ICAP queue reaching capacity-bluecoat-sgos

ICAP queue reaching capacity-bluecoat-sgos

Vendor: bluecoat

OS: sgos

Description:
Indeni checks if the queue count in the last hour is more than the configured threshold

Remediation Steps:
Indeni monitors the total emulated certificates percentage , lower values means a higher SSL CPU usage.
|1. Login via https to the ProxySG and go to https://proxy:8082/PDM/show-values/icap:service:_total_service_stats:queued_transaction_count~hourly?stats_mode=0. Review the last hour queue count.
|2. Check if the unit is dealing with high traffic volume, usually caused by streaming traffic.
|3. Consider bypassing streaming traffic.
|4. For more information review the following Bluecoat guide: https://support.symantec.com/en_US/article.TECH242686.html

How does this work?
This script logs into the Bluecoat Proxy using SSH and retrieves the Icap queue using the show advanced-url /PDM/show-values/icap:service:_total_service_stats:queued_transaction_count~hourly?stats_mode=0 command.

Why is this important?
Monitoring the Bluecoat ProxySG Icap queue is critical for evaluate the system’s health and make sure it’s not over utilized. If the ICAP services have large number of connections stuck in queue , the Bluecoat ProxySG may be suffer from slowness or traffic latency.

Without Indeni how would you find this?
An administrator could manually get this information by issuing the command show advanced-url /PDM/show-values/icap:service:_total_service_stats:queued_transaction_count~hourly?stats_mode=0 command.

bluecoat-icap-queue

name: bluecoat-icap-queue
description: Fetch icap queue stat.
type: monitoring
monitoring_interval: 1 minute
requires:
    vendor: bluecoat
    os.name: sgos
comments:
    bluecoat-icap-queue:
        why: |
            Monitoring the Bluecoat ProxySG Icap queue is critical for evaluate the system's health and make sure it's not over utilized.
            If the ICAP services have large number of connections stuck in queue , the Bluecoat ProxySG may be suffer from slowness or traffic latency.
        how: |
            This script logs into the Bluecoat Proxy using SSH and retrieves the Icap queue using the show advanced-url /PDM/show-values/icap:service:_total_service_stats:queued_transaction_count~hourly?stats_mode=0 command.
        can-with-snmp: false
        can-with-syslog: false
steps:
-   run:
        type: SSH
        command: show advanced-url "/PDM/show-values/icap:service:_total_service_stats:queued_transaction_count~hourly?stats_mode=0"
    parse:
        type: AWK
        file: icap-queue.parser.1.awk

BlueCoatIcapQueueRule

Failed to fetch the data: https://bitbucket.org/indeni/indeni-knowledge/src/master/rules/templatebased/bluecoat/proxysg/BlueCoatIcapQueueRule.scala