Endpoint Discover scans on Mac Endpoint Agents causes performance issues for the end user


Article ID: 169982


Updated On:


Data Loss Prevention Endpoint Discover


While doing an Endpoint Discover scan with Mac Endpoint Agents, the CPU utilization of the EDPA process will get very high, causing performance issues and the user experience on the Endpoint Machine to degrade.


There is no resource consumption throttling available for Mac Endpoint Discover scans as of DLP 14.6 MP1 and thus the agent is allowed to consume large amounts of CPU resources while performing a Discover scans. Resource consumption throttling is only available for Windows Endpoints as of DLP 14.6 MP1.


Mac DLP Endpoint Agents


Change the Discover.SCAN_ONLY_WHEN_IDLE.int  property to 1, which will force the Endpoint Agent to only perform Discover scanning while the system is idle. This should improve system performance for the user but could result in the scan taking longer to complete.

1. Log into the Enforce console.
2. Navigate to System -> Agents -> Agent Configuration.
3. Click on the Agent Configuration the effected agents are in.
4. Click the Advanced Agent Settings tab.
5. Search for the property name, Discover.SCAN_ONLY_WHEN_IDLE.int .
6. Change the value of Discover.SCAN_ONLY_WHEN_IDLE.int  from 2(the default value) to 1.
7. Save the agent configuration.
8. Update the Agent Configuration to the agent group so that the agent configuration changes are pushed to the Endpoint Agents.