Hi all! First time posting here and it sucks that it is about a problem. Anyways, I have a UTM 110 that will randomly spike to almost 100% every 15 or so minutes. I have searched the forums for an answer but nothing really relevant was helpful. Here is my CPU usage graphs:
It seems that something happened around the 15th or 16th of May. But I have not made any changes around those dates.
Here is a process list:
[code]
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND root 2 0.0 0.0 0 0 ? S Jun07 0:00 [kthreadd] root 3 0.0 0.0 0 0 ? S Jun07 0:03 \_ [ksoftirqd/0] root 4 0.0 0.0 0 0 ? S Jun07 0:00 \_ [kworker/0:0] root 5 0.0 0.0 0 0 ? S< Jun07 0:18 \_ [kworker/0:0H] root 7 0.0 0.0 0 0 ? S Jun07 0:00 \_ [migration/0] root 8 0.0 0.0 0 0 ? S Jun07 0:01 \_ [rcu_bh] root 9 0.2 0.0 0 0 ? S Jun07 1:54 \_ [rcu_sched] root 10 0.0 0.0 0 0 ? S Jun07 0:00 \_ [migration/1] root 11 0.0 0.0 0 0 ? S Jun07 0:03 \_ [ksoftirqd/1] root 13 0.0 0.0 0 0 ? S< Jun07 0:00 \_ [kworker/1:0H] root 14 0.0 0.0 0 0 ? S< Jun07 0:00 \_ [khelper] root 123 0.0 0.0 0 0 ? S< Jun07 0:00 \_ [writeback] root 126 0.0 0.0 0 0 ? S< Jun07 0:00 \_ [bioset] root 127 0.0 0.0 0 0 ? S< Jun07 0:00 \_ [crypto] root 129 0.0 0.0 0 0 ? S< Jun07 0:00 \_ [kblockd] root 233 0.0 0.0 0 0 ? S Jun07 0:00 \_ [khubd] root 241 0.0 0.0 0 0 ? S< Jun07 0:00 \_ [edac-poller] root 362 0.0 0.0 0 0 ? S Jun07 0:25 \_ [kswapd0] root 423 0.0 0.0 0 0 ? SN Jun07 0:02 \_ [khugepaged] root 425 0.0 0.0 0 0 ? S Jun07 0:00 \_ [fsnotify_mark] root 1054 0.0 0.0 0 0 ? S< Jun07 0:00 \_ [deferwq] root 1139 0.0 0.0 0 0 ? S< Jun07 0:00 \_ [ata_sff] root 1154 0.0 0.0 0 0 ? S Jun07 0:00 \_ [scsi_eh_0] root 1157 0.0 0.0 0 0 ? S Jun07 0:00 \_ [scsi_eh_1] root 1160 0.0 0.0 0 0 ? S Jun07 0:00 \_ [scsi_eh_2] root 1192 0.0 0.0 0 0 ? S Jun07 0:00 \_ [scsi_eh_3] root 1195 0.0 0.0 0 0 ? S Jun07 0:00 \_ [scsi_eh_4] root 1629 0.0 0.0 0 0 ? S< Jun07 0:00 \_ [kworker/0:1H] root 1713 0.0 0.0 0 0 ? S< Jun07 0:18 \_ [kworker/1:1H] root 2281 0.2 0.0 0 0 ? S Jun07 1:59 \_ [kworker/1:2] root 2334 0.0 0.0 0 0 ? S Jun07 0:01 \_ [jbd2/sda6-8] root 2335 0.0 0.0 0 0 ? S< Jun07 0:00 \_ [ext4-rsv-conver] root 2693 0.0 0.0 0 0 ? S Jun07 0:00 \_ [jbd2/sda1-8] root 2694 0.0 0.0 0 0 ? S< Jun07 0:00 \_ [ext4-rsv-conver] root 2695 0.0 0.0 0 0 ? S Jun07 0:03 \_ [jbd2/sda5-8] root 2696 0.0 0.0 0 0 ? S< Jun07 0:00 \_ [ext4-rsv-conver] root 2697 0.0 0.0 0 0 ? S Jun07 0:03 \_ [jbd2/sda7-8] root 2698 0.0 0.0 0 0 ? S< Jun07 0:00 \_ [ext4-rsv-conver] root 2699 0.0 0.0 0 0 ? S Jun07 0:00 \_ [jbd2/sda8-8] root 2700 0.0 0.0 0 0 ? S< Jun07 0:00 \_ [ext4-rsv-conver] root 3839 0.0 0.0 0 0 ? S< Jun07 0:00 \_ [redd] root 7734 0.2 0.0 0 0 ? S Jun07 