Skip to main content

Alerts

Performance and security alerts

At run time, the Pega Platform generates alerts for performance and security-related application issues. Alerts are text-based messages that serve as important notifications about the functioning of your system. 

Performance alerts are generated when rule execution exceeds a performance threshold. Security alerts are generated when the security of a Pega Platform server is at risk. Analyze alerts to identify the root cause of a performance or security issue.

Note: Reviewing security alerts is only one aspect of securing an application. For a complete list of security leading practices, consult the Security Checklist awareness module and the Security Checklist for Pega Platform deployment.  

Performance issues are captured in the ALERT log and security issues are captured in the ALERTSECURITY log. You can access alerts from your session from the My Alerts display. You can access the My Alerts display in App Studio or Dev Studio from the Developer Toolbar > Issues. The My Alerts display shows performance alerts by default. Click Security Alerts to show security alerts.

Note: While the My Alerts display defaults to showing alerts from your session, you can filter the display to view alerts generated for any user. The ALERT and ALERTSECURITY logs show all alerts on the system from any requestor session.

Alert format

The alert format provides information about the alert. You can determine whether the alert is performance or security related, the type of alert, the type of requestor (for example, a browser), and the activity or stream that triggered the alert from the alert format. 

Note: For more details about the information provided in an alert, refer to the Pega Community article Alert format.

In the following image, click the + icons to learn more about the format of an alert.

Alert examples

PEGA0001 alert

The most frequently-generated alert is the PEGA0001 alert, which occurs when the elapsed time for an HTTP interaction time exceeds the threshold setting. This alert represents a single server interaction and can occur due to long-running calculations, waiting for database connections, or waiting for information from an external service.

Tip: Developers can adjust performance thresholds depending on stakeholder input and performance goals.

This alert is typically a consequence of other alerts, as it encapsulates the entire time the browser needs to wait. A PEGA0001 alert may accompany one or more other alerts, such as a database connection alert. Fixing the accompanying alert or alerts generally resolves a PEGA0001 alert. By addressing the other alerts, such as DB Connections and Rule Assembly Time, you can reduce the frequency of this alert.

If your alert log contains a large number of PEGA0001 messages, a problem on the server might be causing a significant slowdown. Check the server for the underlying problem. If the alert message identifies an activity, the activity might take a long time to process. Use the PAL performance tool or Tracer to check which steps the activity is running.

SECU0005 alert

The SECU0005 alert is generated when Pega Platform encounters a thread name in the URL of an HTTP request that does not already exist in the requestor and whose name contains invalid characters.

This alert allows you to identify potentially malicious scripts that have been inserted into the thread name portion of the URL so that you can research and correct the thread name or other issues as appropriate.

Modify your application to avoid creating thread names with invalid characters. Verify that the invalid character is safe to use from a security standpoint and it does not make your application vulnerable to cross-site scripting attacks. Add the character to the AdditionalValidCharactersInThreadNames setting.

Note: For more information about all possible alerts in Pega Platform, refer to the Pega Community article List of performance and security alerts in Pega Platform.

Check your knowledge with the following interaction.

If you are having problems with your training, please review the Pega Academy Support FAQs.

Did you find this content helpful?

Want to help us improve this content?

We'd prefer it if you saw us at our best.

Pega Academy has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice