Logs collection for cases where sisamddaemon CPU usage is high
search cancel

Logs collection for cases where sisamddaemon CPU usage is high

book

Article ID: 240455

calendar_today

Updated On:

Products

Endpoint Security Endpoint Protection Data Center Security Server

Issue/Introduction

Logs collection for cases where sisamddaemon CPU usage is high

Environment

Symantec Endpoint Protection - Symantec Linux Agent (SEP Linux)

Data Center Security Server (DCS)

Resolution

For this additional profile log needs to be enabled and collected from affected machine. Please note down the time of high CPU usage and capture corresponding AMD trace logs along with profile log file and cafagent debug logs. From root command line:

 

Enabling AMD trace logging:

service sisamdagent stop

Then edit: /opt/Symantec/sdcssagent/AMD/system/AntiMalware.ini, and set:

amdmanagement.antimalware.trace.level=trace
service sisamdagent start

 

Enabling cafagent debug logging:

service cafagent stop

Then edit: /opt/Symantec/cafagent/bin/cafservicemain.properties, and set:

logging.loggers.root.level = debug

service cafagent start

 

Capturing profile logging:

su - sisips -c "/opt/Symantec/sdcssagent/IPS/sisipsconfig.sh -approfile 10"

This will generate 10 minutes of debug logging to /var/log/sdcsslog/amdlog/profile.log

NOTE: Auto-Protect must be enabled on the agent to generate profile logging.

Additional Information

For command line options available to the sisipsconfig tool please see: Command line options for the sisipsconfig tool

Powered by Wolken Software