PingAuthorize makes the following gauges available. You can manage these gauges using the administrative console or the dsconfig tool.
| Gauge name | Enabled by default | Description |
|---|---|---|
Available File Descriptors |
true |
Monitors the number of file descriptors available to the server process. The server allows for an unlimited number of connections by default but is restricted by the file descriptor limit on the operating system. You can configure the number of file descriptors that the server
uses by either setting the
NUM_FILE_DESCRIPTORS environment
variable or by creating a
config/num-file-descriptors file with a
single line such as,
Running out of available file descriptors can lead to unpredictable behavior and severe system instability. |
Certificate Expiration (Days) |
true |
Monitors the expiration dates of key server certificates. A server certificate expiring can cause server unavailability, degradation, or loss of key server functionality. Replace certificates nearing the end of their validity as soon as possible. For more information about server certificates and how they are managed, see the status tool or Status in the administrative console. |
CPU Usage (Percent) |
true |
Monitors server CPU use and provides an averaged percentage for the interval defined. The monitored resource is the host system's CPU, which does not include a resource identifier. If CPU use is high, check the server's current workload and other processes on the system and make any needed adjustments. Reducing the load on the system will lead to better response times. |
Disk Busy (Percent) |
true |
Monitors the percentage of disk use time averaged over the specified update interval. This gauge requires that you enable the Host System Monitor
Provider and that you register any monitored disks by using the
The resource identifier for this gauge is the disk device name. Use the iostat command or a similar system utility to see a list of disk device names. A separate gauge monitor entry is created for each monitored disk. |
Endpoint Average Response Time (Milliseconds) |
false |
Monitors the average response time across all endpoints since the server was started. This number does not include requests to the upstream server. There is no resource identifier associated with this gauge. The monitored resource is overall response time of all requests to PingAuthorize servlets since the server was started. High response times might be indicative of a number of factors including a disk-bound server, network latency, or misconfiguration. Enabling the Stats Logger plugin can help isolate problems. For more information, see Endpoint Average Response Time (Milliseconds) gauge. |
HTTP Processing (Percent) |
true |
Monitors the percentage of time that request handler threads spend processing HTTP requests. This percentage represents the inverse of the server's ability to handle new requests without queueing. For more information, see HTTP Processing (Percent) gauge. |
JVM Memory Usage (Percent) |
true |
Monitors the percentage of Java Virtual Machine memory that is in use. This value naturally fluctuates due to garbage collection, so the minimum value within an interval is reported because it is a better indication of overall memory growth. When the memory usage exceeds 90%, open a case with Ping Identity Support because the server is either misconfigured or has a memory leak. As memory usage approaches 100%, the server is more and more
likely to experience garbage collection pauses, which leave the
server unresponsive for a long time. Restarting the server is
likely the only remedy for this situation. Before you restart
the server, run collect-support-data and
capture the output of |
License Expiration (Days) |
true |
Monitors the expiration date of the product license. An expired license causes warnings to appear in the server's logs and in the status tool output. Request a license key through the Ping Identity licensing website https://www.pingidentity.com/en/account/request-license-key.html or contact sales@pingidentity.com. Use the dsconfig tool to update the License configuration's license key property. |
Memory Usage (Percent) |
false |
Monitors the percentage of memory use averaged over the update interval defined. The monitored resource is the host system's memory use, which does not have a resource identifier. Some operating systems, including Linux, use the majority of memory for file system cache, which is freed as applications need it. If memory use is high, check the applications that are running on the server. |
|
Policy Decision Service Availability |
true |
Monitors availability of the Policy Decision Service. If the Policy Decision Service is misconfigured or cannot reach the deployment package store, PingAuthorize services will be unavailable. Ensure that the For more information, see Policy Decision Service Availability gauge. |
Strong Encryption Not Available |
true |
Indicates the JVM does not appear to support strong encryption algorithms, like 256-bit AES. The server will fall back to using weaker algorithms, like 128-bit AES. To enable support for strong encryption, update your JVM to a newer version that supports it by default; alternatively, install or enable the unlimited encryption strength jurisdiction policy files in your Java installation. |
User Store Availability |
true |
Monitors availability of the SCIM user store. If the LDAP directory servers are unavailable, the "UserStoreAdapter" cannot forward requests. Also, the server cannot process SCIM requests or perform token owner lookups. Ensure that LDAP directory servers are available. For more information, see User Store Availability gauge. |