Environment
- App Control Agent: All Versions
- DTEX Intercept application: All Versions
- Linux: All Supported Versions
Symptoms
Top command consistently reports high CPU usage with b9daemon process, at times as high as 80% usage.
Cause
App Control Agent is tracking file operations being performed by DTEX processes.
Resolution
Add 'kernelProcessExclusions' parameter for Agent(s) per following steps:
- Open following URL -> https://<app_control_ servername>/agent_config.php
- Select 'Add Agent Config'
- Add following information, then select Save:
a. Property Name: kernelProcessExclusions for dtex
b. Value: kernelProcessExclusions=/opt/dtex/*:4192127
c. Host Id: 0
d. Platform: Linux
e. Status: Enabled
f. Create For: All Current and Future Policies (Note: If needed, 'Selected policies' can also be used)
Additional Notes
- The '4192127' value will ignore all file operations except Execute and ScriptExecute.
- The value of '2094975' should be used for Agents on v7.2.2 and below
- Enter host_id of Agent to test on specific machine
Related Content