How to monitor the CA Access Gateway (SPS) in order to get the count of the current threads in use at a given moment, and how to keep them historically to consult the thread amount for yesterday at a given time?

There's no out of the box tool to monitor the amount of threads that the CA Access Gateway (SPS) is using an instant.

When running on Linux OS, using OS tools will help to determine the amount of threads the process is using.

Note that the CA Access Gateway (SPS) has several processes, corresponding to the embedded component Apache, and Tomcat.

So, running ps command, get the PID for both Apache (httpd) and Tomcat (java):

  # ps auxww
  nobody      1868  0.0  0.4 855464  8936 ?        Sl   16:42   0:00 /{home_sps}/httpd/bin/httpd -d /{home_sps}/httpd -k start -D SSL
  nobody      2432 57.9 24.1 3129848 448636 ?      Sl   16:42   1:21 /{home_java}/bin/java -ms256m -mx1024m -server -XX:MaxMetaspaceSize=256M -Dcatalina.base=/{home_sps}/Tomcat -Dcatalina.home=/{home_sps}/Tomcat -Djava.io.tmpdir=/{home_sps}/Tomcat/temp -DHTTPClient.log.mask=0 -DHTTPClient.Modules=HTTPClient.RetryModule|org.tigris.noodle.NoodleCookieModule|HTTPClient.DefaultModule -Dlogger.properties=/{home_sps}/Tomcat/properties/logger.properties -Djava.endorsed.dirs=/{home_sps}/Tomcat/endorsed -Dfile.encoding=UTF8 -DIWACONFIGHOME=/{home_sps}/proxy-engine/conf/sts-config/globalconfig -DNETE_WA_ROOT= -DPWD=/{home_sps} -classpath /{home_sps}/Tomcat/bin/proxybootstrap.jar:/{home_sps}/Tomcat/properties:/{home_sps}/resources:/opt/jdk8u275-b01/lib/tools.jar:/opt/jdk8u275-b01/lib/tools.jar:/{home_sps}/Tomcat/bin/bootstrap.jar:/{home_sps}/Tomcat/lib/smi18n.jar:/{home_sps}/agentframework/java/bc-fips-1.0.2.3.jar com.netegrity.proxy.ProxyBootstrap -config /{home_sps}/proxy-engine/conf/server.conf

Using the watch command, and filtering the "Threads" line, to get each second how many threads the component runs:  

For the above Apache 1868 process:

  # watch -n 1 'cat /proc/1868/status | grep Threads:'

  Every 1.0s: cat /proc/1868/status | grep Threads:  sps.example.com: Tue Feb  6 16:47:18 2024

  Threads:        27

For the above Tomcat 2432 process:

  # watch -n 1 'cat /proc/2432/status | grep Threads:'

  Every 1.0s: cat /proc/2432/status | grep Threads:  sps.example.com: Tue Feb  6 16:44:10 2024

  Threads:        41

  # ls /proc/2432/task | wc -l
  41

These are rudimentary tools and they don't allow to keep historical data about the performances of the CA Access Gateway (SPS) and the Policy Server, as both are dependent.

As such, Broadcom offers 2 tools to monitor liveness and keep track of the historical data. The amount of threads is only available for the Policy Server. But for the CA Access Gateway (SPS), to get a bunch of interesting performance data, APM (Wily - Application Performance Management) (1)(2)(3), OneView monitor (4), and SNMP (5).

With SNMP, from other tools from the market, pull the Policy Server snmp mib base data to get current values and stock them.

In the Policy Server mib file:

  /{home_policy_server}/mibs/NetegrityMIB.mib:

     policyServerMaxThreads  Integer32,
     policyServerAvailableThreads   Integer32,
     policyServerThreadsInUse    Integer32,

1. Data Monitoring Using DX Application Performance Management
   https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/siteminder/12-8/configuring/access-gateway-configuration/data-monitoring-using-ca-application-performance-management.html
2. CA SSO Policy Server Metrics
   https://techdocs.broadcom.com/us/en/ca-enterprise-software/it-operations-management/apm-for-siteminder/13-4/metrics/ca-sso-policy-server-metrics.html
   
   
3. CA SSO Web Agent Metrics
   https://techdocs.broadcom.com/us/en/ca-enterprise-software/it-operations-management/apm-for-siteminder/13-4/metrics/ca-sso-web-agent-metrics.html
   
   
4. Use OneView Monitor to Analyze Performance
   https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/siteminder/12-8/administrating/use-oneview-monitor-to-analyze-performance.html
   
   
5. Monitoring SiteMinder Using SNMP
   https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/siteminder/12-8/administrating/monitoring-siteminder-using-snmp.html