header2401×1351 197 KB

	Description	Script to assist with troubleshooting SailPoint virtual appliances
	Legal Agreement	By using this CoLab item, you are agreeing to SailPoint’s Terms of Service for our developer community and open-source CoLab.
	Repository Link	GitHub - sailpoint-oss/colab-stunt-script
	Supported by	Community Support

Overview

STUNT is an acronym for Support Team Unified Network Test. The script itself has grown beyond just network testing at this point, as it now collects a snapshot of information from a SailPoint virtual appliance (commonly referred to as a “VA”) to assist in troubleshooting.

Requirements

• A SailPoint VA with SSH access

Guide

If your VA has Internet access, try pulling the stunt script and executing it with this single-line command:

wget -O ~sailpoint/stunt_22.sh https://raw.githubusercontent.com/sailpoint-oss/colab-stunt-script/main/stunt.sh; bash ~sailpoint/stunt_22.sh -L

If your VA does not have access to the Internet, use the following process:

1. Download the zip file from the support ticket to your local machine
2. Upload the zip file to your VA via some secure method. This can be the “scp” binary on Windows Powershell, the “scp” binary on a Mac/Linux terminal, or another utility like WinSCP
3. SSH into the VA
4. Unzip the file with this command:
   unzip stunt_22.zip
5. Make the shell script executable with this command:
   chmod +x stunt_22.sh
6. Run the script with this command, or as directed by your Support contact:
   ./stunt_22.sh

You can modify the command in the final step to use any of the flags (or options) available to the script. Here is a list and those flags and what they do:

Table of options
-h	Show the help text
-t	Add a traceroute test to SQS
-p	Add a ping test
-f	Add automatic fixes; STUNT can detect some problems and attempt to fix them, but no changes are made without being opted-in by using this flag
-l or -L	Gather all logs plus the stuntlog, and create a tar.gz archive of everything. The file this creates can be large, but usually it’s anywhere from 30-100MB.
-j	Add collection of the last day of the systemd journal (requires -l/-L)
-u	Only perform forced update steps (this makes system changes, and requires at least one reboot when successful). If used, no other tests or data gathering will be performed.
-c	Only perform a series of curl tests - this alternates between SQS and S3, and outputs to a new stuntlog. If used, no other tests or data gathering will be performed.

The most commonly used option is the -L flag which collects logs, like this: ./stuntv_22.sh -L

NOTE: Once the operation is complete, the final line of output contains a ready-to-use scp command you can copy and paste to your local machine in order to retrieve the tar.gz file the script creates for you. Provide this entire file to the SailPoint support team member via your case.

Hi @roddy_toomim thank you for sharing this. Can I suggest an update to the script to account for demo tenants? Our ambassador labs and partner tenants have a different domain of identitynow-demo.com and this script isn’t able to handle that when it does the connectivity tests.

When is the stunt script that comes along with the VA be updated? It seems that there is still version 1.4 used.

Feel free to fix this bug: VA: stunt script performs the keyPassphrase check incorrectly