cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted

McAfee Smart agent causing issues with ElasticSearch cluster

I installed the McAfee Smart Agent on some Centos7 servers that are part of an Elasticsearch cluster, which I believed installed MFEcma 5.5.0 and End Point Security Threat Prevention (ISecTP) version 10.2.0

The install seemed to go OK, and the services started.  We noticed some sluggishness with loading data into Elasticsearch and after about 18 hours the Elasticsearch database crashed.  Several attempts to restart and rebuild the DB we attempted with no success.  The rebuild would be panfully slow and would eventually bring the CPU load on one of the nodes to a point where we would have to cycle power.

I stopped the cms and isectp agents on the elasticsearch nodes and the recovery was able to complete in very short time with no issues.

Is there as way to configure these agents to exclude looking at certain directories or file systems?  I will admit I was instructed to install these by my employer (federal govt) and have little insight to how they should function.

Any help would be greatly appreciated

 

Tags (4)
More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community