AnsweredAssumed Answered

CPU Overload Issues due to Qualys Scan

Question asked by Kshitish Pradhan on May 21, 2015
Latest reply on May 22, 2015 by Robert Dell'Immagine

We are trying to resolve an issue with a server for which Qualys scanning is causing to peak in CPU load and the server is not usable.  During the investigation, we have identified that when Qualys is scanning the server appears to spawn a bunch of "rpmq" processes which appears to cause the CPU load to spike up.

 

I believe that Qualys is spawning these rpmq processes to query the software installed on the server for version info.  I also read a post somewhere that if rpmq is causing high CPU load is due to the fact that the rpm database on the server maybe corrupt and needs to be rebuilt.


The scan is not impacting the CPU utilization on other servers with same configuration and running same OS.

(OS: Red Hat Enterprise Linux Server 5.11)


<CPU usage of “rpmq” during scan>

PID USER PR NI VIRT RES SHR S %CPU %MEM COMMAND

8895 root 18 0 114m 6832 4308 R 37.2 0.1 rpmq

9039 root 18 0 114m 6884 4304 R 80.4 0.1 rpmq

9204 root 18 0 114m 6820 4308 R 41.1 0.1 rpmq

9353 root 18 0 114m 6828 4308 R 41.6 0.1 rpmq

9494 root 18 0 114m 6832 4308 R 54.2 0.1 rpmq

9590 root 18 0 114m 7080 4316 R 100 0.1 rpmq

9750 root 18 0 114m 7060 4304 R 100 0.1 rpmq

9879 root 18 0 114m 7104 4304 R 99.4 0.1 rpmq

10038 root 18 0 114m 7100 4304 R 99.3 0.1 rpmq


Any suggestion on the issue is much appreciated.


Thanks,

Kshitish


Outcomes