Slow Connection

ID slow-connection
Type external-service
Minimum Severity warning
Node Specific yes

The slow-connection alarm is raised when a component in the Curity Identity Server makes a request against a remote host and the response did not arrive in a timely manner. Only data sources, such as MySQL or LDAP, will raise this alarm.

This alarm can be triggered by high load affecting the remote host or the network the connection is made on.

../../../_images/slow-connection-alarm.svg

Fig. 9 The remote service service failed to respond in a timely manner

Alarming Resources

This alarm can be raised by one type of component in the Curity Identity Server.

  • Data Sources

Data Sources

Data Sources will raise this alarm when making a request against a remote host and the response did not arrive in a timely manner

The severity of the alarm escalates with increasing response time, starting with warning:

Default Response Time Threshold Alarm Severity
above 2 seconds WARNING
above 5 seconds MINOR
above 10 seconds MAJOR
above 31 seconds CRITICAL

Note

30 seconds is a common connection timeout. Therefore, a margin of one second is added, to a default threshold of 31 seconds, before raising a slow-connection with CRITICAL severity.

These thresholds can be configured individually per Data Source.

Raising Conditions

The alarm is raised when the Curity Identity Server is subject to a slow response from the remote host using the configured resource.

Clearing Conditions

The alarm is cleared after a timely response have been asserted against the remote host and a small amount of time without further issues has passed. This means that if the connection is flaky, the alarm will not be cleared until the condition is deemed stable.

Suggested Actions

  • Inspect the logs of the remote host, or contact support of the service provider.
  • Inspect the configuration and logs of any intermediate network equipment, such as routers and proxies.
  • Inspect the logs of the affected Curity Identity Server runtime node at the time of this alarm.

Sliding Window

The slow connection alarm employs a sliding window which can be configured per Data Source.

Configuration Options

Data Sources

This alarm can be enabled and disabled for individual data sources (enabled by default) under /facilities/data-sources/data-source{id}/data-source-alarms/enable-slow-connection-alarm.

To disable the Slow Connection alarm using the CLI, do:

configure
set facilities data-sources data-source YOUR_DATA_SOURCE_ID data-source-alarms enable-slow-connection-alarm false
commit

Thresholds for this alarm can be configured (in seconds) for individual data sources under /facilities/data-sources/data-source{id}/data-source-alarms/slow-connection-alarm/thresholds.

To set the threshold for the CRITICAL severity to 42 seconds for the Slow Connection alarm using the CLI, do:

configure
set facilities data-sources data-source YOUR_DATA_SOURCE_ID data-source-alarms slow-connection-alarm thresholds critical 42
commit

To set the size of the sliding window and the number of faults required to raise the alarm using the CLI, do:

configure
set facilities data-sources data-source YOUR_DATA_SOURCE_ID data-source-alarms failed-communication-alarm sliding-window sliding-window-size 20
set facilities data-sources data-source YOUR_DATA_SOURCE_ID data-source-alarms failed-communication-alarm sliding-window faults-to-raise-alarm 100
commit