This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
HeikoAnkenbrand
MVP Platinum
MVP Platinum
‎2020-10-17 12:18 PM

R80.40 - Performance Tuning Tip - CPU Spike Detective

The CPU Spike Detective is a tool running only on Gaia OS 3.10  that monitors the system CPU usage and checks for CPU utilization spikes. This tool is introduced starting from R80.40 JHF 69.

How does the spike detective work:

A spike in a CPU core utilization is considered when these conditions are met:

- CPU utilization is over 80% (this threshold is configurable)
- CPU utilization of the specific CPU core is at least 1.5 times higher than the entire system average usage (this threshold is configurable).

This ensures that a highly utilized system (for example, during a performance testing) will not detect all CPU cores as "spiked".

A thread/process is considered as "spiked" if it meets the below conditions:
- Running on a "spiked" CPU core
- Utilization is over 70% (this threshold is configurable)
- Utilization is at least 1.5 times higher than the system average (this threshold is configurable)

Tip 1

The Thread-Spikes information can be reviewed:
# cpview                ->   CPView > CPU > Spikes > Thread-Spikes                            

Tip 2

The CPU-Spikes information can be reviewed:
# cpview               ->   CPView > CPU > Spikes > CPU-Spikes

More read here:
SK166454 

➜ CCSM Elite, CCME, CCTE ➜ www.checkpoint.tips
7 Replies
nils_alfer
Contributor
‎2020-10-18 09:21 AM

With this you can easily find CPU spikes. Is it possible to analyse this over time and output the values in a table?

G_W_Albrecht
MVP Silver
MVP Silver
‎2020-10-18 01:48 PM
In response to nils_alfer

From SK166454  it seems the only source is /var/log/spike_detective/spike_detective.log as CPView only has the last minute. And how to find the culprit process without External Stats Collector if this CPU is nothing special?

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
nils_alfer
Contributor
‎2020-10-19 12:17 AM
In response to G_W_Albrecht

tnx

0 Kudos
sapirna
Employee Alumnus
Employee Alumnus
‎2020-10-21 08:47 AM
In response to nils_alfer

CPU spike detective saves spikes’ history across time in the spike_detective.log file and in cpview _services (accessible using the command ‘cpview –t’).
The tool may also extract perf records during the spike which are saved in the /var/log/spike_detective/ directory (same location as the log), which greatly assist in locating the process and/or flow which ran during the spike.

T_Westwood
Participant
‎2020-11-01 04:16 AM
In response to sapirna

Nice tool!

0 Kudos
charlie_h
Participant
‎2020-12-05 11:04 PM

Is also a network Spike Detective available?

0 Kudos
G_W_Albrecht
MVP Silver
MVP Silver
‎2020-12-06 01:22 AM
In response to charlie_h

Same Tool ! Look ony at the CPU/core(s) that work as SND(s) and - voilà ! - here is Network Spike Detective 8)

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events