After deploying an Intrusion Detection (IDS) policy to an agent installed on the Symantec Critical System Protection (CSP) Manager or Data Center Security (DCS) Server, CPU usage is high and stays high.

This generates a loop which causes constant CPU usage.

The CSP Manager writes to the logfiles and SQL files as it works/processes data, then with the agent monitoring those files for modifications it generates more data for the Manager to process and subsequently write to those files again.

CPU Usage due to this setup will vary depending on the size and activity of the environment CSP or DCS is deployed in.

Do not monitor these files for modification in the IDS Policy deployed to the manager. 

The largest impact observed is the monitoring of the SQL Files for modification.

Applies To

CSP Agent Installed on CSP Manager Server or DCS Agent installed on a DCS Manager server.

IDS Policy deployed to the agent watching for the modification of CSP Manager log files and MSSQL files for Symantec CSP.