cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Pinard
Level 8
Report Inappropriate Content
Message 1 of 4

Windows SIEM event Collector memory usage

Hi

Our infrastructure team is concerned about the memory usage of the SIEM event collector process running on our Windows domain controller. Actually, the process is using 800Mo out of 4 Go. Did anyone know if using that much memory is normal?  Is there a rule of thumb to determine the memory requirement considering the amount of event reported?

Thanks.

3 Replies
rth67
Level 12
Report Inappropriate Content
Message 2 of 4

Re: Windows SIEM event Collector memory usage

We do not have it running on any DC's, using WMI pulls, we do have it on a handful of servers for log tailing purposes, as well as a few test Laptops. Mine is using about 10MB (10,020K) on my Laptop out of 4GB. I will try to look at some of the Servers to see if the memory usage is the same.

Pinard
Level 8
Report Inappropriate Content
Message 3 of 4

Re: Windows SIEM event Collector memory usage

Thank you for your answer rth67. Have you been able to look at memory usage on your Servers?

rth67
Level 12
Report Inappropriate Content
Message 4 of 4

Re: Windows SIEM event Collector memory usage

I had one of our windows engineers check a couple of the Servers that were running the Agent, they were using 11.5KB and 12.4KB, mine locally fluctuates, currently down at 6.8KB, I have seen it as high as 12KB

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community