Question

PDC implementation details.

Hi Andy (AndyWerden),

We are planning to implement centralized PDC setup for all our PEGA applications.Please respond below:

1)What is the security mechanism (logs scrubbing,HIPAA safeguard,Whitelisting,etc.,) behind application data pushed over to PDC.

2)Do we need to import any key-store certificates related to PDC ?

3)As I have heard PDC gets enhanced very often,does that requires restart or outage from our application side ?

4)Any implementation documentation or articles related to PDC ?

5)PDC JIRA integration details.

6)Making Quiesce option being available @ PDC (so far only AES does have this capability).

7)Mandatory hot-fixes or DSS.

Thank you.

Comments

Keep up to date on this post and subscribe to comments

April 19, 2019 - 11:44am

Hi Pradeep,

I am working on to provide response to your queries, for point 3 n 4, please find response below:

3. You need not to restart application from your side.
4. https://community.pega.com/knowledgebase/products/predictive-diagnostic-cloud

Pega
April 20, 2019 - 8:43am

PDC is a SaaS offering and available in Pega Cloud.  Every Pega customer will have a dedicated tenant in PDC and you can monitor all pega applications. To answer your questions, 

 

1)     Once you configured PDC in your system, it can send all the alert and exceptions to PDC.  No customer data pushed to PDC

2)     For some customers I have seen, they need to import some certificate (which PDC provide) when they configure otherwise in general nothing is required.

3)     Since PDC changes are independent, you don’t need to restart anything for the changes in PDC.  No outage is required from your side.

4)     In community page (https://community.pega.com/knowledgebase/products/predictive-diagnostic-cloud), you can see more details.

5)     PDC JIRA integration is under development and will be available soon in PDC

6)     PDC is build on top of AES and hence whatever is possible in AES should be possible in PDC as well.

7)     For monitoring your system, you don’t need any hotfixes, but to push some extra information (like how your agents are behaving, how your DB is behaving etc) we have hotfixes available for Postgres SQL DB.  If you are using Postgres SQL then based on your pega version you can get the appropriate hotfix from pega support and install.

April 20, 2019 - 11:00am

Hi Karuppan,

Please find the inline comments below.

1)     Once you configured PDC in your system, it can send all the alert and exceptions to PDC.  No customer data pushed to PDC.How about PHI/PII information (HIPAA) available @Application logs being handled (logs scrubbing) and 'PUSH'ed over to PDC ?Any whitelisting options available ? Please explain in detail wrt the handling mechanism.

2)     For some customers I have seen, they need to import some certificate (which PDC provide) when they configure otherwise in general nothing is required.Please provide in detail regarding the circumstances during which PDC certificates needed to be installed @ our application level ? We are running on the following application stack (PRPC731,MSSQL and Tomcat). 

3)     Since PDC changes are independent, you don’t need to restart anything for the changes in PDC.  No outage is required from your side.

4)     In community page (https://community.pega.com/knowledgebase/products/predictive-diagnostic-cloud), you can see more details.

5)     PDC JIRA integration is under development and will be available soon in PDC. Any ETA please ?

6)     PDC is build on top of AES and hence whatever is possible in AES should be possible in PDC as well. Not correct.Couldnt find Quiesce option @ PDC.

7)     For monitoring your system, you don’t need any hotfixes, but to push some extra information (like how your agents are behaving, how your DB is behaving etc) we have hotfixes available for Postgres SQL DB.  If you are using Postgres SQL then based on your pega version you can get the appropriate hotfix from pega support and install.Does PDC showcases Database events for MSSQL ? Or is it still limited to Postgre SQL just like AES ? For installing additional PDC agents,we have obtained the following hotfixes HFIX-47520,HFIX-45435, HFIX-46535 to be installed @ monitored nodes.

 

Pega
April 20, 2019 - 11:56pm
Response to PradeepChowdaryP

Hi Pradeep,

Please find the inline comments below.

1)     Once you configured PDC in your system, it can send all the alert and exceptions to PDC.  No customer data pushed to PDC.How about PHI/PII information (HIPAA) available @Application logs being handled (logs scrubbing) and 'PUSH'ed over to PDC ?Any whitelisting options available ? Please explain in detail wrt the handling mechanism.

@Andy can provide more details here.

2)     For some customers I have seen, they need to import some certificate (which PDC provide) when they configure otherwise in general nothing is required.Please provide in detail regarding the circumstances during which PDC certificates needed to be installed @ our application level ? We are running on the following application stack (PRPC731,MSSQL and Tomcat). 

The certificate is needed for connectivity from your client system to PDC (Cloud).  Again Andy can provide more details here.

3)     Since PDC changes are independent, you don’t need to restart anything for the changes in PDC.  No outage is required from your side.

4)     In community page (https://community.pega.com/knowledgebase/products/predictive-diagnostic-cloud), you can see more details.

5)     PDC JIRA integration is under development and will be available soon in PDC. Any ETA please ?

This will be available in PDC production around PegaWorld timeframe.  May be 2 months.  Not only JIRA integration, we are integrating Service Now, Agile Studio as well.

6)     PDC is build on top of AES and hence whatever is possible in AES should be possible in PDC as well. Not correct.Couldnt find Quiesce option @ PDC.

