Detecting why a session dies

I’m using cakephp2 for a huge system and it won’t be upgraded anytime soon. Our only problem is that the session gets destroyed frequently. Some users suffer more than others but all suffer. The timing changes - it’s not predictable.

I was hoping that Sentry would pick up on some bit of code that was causing the problem but it hasn’t. I can put breadcrumbs into the oauth code and trace what happens but would appreciate some advice.

What are the critical points to put breadcrumbs/capturemessage in for this type of problem?