor -interval 6 -rounds 6 -save

-------------------|---------------------------------|---------------------------------
                   |       HSM Command Counts        |        HSM Utilization (%)
 HSM Uptime (Secs) |-----------------|---------------|-----------------|---------------
                   | Since HSM Reset | Last   6 Secs | Since HSM Reset | Last   6 Secs
-------------------|-----------------|---------------|-----------------|---------------
           859,370 |     103,545,072 |           241 |            1.03 |          1.46
           859,376 |     103,545,569 |           497 |            1.03 |          0.46
           859,382 |     103,545,570 |             1 |            1.03 |          0.00
           859,388 |     103,545,571 |             1 |            1.03 |          0.01
           859,394 |     103,545,812 |           241 |            1.03 |          1.46
           859,400 |     103,545,813 |             1 |            1.03 |          0.00
-------------------|-----------------|---------------|-----------------|---------------

    Average HSM Utilization In This Period  :  0.57%

    HSM Last Reset       :  Mon Jul  4 14:43:21 2016
    HSM Has Been Up For  :  9 day(s), 22:43:20


The output has been saved to a file named `hsm_monitor_56726.txt`.
Output is appended if the file already exists.
Use `my file delete hsm_monitor_56726.txt` to remove the file.
Use `scp` to retrieve the file to an external workstation for further analysis.


Command Result : 0 (Success)



	SUPPORT	LEGAL
Luna Network HSM 7 Documentation © Copyright 2001-2024, Thales Group Last Updated: 2024-05-06 11:28:46 GMT-04:00	Customer Release Notes Customer Support Portal Support Contacts	End User License Agreement Third Party Software Licenses Document Information