Andy can answer here

7)     For monitoring your system, you don’t need any hotfixes, but to push some extra information (like how your agents are behaving, how your DB is behaving etc) we have hotfixes available for Postgres SQL DB.  If you are using Postgres SQL then based on your pega version you can get the appropriate hotfix from pega support and install.Does PDC showcases Database events for MSSQL ? Or is it still limited to Postgre SQL just like AES ? For installing additional PDC agents,we have obtained the following hotfixes HFIX-47520,HFIX-45435, HFIX-46535 to be installed @ monitored nodes.

Only for Postgre SQL for now.  The latest hotfix for Pega 7.3.1 is HFix-51555

Pega
April 22, 2019 - 12:42am
Response to Karuppan

1) Monitored systems send PDC generic environmental and usage data collected via agents, node health status gathered by the management daemon and sanitized alert and exception data. Alerts and exceptions are queued for sending to PDC at same time they are written to the PEgaRulesALERT file, but the parameter page first runs through a whitelist filter and most parameters values are replaced by the literal '[removed]'. There should not be PHI/PII information anywhere else in the alert body - proper SQL statements are parameterized and PDC does not get the bind variables (also referred to as SQL inserts).  It is possible to send bind vars to PDC and explicitly add additional parameters to the whitelist via configuration settings but of course we would prefer you don't - its far easier to secure data we don't have. 

2) Communication between monitored systems and PDC is via https. Some servers (WebSphere) will not import an SSL certificate on the fly and require that administrators download the SSL certs and check them into keystore. I have not seen that behavior on Tomcat. 

6) PDC will NEVER have quiesce management as that would require PDC to send messages into monitored systems. PDC receives data only -- communication is one way. 

7) We welcome your advise / expertise on how best PDC can monitor MSSQL in same fashion as we have recently implemented for Postgres. We want to support all databases but simply have a lot more experience and production-quality datasets with Postgres -- and Postgres is pretty liberal regarding the system meta-data that can be queried from the pega runtime account. 

 

 

Pega
April 22, 2019 - 12:46am

To extent the parameter whitelist, use dynamic system setting   Pega-Engine prconfig/alerts/parameterpage/allowedKeywords/default.  Use a semi-colon to separate parameters

April 27, 2019 - 12:31am

Sure Andy.

Thank you for the information.

Weekly score card items provides action items for a week and New Items daily scorecard provides action items for previous day.In the similar manner,Could you please confirm if we could obtain an option @ PDC to customize the time period of action items generation ?

Pega
April 27, 2019 - 1:08am
Response to PradeepChowdaryP

Action item generation is immediate in PDC but when to notify is the question.  The weekly scorecard and daily scorecard notify people as the name suggest. 

 

As far as I know, we cannot customize these scorecards.  The Weekly will go away as its deprecated and you can generate the daily at any time by selecting Email Scorecard and entering your email id.

 

There is also “New alert action item” and “New Exception” score cards in PDC which will notify you whenever PDC receives a new item (alert / exception) form your monitored system.

 

April 28, 2019 - 4:37pm

Sure Kauppan.

Could you also please confirm about the availability of on-premise PDC environment setup ?

Thank you.

May 1, 2019 - 7:01pm
Response to PradeepChowdaryP

Hi Andy/Karuppan,
Any update regarding the following "Could you also please confirm about the availability of on-premise PDC environment setup" please ?
Thank you.

Pega
May 2, 2019 - 3:16am
Response to PradeepChowdaryP

Hi Pradeep,

Can you please clarify more on on-premise PDC setup?  Do you want to monitor your On-premise systems by PDC?  Is that the request?  If yes, do you already have a tenant from PDC for your customer.  Can you please share the customer details.

May 2, 2019 - 9:22am
Response to Karuppan

We wanted to check/confirm if on-premise version of PDC (just like AES) is available or not ?

May 2, 2019 - 6:32am
Response to PradeepChowdaryP

Hi @PradeepChowdaryP ,

Thanks @Karuppan for your insights in the thread.

From the suggestions shared in the post, I read that creating an SR for the query seems the best option.

It's not advised to project/customer details in the public community.

Hope the information is helpful.

Thanks!

Vidyaranjan | Community Moderator | Pegasystems Inc.

Pega
May 2, 2019 - 3:32am

Pradeep,

Alternatively you can open a SR with the necessary details if you don't want to share the customer details in public forum so that we can respond via SR.

 

Pega
May 2, 2019 - 8:22am

PDC is exclusively a pega hosted, pega managed service. Product management is evaluating market demand, functional need, technical options and resource requirements for improved monitoring and governance tools for premise / private cloud customers with policy restrictions that preclude use of cloud-based services. As you noted, one of the options that is under discussion would be some form of license to allow "non-pega" parties to host PDC service instances on private cloud or premise systems.  I will let you know more when I know more; I encourage you to provide input through your account team regarding your needs and procedural or regulatory restrictions.

May 7, 2019 - 4:35pm

Hi Andy/Karuppan,

Could you also please confirm if PDC does have the capability to integrate with Service now ?

Thank you.

Pega
May 8, 2019 - 1:30am
Response to PradeepChowdaryP

Yes it is. PDC can connect to Service Now, Jira and Agile Studio to track the issues there either via Bug / User story / Incident.

May 8, 2019 - 10:07am
Response to Karuppan

Sure,Thank you.

Please provide the PDC - ServiceNow Integration reference documentation.