Threshold Private Bytes is generating a lot of alerts with no apparent reason (NETIQKB71862)

  • Document ID:7771862
  • Creation Date:30-Sep-2009
  • Modified Date:22-Oct-2009
    • Micro Focus Products:
      Security Manager

Environment

Security Manager 5.x

Security Manager 6.0

Security Manager 6.0 SP1

Security Manager 6.0 SP2

Security Manager 6.0 SP3

Security Manager 6.0 SP4

Situation

Threshold Private Bytes is generating a lot of alerts for no apparent reason

Resolution

To resolve this you need to follow these steps:

  1. Expand processing rule groups in the Development Console
  2. Expand Security Manager Self Monitoring
  3. Expand Agent
  4. Click on Performance Processing Rules
  5. Open the Threshold Process-Private Bytes-NqSmSvc (Security Manager Agent) rule
  6. Go to the Threshold tab
  7. Modify the Threshold value to "the average of values over 10" from the current setting of "the sampled value"
  8. Optionally increase the threshold value under "Match when the threshold becomes". Ensure that this stays at "greater than".

Cause

There is a rule that looks for the memory used by the NetIQ Security Manager agent process (nqsmsvc) that only samples the value of the memory utilization once. If this sample is taken during a memory spike, it can generate a lot of alerts.

Additional Information

Formerly known as NETIQKB71862