Hello,
I'm having 20% of CPU usage in a brand fresh Ubuntu installation. I'm running under Fleet so I'm not sure where to start/debug.
Any advice?
Thanks!
Gustavo,
Is the Elastic agent the one consuming 20% of CPU? Could you share a dump of a top command so we can check that?
Thanks @riferrei what should I look for? I already asked for that output. I also requested the fleet log files, I just want to make progress while you come back again.
Thanks
Right now, what I want to verify is how much from the CPU usage is coming from the Elastic Agent, given there is no workload in the node. So you may want to take several top commands dumps to compare, in intervals of 5 minutes each. This will help clarify if the CPU usage results from processing spikes, anomalies, or something else. The log files will be helpful to correlate these events and see if the pattern match up.
Hello @riferrei and thanks. I have the logs now and I will start debugging.
Top command
Problem is also happening with windows machines and Filebeat.
- My understanding is each logs integration will create a filebeat process, and that's fine but not the 30% CPU usage.
- You cant customize filebeat scanning if you use Fleet. Could be a reason that the logs folder has too many files even if only the last ones are being used? Is a solution to manually move the older log files out? or filebeat is nos scanning everything by default on Fleet?
- I read some Windows defender issues related to endpoint, does this apply to agent too? (adding an exception for the exe file and the logs directory to avoid resource dispute)
Fleet logs attached (files too big)
Thanks
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.