Environment
- App Control Windows Agent: All Versions
- Windows OS: All Supported Versions
Symptoms
- Parity.exe spikes the CPU to 99% once an hour for a short period of time (15 seconds)
- Procmon capture during the CPU spike shows sequential reads for cache.db and writes to cache.chk
- Events like "12:25:34 458137280 (2AC4) - CacheDatabase: Performing periodic backup" are written in the Trace.bt9 diagnostic file during the CPU spike
Cause
The agent is designed to take an hourly backup of the cache and create/update the cache.chk file locally on the endpoint. This is a designed function for agent health.
Resolution
The agent cache is a necessary part of the product and the impact of the backup cannot be reduced. However, the frequency it runs can be adjusted to prevent it from happening as often.
- Open browser to https://<servername>/agent_config.php
- Click "Add Agent Config"
- Name: Server Backup Frequency
- Host ID: 0 <Used for All Endpoints, or use the ID reference from the host details page address>
- Value: cache_backup_seconds=<time between backup in seconds, e.g. for two hours, set a value of 7200>
- Platform: Windows
- Status: Enabled
Additional Notes
- The default value for cache_backup_seconds is 3600 seconds
- the CPU spike might happen while parity.exe is scanning .msi files, but this is part of the verfication process for installers during the backup.