1:44 \_ [kworker/0:2] root 26568 0.0 0.0 0 0 ? S 04:31 0:00 \_ [kworker/1:0] root 32241 0.0 0.0 0 0 ? S 06:42 0:03 \_ [kworker/u4:2] root 32576 0.0 0.0 0 0 ? S 06:49 0:03 \_ [kworker/u4:1] root 1 0.0 0.0 1932 540 ? Ss Jun07 0:01 init [3] root 2396 0.0 0.0 2524 444 ? S<s Jun07 0:00 /sbin/udevd --daemon root 3824 0.0 0.0 2520 392 ? S< Jun07 0:00 \_ /sbin/udevd --daemon root 3825 0.0 0.0 2520 288 ? S< Jun07 0:00 \_ /sbin/udevd --daemon root 2964 0.0 0.0 1948 400 ? Ss Jun07 0:00 /usr/sbin/acpid -c /etc/acpi/events -s /var/run/acpid.socket 200 2977 0.0 0.0 2616 220 ? Ss Jun07 0:00 /bin/dbus-daemon --system 201 3194 0.0 0.0 6460 1332 ? Ss Jun07 0:01 /usr/sbin/hald --daemon=yes root 3195 0.0 0.0 3680 608 ? S Jun07 0:00 \_ hald-runner root 3216 0.0 0.0 5588 516 ? S Jun07 0:00 \_ hald-addon-input: Listening on /dev/input/event0 /dev/input root 3231 0.0 0.0 5600 524 ? S Jun07 0:00 \_ /usr/lib/hal/hald-addon-cpufreq 201 3232 0.0 0.0 5324 436 ? S Jun07 0:00 \_ hald-addon-acpi: listening on acpid socket /var/run/acpid.s root 3271 0.0 0.0 6256 208 ? Ss Jun07 0:28 /sbin/haveged -w 1024 -v 0 root 3295 0.0 1.3 51944 28748 ? Ss Jun07 0:44 confd [master] root 3296 0.0 0.0 1912 536 ? S Jun07 0:00 \_ logger -p daemon.debug -t confd[3295] root 3571 0.0 1.3 51696 26844 ? S Jun07 0:14 \_ confd [listener] root 12773 12.1 1.9 63940 41048 ? S 11:25 0:05 \_ confd [worker:prpc:webadmin] root 12850 33.3 0.0 2736 944 ? R 11:26 0:00 | \_ ps auxwf root 12810 2.7 0.0 0 0 ? Z 11:25 0:00 \_ [confd.plx] <defunct> root 3310 0.0 0.0 1912 380 ? Ss Jun07 0:00 /usr/local/bin/confd-queuer root 3322 0.0 0.2 8080 5656 ? Ss Jun07 0:04 confd-qrunner.pl root 3356 0.0 0.2 8976 5372 ? S Jun07 0:25 /usr/local/bin/sysmond root 3438 0.0 0.6 17252 13880 ? S Jun07 0:00 /var/aua/aua.bin root 3439 0.0 0.0 1912 244 ? S Jun07 0:00 \_ logger -p daemon.debug -t aua[3438] root 12774 0.3 0.0 0 0 ? Z 11:25 0:00 \_ [aua.bin] <defunct> rrdcache 3613 0.0 0.0 107772 1280 ? Ssl Jun07 0:22 /usr/bin/rrdcached -l unix:/var/run/rrdcached/socket -m 777 -b /var at 3640 0.0 0.0 2360 316 ? Ss Jun07 0:00 /usr/sbin/atd root 3663 0.0 0.0 2236 268 ? Ss Jun07 0:00 /usr/local/bin/asg_ha_zeroconf root 3682 0.0 0.5 14268 10328 ? S Jun07 0:03 /usr/local/bin/notifier.plx -d postgres 3732 0.0 1.8 573680 37380 ? S Jun07 0:05 /usr/pgsql92/bin/postgres -D /var/storage/pgsql92/data postgres 3734 0.1 25.5 574208 527716 ? Ss Jun07 1:28 \_ postgres: checkpointer process postgres 3735 0.0 4.8 573940 99340 ? Ss Jun07 0:14 \_ postgres: writer process postgres 3736 0.1 0.8 573940 17232 ? Ss Jun07 1:13 \_ postgres: wal writer process postgres 3737 0.0 0.1 574952 2308 ? Ss Jun07 0:16 \_ postgres: autovacuum launcher