Closed frli4797 closed 4 years ago
berland
commented
4 years ago I am polling the API every 30 seconds. I get sometimes locked out, and have to reactivate it through a web browser, up to once a month, perhaps more often the last year than earlier.
frli4797
commented
4 years ago @berland This is odd. The observed behavior in my case is that it is way more frequent. Probably one lock out in four attempts.
perbrage
commented
4 years ago I am polling every 2 seconds without major problems. I get account lockouts as well that happens now and then, perhaps once every other month or so. I have yet to find a proof of what is going on, but from my findings so far it looks like there is a problem when sector alarm perform restarts/deployments or have a high volume in traffic. I believe that a bunch of requests are getting stuck in timeouts or similar then after awhile they all try to login at once resulting in a lockout. You can actually see errors coming back from Sector Alarm during this "event", but I is not very clear what they mean.
I have been thinking about adding a Circuit Breaker pattern to the requests towards Sector Alarm, that would use a short timeout and also look for errors from Sector Alarm and pause the requests for a configurable interval before trying again, but I never got around to implement it. If the problem is what I think it is, this would help to some extent.
Also, to my knowledge looking at other implementations and forums, when people set a too low polling interval, like 0.5 sec or 1 sec, Sector Alarm actually calls you and tells you to stop or they will ban you. Some people are even leaving Sector Alarm because of this, but the grass is not greener at other vendors either. It is kind of the same.
frli4797
commented
4 years ago The source of my lockouts showed to be a Lambda-deployed job going berserk. It was less than obvious but clearly my mistake/pilot error. Once corrected, the lockout stopped.
Move on, nothing to see here. ;)
More of an observation than a defect. Seems like lately my Sector account get locked out when I try to access it through the API. I'm curious to whether Sectoralarm has implemented any measures to counter anyone utilizing their APIs.