OPC-UA Integration with Cumulocity IoT, Monitoring OPC UA Gateway


The OPC UA Integration with Cumulocity, short OPC UA Gateway, allows connecting any OPC UA Server which can have various majority levels and address space sizes. In order to detect performance issues or connection problems. It is recommended to monitor software components in a productive environment. In that article, I will talk about the possibilities to monitor the OPC UA Gateway.

The OPC UA Gateway is written in Java using the Spring framework. This framework provides a wide variety of features for monitoring. The OPC UA Gateway is using the standard Java Management Extensions JMX and I will show you how to run your OPC UA gateway with JMX and additional Prometheus endpoint.

Furthermore, the gateway populates different metrics to the Cumulocity IoT platform as well which I’m starting with.


As already mentioned, the gateway internally measures different metrics and populates them to the platform as measurements, events and alarms.
It also checks if a server connection is active and working by regularly browsing the root node of an OPC UA server. This is certainly the easiest way and working out of the box, without network configuration like port opening etc. The downside is that only a few metrics are available.

However, I will not go into detail, this is already well documented at:

Monitoring Measurements

Monitoring Alarms

Monitoring Events

There are two configuration you can set in the OPC UA Gateway:

    # The interval below in milliseconds configures the frequency of this monitoring task.
    interval: 10000
    # The interval below in milliseconds configures how often we investigate the thread executor queue sizes to prevent overflow
    checkQueueSizes: 10000

For more information please check the documentation.


Java Management Extensions (JMX ) is also an out of the box functionality to monitor the JVM and also the beans provided by the component.

JMX beans can easily accessed by jconsole.

You have to enable jmx by adding following to your configuration application-{profile}.yaml file of your OPC UA Gateway instance. This enables jmx for Spring and all additional specific added MBeans.

         enabled: true

Spring publishes production ready endpoints as JMX.



and additional OPC UA specific MBeans:

I am going to focus on customActionMBean which was introduced recently. If you are using custom actions, these values are worth mentioning.

As you can see in the screenshot, the MBeans stores a map of all http requests, return code and retry count. The key contains all three information:

<endpoint URI>_<http code>_<retry count>


Key: http://localhost/api/test_200_2
Value: 15

This means the REST endpoint (resource) http://localhost/api/test was successful (200, Ok) on the second retry, and this happened 15 times at runtime. The counter is stored in-memory, which means it is reset after restart. This helps to identify which endpoints are not performing well.

Important! If you want to configure OPC UA Gateway to access the JMX remotely you have to setup security, see this guide


It is important to know that the OPC UA Gateway doesn’t have a web server included which means REST endpoints like actuator etc. can’t be used out of the box.
Fortunatly there is an additional agent available as open source which can be used to export MBeans as prometheus endpoint:

Steps prometheus exporter

  1. Start the OPC UA Gateway with Prometheus exporter:

    java -javaagent:./jmx_prometheus_javaagent-0.17.0.jar=12345:config.yaml -Dspring.profiles.active=default,test1 -Dlogging.config=opcua-device-gateway-logging.xml -jar opcua-device-gateway-1015.x.x.jar
  2. Open the browser, if you use default config: http://localhost:12345/metrics
    You can see above described CustomActionMBean:


Monitoring is very important for your infrastructure when operating a productive OPC UA gateway. This article guided you through the monitoring capabilities of the OPC UA Gateway. Be aware that enabling remote access comes always with more security risk and need special security measures.