process postgres 3738 0.0 0.0 7984 724 ? Ss Jun07 0:00 \_ postgres: archiver process last was 000000010000004B00000051 postgres 3739 0.0 0.0 8552 1184 ? Ss Jun07 0:45 \_ postgres: stats collector process postgres 4428 3.1 14.5 577556 300188 ? Ss Jun07 24:09 \_ postgres: reporting reporting [local] idle postgres 4679 0.0 0.2 576988 5296 ? Ss Jun07 0:00 \_ postgres: smtp smtp 127.0.0.1(59414) idle postgres 4743 0.0 0.2 576868 4744 ? Ss Jun07 0:00 \_ postgres: smtp smtp 127.0.0.1(59416) idle postgres 14522 0.0 0.2 576868 4184 ? Ss 00:00 0:00 \_ postgres: reporting reporting [local] idle postgres 14523 0.0 0.5 578004 12128 ? Ss 00:00 0:00 \_ postgres: reporting reporting [local] idle postgres 14576 0.0 0.2 577020 5208 ? Ss 00:00 0:00 \_ postgres: hotspot hotspot [local] idle postgres 14591 0.0 0.2 577020 4940 ? Ss 00:00 0:00 \_ postgres: hotspot hotspot [local] idle postgres 15262 0.4 0.3 576988 6220 ? Ss 00:15 2:48 \_ postgres: smtp smtp 127.0.0.1(60364) idle root 3788 0.1 1.8 41984 37872 ? S Jun07 1:05 /var/mdw/mdw.plx root 3830 0.0 0.0 1912 532 ? S Jun07 0:00 \_ logger -p daemon.debug -t middleware[3788] root 3817 0.0 0.0 1936 412 ? Ss Jun07 0:00 runsvdir -P /etc/service log: ..................................... root 3823 0.0 0.0 1792 220 ? Ss Jun07 0:00 \_ runsv selfmonng root 3826 1.4 0.4 11728 9608 ? S Jun07 11:34 \_ /usr/local/bin/selfmonng.plx root 3832 0.0 0.3 11468 7444 ? S Jun07 0:00 \_ [timewarp check] root 3818 0.0 0.0 2440 800 tty1 Ss+ Jun07 0:00 /sbin/mingetty --no-hostname tty1 root 3819 0.0 0.0 2440 800 tty2 Ss+ Jun07 0:00 /sbin/mingetty --no-hostname tty2 root 3820 0.0 0.0 2440 804 tty3 Ss+ Jun07 0:00 /sbin/mingetty --no-hostname tty3 root 3821 0.0 0.0 2440 780 tty4 Ss+ Jun07 0:00 /sbin/mingetty --no-hostname tty4 root 3822 0.0 0.0 2160 696 ttyS0 Ss+ Jun07 0:00 /sbin/mingetty ttyS0 root 4130 0.0 0.0 1916 464 ? Ss Jun07 0:00 /usr/local/bin/nwd root 4217 0.0 0.0 2380 764 ? Ss Jun07 0:00 /usr/sbin/cron root 4271 0.0 0.0 4960 772 ? Ss Jun07 0:00 /usr/sbin/sshd -f /etc/ssh/sshd_config root 4279 0.0 1.3 54616 28460 ? Ssl Jun07 0:44 /usr/sbin/named -4 root 4297 0.0 0.4 12444 10084 ? Ss Jun07 0:45 dns-resolver.plx root 4379 0.0 0.0 9776 1208 ? Ss Jun07 0:02 /bin/httpd -f /etc/httpd/httpd.conf root 4382 0.0 0.0 1912 72 ? S Jun07 0:00 \_ /bin/logger -t httpd -p local6.notice wwwrun 4383 0.0 0.0 9688 1168 ? S Jun07 0:00 \_ /bin/httpd -f /etc/httpd/httpd.conf wwwrun 12359 1.9 4.1 88684 86380 ? S 11:15 0:12 | \_ /var/webadmin/webadmin.plx wwwrun 12378 1.5 3.4 73588 71284 ? S 11:15 0:09 | \_ /var/webadmin/webadmin.plx wwwrun 10546 0.0 0.1 10212 3928 ? S 10:41 0:00 \_ /bin/httpd -f /etc/httpd/httpd.conf wwwrun 12380 