Clearing the Application Control list and then rebooting helped with the CPU usage issue.
Also, policy-based client security upgrades and .msi packet exporting started working again.
We had 34000+ lines of mostly obsolete weight in the App Control list...
I have same problem since upgrade to 12.40 on 2012 R2, Java 8u131
CPU = 4 vCPU
MEM = 8 Gb
Now I've uninstall Java 8u131 and reinstal FSPMS12.40 - it help for 10-20 minutes.
Curently after system start CPU goes to 70-90% Java Platform SEbinary process (no Java installed so its probebly from FSPMS enviroment)
Status Monitor is showing HTTP/HTTP/Webreporting: The operation timeout
Cant login to server, cant delete policies
Janne_M, message "Setting the policy variable 22.214.171.124.4.1.2126.96.36.199.188.8.131.52 (error=-505) was not successful" is caused by "Disallow user changes" checkbox for the specified policy. Seems like UI editor at the client ignores this flag and allows to add exclusions, but as expected can not save the policies with specified error as a side effect.
tomczaki, PM is distributed with java inside so even no need to install it separately.
CPU goes to 100% once client requests policy generation. To avoid that, make sure clients do not reach PM after the service start, for instance stop the network interface or change host module ports. Clean app control rules, distribute policies and revert network changes back. If you stopped the network interface, even no need to restart PM service once network is back, but port changes require restart.
Finally, we succeeded to identify the reason. The root cause was in Spring’s bug with data buffers, which reallocated buffer byte-by-byte if initial capacity (256K) was over. So, if BPF size exceeded this size, it caused constant buffer reallocations.
Hotfixes for PM 12.40 are ready and available at following pages:
Any chance you coudl re-release the 12.40 installer with the embedded patch. Just to avoid confusion and forcing people to update just freshly released software version.
You can ignore my post, I have not seen your reply to the identical request.
I don't see an option to remove once posted reply
This topic has been closed due to inactivity. If you would like to discuss this topic further, please start a new post.
You can reference this topic in your post by adding this link:
Visit the Community
Check our Forums or How-to & FAQs for advice or answers
View User Guides
Refer to our getting started guides and product manuals
Talk to our Support agents and get answers to your questions