Forum Discussion
Linux Defender Update using allot of memory up to exhaustion ?
Has anyone notice that latest Linux Defender update been using allot of memory and causing high cpu.
Thanks Roger.
- aldema1000Copper Contributor
We're facing the same issue. Mainly memory issues. Servers are allocating more and more RAM and will not free it, causing oom to kill business app processes. Case has been already opened in the past because we saw RAM allocation was slightly increasing over time (for example within 3 month from 800MB to 3GB) and did not free RAM - however after installing the last upgrade it increased much faster (within days). On one server (ldap) we faced an increasment of factor 10 from 1600MB to 16GB within a few days.
CPU issues mainly caused by audisp_plugin process seemed to be resolved by adding auditd exclusions for specific processes that have been identified as top initiators via XMDEClientAnalyzer log collector.- roger_jrCopper Contributor
Thanks for sharing. We opened a ticket with support, but we needed to restart all our Linux Agents.
I did find this link on Reddit and someone from Azure Support stated they open a defect. But I'm waiting for confirmation from Support. https://www.reddit.com/r/DefenderATP/comments/thb0pq/memory_consumption_in_mdatp_service_for_linux/
- aldema1000Copper Contributor
We've also restarted the defender services but the issue came back immediately (increased and 3 days later oom killed again processes). Is it stable now at your side?