We have recently started testing the endpoint product built in to Elastic and have noticed a considerable amount of CPU usage as well as higher memory utilization than one would expect. The CPU usage seems to mostly come from the Malware protections because when disabling that it will calm down, but we are also seeing north of 600MB+ in memory utilization. To compare to another product such as FortiEDR we are utilizing around 100MB of memory.
With the Malware protections enabled we can constantly see between 16% to high 40% utilization on a virtual server with 6vCPU, 40GB of memory and 10 disconnected sessions with 1 active session. In my testing it doesn't actually seem to matter the amount of users that are logged in and it will still use quite a bit of CPU than it should.
I haven't noticed as bad of CPU utilization on client operating systems but honestly I have mostly been testing it on RDS environments. I see other posts about this from the beginning of 2021 with the same issue but I didn't really see any solutions.
Is anyone else having this issue or tricks to get it to calm down on the usage other than disabling malware protection?