search cancel

Logs collection for cases where sisamddaemon CPU usage is high

book

Article ID: 240455

calendar_today

Updated On:

Products

Endpoint Security Endpoint Protection Data Center Security Server

Issue/Introduction

Logs collection for cases where sisamddaemon CPU usage is high

Environment

Symantec Endpoint Protection - Symantec Linux Agent (SEP Linux)

Data Center Security Server (DCS)

Resolution

For this additional profile log needs to be enabled and collected from affected machine

Please note down time of high cpu usage and capture corresponding AMD trace logs along with profile log file

su - sisips -c "/opt/Symantec/sdcssagent/IPS/sisipsconfig.sh -approfile 10"
/var/log/sdcsslog/amdlog/profile.log
Additionally please enable "debug" logging for cafservice with below steps
Stop CAF Agent
/etc/init.d/cafagent stop
Enable Debug Logging
vim /opt/Symantec/cafagent/bin/cafservicemain.properties
# Loggers
logging.loggers.root.level = debug
Start CAF Agent
/etc/init.d/cafagent start

Additional Information

For command line options available to the sisipsconfig tool ,please refer : https://knowledge.broadcom.com/external/article/151857/command-line-options-for-the-sisipsconfi.html