Please make sure you host requirements are met in accordance with our installation material outlined in the link below. VATD is incredibly resource demanding.
Typical issues and troubleshooting:
If all of the above check out OK pleas raise a service request and upload support bundles from both vATD's and we will be happy to work with you.
Please go ahead and open a service request with McAfee support and attach the full support bundles from both vATD's as this will enable us to perform a full diagnosis of the issue.
I opened a ticket and we had a webex session yesterday it was assumed that alot of dll files are the cause of that issue so I changed my TIE policy for those servers from which we were getting alot of these dlls but still the issue is same it shows before getting stuck CPU utilization 700%.
@IMarsh do you have any idea ?
our ATD version is 4.8.2 aur we are using host server 2016 HyperV.
Is the issue is related with HyperV?
Are you referring to syslog setting fog vATD or the scanning VM's that run on ATD?
All the options for syslogging can be found in ATD GUI under Manage>ATD Configuration>Syslog
There is no individual syslog settings to monitor scanning VM's. We do publish information on analysis results to syslog
You can send the syslogs to an off box syslogger or SIEM. Once the logs are received by the 3rd party syslogger it is the customers responsibility to parse the logs in to a readable format specific to their SIEM or syslog system. This usually involves the creation of a custom parser which would be the responsibility of the customer to create.