- Products
- Learn
- Local User Groups
- Partners
- More
Check Point Jump-Start Online Training
Now Available on CheckMates for Beginners!
Why do Hackers Love IoT Devices so Much?
Join our TechTalk on Aug 17, at 5PM CET | 11AM EST
Welcome to Maestro Masters!
Talk to Masters, Engage with Masters, Be a Maestro Master!
ZTNA Buyer’s Guide
Zero Trust essentials for your most valuable assets
The SMB Cyber Master
Boost your knowledge on Quantum Spark SMB gateways!
As YOU DESERVE THE BEST SECURITY
Upgrade to our latest GA Jumbo
CheckFlix!
All Videos In One Space
The CPU Spike Detective is a tool running only on Gaia OS 3.10 that monitors the system CPU usage and checks for CPU utilization spikes. This tool is introduced starting from R80.40 JHF 69.
How does the spike detective work:
A spike in a CPU core utilization is considered when these conditions are met:
- CPU utilization is over 80% (this threshold is configurable)
- CPU utilization of the specific CPU core is at least 1.5 times higher than the entire system average usage (this threshold is configurable).
This ensures that a highly utilized system (for example, during a performance testing) will not detect all CPU cores as "spiked".
A thread/process is considered as "spiked" if it meets the below conditions:
- Running on a "spiked" CPU core
- Utilization is over 70% (this threshold is configurable)
- Utilization is at least 1.5 times higher than the system average (this threshold is configurable)
Tip 1
The Thread-Spikes information can be reviewed:
# cpview -> CPView > CPU > Spikes > Thread-Spikes
Tip 2
The CPU-Spikes information can be reviewed:
# cpview -> CPView > CPU > Spikes > CPU-Spikes
More read here:
SK166454
With this you can easily find CPU spikes. Is it possible to analyse this over time and output the values in a table?
From SK166454 it seems the only source is /var/log/spike_detective/spike_detective.log
as CPView only has the last minute. And how to find the culprit process without External Stats Collector if this CPU is nothing special?
tnx
CPU spike detective saves spikes’ history across time in the spike_detective.log file and in cpview _services (accessible using the command ‘cpview –t’).
The tool may also extract perf records during the spike which are saved in the /var/log/spike_detective/ directory (same location as the log), which greatly assist in locating the process and/or flow which ran during the spike.
Nice tool!
Is also a network Spike Detective available?
Same Tool ! Look ony at the CPU/core(s) that work as SND(s) and - voilà ! - here is Network Spike Detective 😎
About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY