We recently had an issue where a port scanning tool cause high CPU usage by CEMETOM.

We noticed that the scan was accessing many of the example webapps that are part of a standard Tomcat install.

We think removing the non-essential webapps might reduce the CPU impact of any port scanning, but even if it will not, we think they should be removed anyway.

Can you provide guidance on what webapps can safely be removed, and how to remove them?

Release : 6.0

Component : CA COMPLIANCE EVENT MANAGER

The only four files CEM needs in the /cai/cacem/tomcat/webapps directory are the following four files:

castylesr5.1.3
cem.war
cemws.war
cemui.war

Any other files in the webapps directory are up to you to decide if you need them or not.