PingDirectory

PingDataMetrics server gauges

The PingDataMetrics server provides a number of built-in gauges to monitor PingDataMetrics server performance. These gauges are listed in the following table:

Gauge Name Enabled by default? Description

Available File Descriptors

true

Monitors the number of file descriptors available to the server process. The server allows for an unlimited number of connections by default, but is restricted by the file descriptor limit on the operating system. The number of file descriptors that the server will use can be configured by either using a NUM_FILE_DESCRIPTORS environment variable, or by creating a config/num-file-descriptors file with a single line such as NUM_FILE_DESCRIPTORS=12345. If these are not set, the default of 65535 is used. Running out of available file descriptors can lead to unpredictable behavior and severe system instability.

Certificate Expiration (Days)

true

Monitors the expiration dates of key server certificates. A server certificate expiring may cause server unavailability, degradation, or loss of key server functionality. Certificates nearing the end of their validity should be replaced as soon as possible. See the status tool, or Status in the Administrative Console, for more information about server certificates and how they are managed.

CPU Usage (Percent)

true

Monitors server CPU use and provides an averaged percentage for the interval defined. The monitored resource is the host system’s CPU, which does not include a resource identifier. If CPU use is high, check the server’s current workload and other processes on this system and make any needed adjustments. Reducing the load on the system will lead to better response times.

Disk Busy (Percent)

true

Monitors the percentage of disk use time averaged over the specified update interval. This gauge requires that the Host System Monitor Provider be enabled and that any monitored disks be registered using the disk-devices property of that configuration object. The resource identifier for this gauge is the disk device name. Use the iostat command or a similar system utility to see a list of disk device names. A separate gauge monitor entry will be created for each monitored disk.

HTTP Processing (Percent)

true

Monitors the percentage of time that request handler threads spend processing HTTP requests. This percentage represents the inverse of the server’s ability to handle new requests without queueing.

JVM Memory Usage (Percent)

true

Monitors the percentage of Java Virtual Machine memory that is in use. This value naturally fluctuates due to garbage collection, so the minimum value within an interval is reported since it is a better indication of overall memory growth. When the memory usage exceeds 90%, this should be reported to customer support since the server is either misconfigured or has a memory leak. As memory usage approaches 100%, the server is more and more likely to experience garbage collection pauses, which leave the server unresponsive for a long time. Restarting the server is likely the only remedy for this situation. Prior to restarting the server, please run collect-support-data and capture the output of 'jmap -histo ' to provide to customer support. The pid of the server can be found from/logs/server.pid.

License Expiration (Days)

true

Monitors the expiration date of the product license. An expired license will cause warnings to appear in the server’s logs and in the status tool output. Request a license key through the Ping Identity licensing website https://www.pingidentity.com/en/account/request-license-key.html or contact sales@pingidentity.com. Use the dsconfig tool to update the License configuration’s license key property.

Memory Usage (Percent)

false

Monitors the percentage of memory use averaged over the update interval defined. The monitored resource is the host system’s memory use, which does not have a resource identifier. Some operating systems, including Linux, use the majority of memory for file system cache, which is freed as applications need it. If memory use is high, check the applications that are running on the server.

Strong Encryption Not Available

true

The JVM does not appear to support strong encryption algorithms, like 256-bit AES. The server will fall back to using weaker algorithms, like 128-bit AES. To enable support for strong encryption, update your JVM to a newer version that supports it by default, or install or enable the unlimited encryption strength jurisdiction policy files in your Java installation.