Title: CPU / Memory usage is high/very high on Malware Prevention Service VM
Event ID: malware_prevention_health.service_vm_cpu_usage_high, malware_prevention_health.service_vm_cpu_usage_very_high, malware_prevention_health.service_vm_memory_usage_high malware_prevention_health.service_vm_memory_usage_very_high
Added in release: NSX 4.1.2
Alarm Description
- Symptom: Following is observed on NSX UI: Alarms dashboard shows "Service VM CPU Usage High" or "Service VM CPU Usage Very High" or "Service VM Memory Usage High" or "Service VM Memory Usage Very High". On Alarm description, transport node name for which usage is high is mentioned.
- Cause: When Malware Prevention SVM is under severe load of analysing files, we may see this issue when memory/cpu utilization has crossed threshold set for high usage (80% is default) or very high usage (90%) over 10 minutes .
Resolution:Migrate some VMs which are generating lot of file events away from the affected host to reduce the load on the SVM.
One way to identify VMs generating lot of file events is to go on NSX Manager UI Screen
Security > Malware Prevention > All Files
and look for VMs on the ESX host that has lot of file events in progress and then vmotion those VMs
Maintenance window required for remediation?No