ExecutionTimeThreshold Introudced

Document ID : KB000011691
Last Modified Date : 14/02/2018
Show Technical Document Details
Question:
  • What is the purpose of ExecutionTimeThreshold registry ?
  • How can this be configured?
  • What is the default value?
  • Can this be configured for Web Agent ?
  • How to interpret the info message related to this ? 
  • What is the best value for this ?
Environment:
Policy Server : r12.52 SP1 CR5 and above.Policy Server OS : Any
Answer:

What is the purpose of ExecutionTimeThreshold registry ?

The purpose of this registry is to identify functions that take an excessive amount of time to execute without enabling tracing (which can negatively affect performance).

How can this be configured ?

This can be configured by setting the value for following registry entry :

HKEY_LOCAL_MACHINE\SOFTWARE\Netegrity\SiteMinder\CurrentVersion\LogConfig\ExecutionTimeThreshold

The value should be hexadecimal equivalent of the number of milliseconds.

For e.g to set this as 5 seconds = 5000 ms , you need to set this value as 0x1388

What is the default value?

The default value is 5 seconds ( 0x1388)

Can this be configured for Web Agent ?

No, this is Policy server only feature.

How to interpret the info message related to this ? 

To illustrate this , lets consider following example :

Execution time exceeded threshold. (CServer::Tunnel, 7396, 5000, agent=agentX client=127.0.0.1 resource=/index.jsf action=POST user=user1).

Here, 

  • The first parameter = Name of the function
  • Second Parameter =  Actual Execution time of the function
  • Third Parameter =  ExecutionTimeThreshold as configured in the policy server registry (in millisecond)
  • Fourther parameter = Resource context

So the above info message can be interpreted as below:

The CServer:Tunnel function execution exceeded the configured threshold of 5000ms and took 7396ms to execute.

This happened for POST request for user1 from client IP 127.0.0.1 and agent agentX

What is the best value for this ?

There is no best/optimum value for this setting. It depends on what application demands.

For some application , it is critical to be very responsive while for other it may be ok to be sligthly less resoponsive.

For most cases, this can be left to the default value of 5 seconds.

 

 

Additional Information:

https://docops.ca.com/ca-single-sign-on/12-52-sp1/en/troubleshooting/policy-server-troubleshooting