cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted

McAfee Smart agent causing issues with ElasticSearch cluster

I installed the McAfee Smart Agent on some Centos7 servers that are part of an Elasticsearch cluster, which I believed installed MFEcma 5.5.0 and End Point Security Threat Prevention (ISecTP) version 10.2.0

The install seemed to go OK, and the services started.  We noticed some sluggishness with loading data into Elasticsearch and after about 18 hours the Elasticsearch database crashed.  Several attempts to restart and rebuild the DB we attempted with no success.  The rebuild would be panfully slow and would eventually bring the CPU load on one of the nodes to a point where we would have to cycle power.

I stopped the cms and isectp agents on the elasticsearch nodes and the recovery was able to complete in very short time with no issues.

Is there as way to configure these agents to exclude looking at certain directories or file systems?  I will admit I was instructed to install these by my employer (federal govt) and have little insight to how they should function.

Any help would be greatly appreciated

 

Tags (4)
More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator