Forum Discussion
AnthonySomerset
Sep 09, 2023Copper Contributor
Managing Config on Linux - supplementary_events_subsystem
Hi There we have found that with the default config of the supplementary_events_subsystem set to auditd - CPU usage gets high on busier systems We manually set to ebpf via CLI when we detect ...
Tempest62
Dec 02, 2023Copper Contributor
I am also wondering about this and would welcome a response from Microsoft.
Can somebody help?!
Can somebody help?!
AnthonySomerset
Jan 31, 2024Copper Contributor
Tempest62and everyone else It looks like microsoft has listened or it was on their roadmap all along but looks like we can configure it in the config just like other settings now, its also now enabled by default on updated versions of MDATP which is cool
- Tempest62Feb 13, 2024Copper Contributor
Thanks for mentioning this AnthonySomerset.
Do you have the setting in place and appearing as '[Managed]' if you query mdatp? I had a first pass at it a couple of weeks ago but wherever I placed the recommended block in my mdatp_managed.json file was either incorrect or missing a dependency as it knocked out all other managed settings.