0.0 0.1 10204 3904 ? S 11:15 0:00 \_ /bin/httpd -f /etc/httpd/httpd.conf wwwrun 12782 0.0 0.1 10240 3632 ? S 11:25 0:00 \_ /bin/httpd -f /etc/httpd/httpd.conf root 4422 1.8 0.1 32020 2572 ? S<sl Jun07 14:39 /usr/sbin/ulogd -c /etc/ulogd.conf -d root 4431 0.0 0.0 3812 300 ? S Jun07 0:00 supervising syslog-ng root 4432 1.0 0.6 17924 13004 ? Ss Jun07 8:18 \_ /usr/sbin/syslog-ng -f /etc/syslog-ng.conf root 14496 6.8 1.1 28628 24236 ? S 00:00 46:50 \_ /usr/bin/perl /usr/local/bin/reporter/pfilter-reporter.pl root 14497 0.0 1.2 30500 25908 ? S 00:00 0:09 \_ /usr/bin/perl /usr/local/bin/reporter/admin-reporter.pl root 14498 0.0 0.0 37324 1188 ? Sl 00:00 0:03 \_ /usr/local/bin/reporter/vpn-reporter.pl root 14499 0.0 0.0 29632 1600 ? Sl 00:00 0:03 \_ /usr/local/bin/reporter/websec-reporter.pl root 14501 0.0 0.5 16672 12164 ? S 00:00 0:03 \_ /usr/bin/perl /usr/local/bin/reporter/mailsec-reporter.pl root 14502 0.0 0.6 16824 12448 ? S 00:00 0:03 \_ /usr/bin/perl /usr/local/bin/reporter/ips-reporter.pl root 14507 0.0 0.0 28488 1172 ? Sl 00:00 0:02 \_ /usr/local/bin/reporter/websec-reporter.pl -e root 14509 0.0 0.6 17264 12820 ? S 00:00 0:03 \_ /usr/bin/perl /usr/local/bin/reporter/waf-reporter.pl afcd 4516 2.2 0.9 42252 18784 ? S<sl Jun07 17:11 /usr/sbin/afcd root 4640 0.3 1.5 66904 32440 ? Ss Jun07 2:54 smtpd [master] root 4677 0.0 1.2 39620 26232 ? S Jun07 0:09 \_ smtpd [queue manager] root 4678 0.0 1.2 39620 26044 ? S Jun07 0:00 \_ smtpd [sandbox_watcher] smtp 4745 0.0 0.1 9188 2148 ? S Jun07 0:07 \_ /bin/exim -DINPUT -bdf 810 5095 0.1 4.0 133560 82732 ? Ss Jun07 1:11 /var/chroot-http/opt/ws/bin/urid --chroot /var/chroot-http --user 8 root 5218 0.0 0.1 6732 4096 ? S Jun07 0:03 ddclient - sleeping for 120 seconds root 5323 0.0 0.0 4052 1152 ? Ss Jun07 0:13 /usr/sbin/irqd 810 5386 2.3 10.4 518868 214768 ? Ssl Jun07 18:16 /var/chroot-http/usr/bin/httpproxy -f -c /var/chroot-http -u httppr root 5514 0.0 0.0 6240 1188 ? Ss Jun07 0:00 /usr/libexec/postfix/master -w postfix 12251 0.0 0.0 6304 1536 ? S 11:13 0:00 \_ pickup -l -t unix -u -c postfix 12252 0.0 0.0 6360 1544 ? S 11:13 0:00 \_ qmgr -l -t unix -u -c root 5710 0.0 0.3 10232 6784 ? Ss Jun07 0:00 /usr/sbin/dhcpd -cf /etc/dhcpd.conf eth0 root 9977 0.0 0.2 8340 4640 ? Ss Jun07 0:00 /usr/sbin/dhclient -nw -cf /etc/eth1.conf -lf /var/db/eth1.leases - root 10155 0.0 0.0 13436 684 ? Ss Jun07 0:04 /sbin/ntpd
[/CODE]
One process that seems to spike a bunch is
[code]postgres 14522 0.0 0.2 576868 4184 ? Ss 00:00 0:00 \_ postgres: reporting reporting[/code]
If you need anything else to assist in figuring this out, let me know!
Thanks!
This thread was automatically locked due to age.
