000031810 - How to collect the server memory, CPU, and hard disk utilization data on an RSA Security Analytics appliance

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 6Show Document
  • View in full screen mode

Article Content

Article Number000031810
Applies ToRSA Product Set: Security Analytics
RSA Product/Service Type: Decoder, Log Decoder, Concentrator, Broker, Archiver, Event Stream Analysis (ESA), Malware Analysis, Security Analytics Server
RSA Version/Condition: All Versions
Platform: CentOS
O/S Version: EL5, EL6
  • Some processes cause a memory leak.
  • Degraded performance due to lack of memory.
  • Degraded performance because memory is drained by one major parent process.
  • CPU is over utilized.
  • Hard disk is filling up with large files.
TasksTo use the serv_mon.sh script (attached to this article), perform the steps below.
  1. Copy the serv_mon.sh file to your server machine using scp.
  2. Login to the appliance as the root user, make the script executable, and execute the script as shown below..
chmod +x serv_mon.sh

NOTE:  This script must be executed as the root user and Python 2.x or later must be installed on the appliance.
NotesThis script prints a human readable table with the collective memory utilization for each parent process separately, and performs the following:
  • It shows info about CPU, CPU utilization.
  • It shows disk space usage for each partition, the largest 10 files on the system.
  • It collects /proc/meminfo.
  • It collects the output of the vmstat command.
  • It watches free –m according to a user specified time interval.
User-added image
User-added image
User-added image
User-added image