Open the AntiMalware.ini and AntiMalware.ini.1 and perform the changes in both files
vi /opt/Symantec/sdcssagent/AMD/system/AntiMalware.ini vi /opt/Symantec/sdcssagent/AMD/system/AntiMalware.ini.1
For a Linux system with >=16 CPU cores, SEP accepts the decrease of threads by half or quarters.
The minimum recommended amount of CPU core to be assigned to a Linux machine with SEP client is 4.
By default, SEP assigns in threads as much as CPU assigned to the system. If your Linux system has 8 cores assigned, AP will have by default 8 threads assigned to it; you might want to decrease this amount by half. However, 4 is the minimum to assign to AP. Therefore, it's not possible to decrease the threads to a quarter of the number of CPU cores.
Find the thread you want to increase and change the value higher than 4, but not exceeding 16.
#Max number of Scan threads can be 16. #Requires service restart to apply. amdmanagement.ondemand.scan.threads=4 #Max number of AutoProtect Scan threads can be 16. #Requires service restart to apply. amdmanagement.ap.scan.threads=4
Save the file
:wq
Restart the services
service sisipsagent start service sisidsagent start service sisipsutil start service sisamddaemon start
With SEP for Linux, it is enough to start the SEP client.
Reset the policy. If only SEP Linux is applied (no DCS), you'll see the message: "Could not set policy to the most recent applied policyā€¯. This is expected.
su - sisips ./sisipsconfig.sh -s
Monitor to see if the issue reoccurs.
Additional Information
The more threads are being assigned to AP, the more load is being put on CPU, and the faster SEP accomplishes the real-time scan on target files, and the vice versa is true.