Help with cpu utilization - Elastic Cloud

LaserBits · July 16, 2024, 2:50pm

Hello I am new to elastic stack and need some help. I use the elastic cloud for the Siem functionality and the endpoint defend.

Everything is good but I get very high cpu utilization that makes it difficult for me to use the Siem. My node has 8gb of ram and I use frozen tier to move data. I have some prebuilt ml jobs running and I use elastic defend , network package capture and Alienvault OTX on every endpoint.

I support 55 endpoints and my cpu usage is always at 100% except some days that half the endpoints are turned off. Is it normal? Is the number of endpoints too much for my cloud deployment?

Also I would like to ask if the network packet capture is the problem here. Maybe installing it to every machine is not the optimal way to do it? Any suggestions ?

Thank you.

georgii · July 16, 2024, 5:31pm

Hi @LaserBits, I'm sorry that you're having issues with your Elastic Cloud environment. I think the best way to resolve it would be via opening a support case at Elastic Support Hub. Our support engineers will help you troubleshoot the issue and scale the deployment appropriately.

LaserBits · July 17, 2024, 8:00am

Well I did but the support said they can not offer consulting about the configuration, they help only on deployment issues.

I really would like to hear if someone had a problem like that. As I am new to elastic I need to know if the problem is the number of endpoints or something I should do in my setup. Thanks.

Topic		Replies	Views
Agent - Consume High memory Elastic Security	2	549	July 22, 2024
Issues with Elastic Agent and Defender? Endpoint Security	7	6125	May 11, 2021
Elastic endpoint high CPU usage Elastic Agent	0	212	January 10, 2025
Endpoint agent consistent 90+% CPU for some PCs Endpoint Security	16	13704	March 17, 2021
High CPU Utilization Elasticsearch	2	329	January 17, 2021

Help with cpu utilization - Elastic Cloud

Related topics