This section describes how to install the PingDataMetrics server.
PingDataMetrics will be deprecated in the PingDirectory 10.0 release. For more information about support for versions of PingDirectory containing PingDataMetrics, see Ping Identity's End-of-Life Policy (sign on required).
To monitor and provide statistics for your PingDirectory suite of products, see Monitoring PingDirectory metrics with Splunk.
Click the following tabs to see instructions for the task you want to perform.
Configuring a non-root user
The PingDataMetrics server installer cannot be run as the root user, and generally, the server (and PostgreSQL) should not be run as root.
As a non-root user, network port numbers below 1024 cannot be used.
In general, the account must do the following:
- Listen on privileged network ports.
- Bypass restrictions on resource limits.
For security, the account should be restricted from the following:
- The ability to see processes owned by other users on the system.
- The ability to create hard links to files owned by other users on the system.
Configuring servers to be monitored
Before installing the PingDataMetrics server, configure the servers to be monitored:
- PingDirectory server
- PingDirectoryProxy server
- PingDataSync server
- PingAuthorize
The monitored servers require sufficient disk space to store the monitoring data and can be configured with Tracked Applications if there are specific application bind distinguished names (DNs) that should be monitored.
Disk space requirements and monitoring intervals
The metrics backend on the monitored servers is responsible for the temporary storage of
metric data and is configured to keep a maximum amount of metric history based on log
retention policies, which are configured with the dsconfig
command.
The default retention policies define a cap on disk space usage, which in turn determines the amount of metric history retained. If the PingDataMetrics server is stopped for a period of time, the monitored servers should be configured to retain enough metrics history to prevent gaps in data when the PingDataMetrics server restarts. The amount of disk space required for metrics history might also depend on the monitored server's Stats Collector Plugin settings. In general, 500MB is enough to retain an eight-hour span of metrics history.
The value of the sample-flush-interval property
of the monitored server's
metrics backend determines the maximum delay between when a metric is captured and when
it can be picked up by the PingDataMetrics server. The
flush interval can be set between 15 and 60 seconds, with longer values resulting in
less processing load on the PingDataMetrics server.
However, this flush interval increases the latency between when the metric was captured
and when it becomes visible in a chart or dashboard. Changing the
sample-flush-interval
attribute to 60 seconds has the PingDataMetrics server keep 2000 minutes of history.
The number of metrics produced per unit of time varies based on the configuration. No formula can compute exact storage required for each hour of history. However, 60MB per hour is a standard estimate.
Tracked applications
If the PingDataMetrics server monitors client applications associated with the monitored servers, configure the Tracked Applications feature for monitored servers as well.
Activity performed by a particular LDAP bind DN can be associated with a PingDataMetrics server application-name, which in turn can be included in PingDataMetrics server service level agreement (SLA) definitions.
The Processing Time Histogram plugin is configured on each PingDirectory server and PingDirectoryProxy server as a set of histogram ranges. These
ranges should be defined identically across all monitored servers. For each monitored
server, set the separate-monitor-entry-per-tracked-application
property
of the processing time histogram plugin to true
. Per-application
monitoring information appears under cn=monitor
. The
per-application-ldap-stats
property must also be set to
per-application-only
in the Stats Collector Plugin. For Tracked
Application configuration details, see the PingDirectory Server Administration Guide.
The following example sets the required property of the Processing Time Histogram plugin:
$ bin/dsconfig set-plugin-prop \
--plugin-name "Processing Time Histogram" \
--set separate-monitor-entry-per-tracked-application:true
The following example sets the required property of the Stats Collector plugin:
$ bin/dsconfig set-plugin-prop \
--plugin-name "Stats Collector" \
--set per-application-ldap-stats:per-application-only
Installing the server
Use the setup
command to install the server.
The server must be started and stopped by the user who installed it.
A Windows installation requires that the Visual Studio 2010 runtime patch be installed before running the setup command.