JVM level Monitoring of AEM Server using JConsole


Monitoring AEM Server using JConsole:

Follow the below steps for Widows Server:

Connect JConsole: :9999 where port-9999 is JMX remote port

Step: 1
Go to windows command prompt : jconsole  :

Click on overview tab see the heap memory usage,Threads,Classes and CPU usage
Step: 2

Step3:
Click on memory To monitor heap and non-heap space
Step4:
Click on thread To monitor Threads
Step:5
Click on Virtual tab To monitor virtual memory
Step:5
Click on Classes To monitor classes

No comments:

Log File rotation in AEM/CQ5

Statement : JVM Log file rotation parameters

Solution :
Add the below parameters in the start.bat/start.sh file of AEM:

XX:+HeapDumpOnOutOfMemoryError
— Write an heapdump if the JVM runs out of heap space
XX:+HeapDumpOnCtrlBreak
— On windows create an heapdump when pressing         ctrl+break
verbose:gc
— Verbose garbage collection logging
XX:+PrintGCTimeStamps
— Print timestamps in the GC log
XX:+PrintGCDetails
— Even more GC information
Xloggc:gc.log
— Write the GC logs to this file and not to stdout
XX:+UseGCLogFileRoatation
— Enable GC log rotation
XX:+NumberOfGCLogFiles=10
—Keep 10 versions of that GC log file





JVM Parameter
Description


§  verbose:gc
§  verbose garbage collection logging
§  XX:+PrintGCTimeStamps
§  print timestamps in the GC log
§  XX:+PrintGCDetails
§  even more GC information
§  Xloggc:gc.log
§  write the GC logs to this file and not to stdout
§  XX:+UseGCLogFileRoatation
§  (since Java 6u32 or Java 7u2) — enable GC log rotation
§  XX:+NumberOfGCLogFiles=10
§  (since Java 6u32 or Java 7u2) — and keep 10 versions of that GC log file

Log file rotation related findings

Finding ID
Title
Total Risk
Effort to fix
LR1
verbose:gc
Medium
Low
LR2
XX:+PrintGCTimeStamps
Medium
Low
LR3
XX:+PrintGCDetails
Medium
Low
LR4
Xloggc:gc.log
Medium
Low
LR5
XX:+UseGCLogFileRoatation
Medium
Low
LR6
XX:+NumberOfGCLogFiles=10
Medium
Low

4 comments:

Enabling HTTP Over SSL In AEM 5.6.1 For Windows OS


Enabling HTTP over SSL in AEM 5.6.1 for Windows OS
Follow the below steps
Step: 1
Create SSL folder inside the AEM server folder which is parallel to the  crx-quickstart.jar file
For Example D:\CQ-5.6.1- software\latest-5.6.1 software\ssl\

Step: 2
Generate a self-signed certificate for public/private key pair-
-          Go to command prompt point to the SSL folder
For Example:
D:\CQ-5.6.1- software\latest-5.6.1 software\ssl\

Steps to be followed to create Keystore and CSR


Option1: Create a keystore with public/private key pair
D:\CQ-5.6.1- software\latest-5.6.1 software>ssl\keytool -genkeypair -keyalg RSA -keysize 2048 -validity 3650 -alias cqse -keystore cqkeystore.keystore -keypass S!n@t$!123  -storepass S!n@t$!123 -dname "CN=test.com, OU=test.com, O=test, L=Singapore, S=Singapore, C=SG"
Option2:  Generate CSR
D:\CQ-5.6.1- software\latest-5.6.1 software>ssl\keytool -certreq -alias "cqse" -keystore cqkeystore.keystore -file LCCertRequest.csr
Verify the generated keystore and csr certificate in the local file system where D:\CQ-5.6.1- software\latest-5.6.1 software\ssl folder


Step: 3
Login to the Author instance as Admin User
Step: 4
Open the OSGI/Felix console: http://localhost:4502/system/console/configMgr
Step: 5
Select Configuration options from OSGI tab


Step:6
 Select “Day CQSE HTTP Service” & open it.


Step: 7
Configure the HTTPS port, Keystore Absolute file path and keystore password

Step: 8
Where

  • Keystore: Path  of the key store file
D:\CQ-5.6.1- software\latest-5.6.1 software\publish\ssl\cqkeystore.keystore
  • Keystore Password:
S!n@t$!123 
  • Key password:
S!n@t$!123 
  • Enable HTTPS:
Select the check box
  • Https Port:
5443
  • Key Alias:
cqse
  • Client Certificate:
No client certificate
Finally click on save.
Step:9
Validate whether the HTTP and HTTPS port started in the error.log file

02.10.2014 18:46:35.409 *INFO* [CQSE HTTP Service] cqse-httpservice Started CQSE 4.x at port(s) HTTP:4502 HTTPS:5443 on context path /

Sanity Test for SSL in Author and Publishers
Launch the welcome console of author and Publishers:  https://localhost:5443/welcome.html
Note:
Follow the above mentioned steps from the point no 7 to configure HTTP over SSL in the Publishers as well
For Author Use HTTPS port : 5443
For Publisher Use HTTPS port : 8443
Use strong password
Increase the validity of certificate.


1 comment:
Subscribe to: Posts (Atom)