Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

How to use HI policy to monitor the CPU and RAM usage of the endpoint

Created: 23 Nov 2010 • Updated: 01 Dec 2010 | 2 comments
Language Translations
yang_zhang's picture
+2 2 Votes
Login to vote

The usage of the CPU and RAM is an important check point of the performance of endpoint.

We can use HI policy to monitor the CPU and RAM usage. The following example shows the configuration steps. If the usage of the CPU and RAM is higher than 50%, then the HI check will fail.

1. Create a HI policy, and add a Custom requirement.

2. Firstly, create a registy key HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\TempPerfCPU and set the value as 0.

3. Run a VBScript. This VBScript will read the usage of CPU and RAM by WMI. If the usage is higher than 50%, then set the value of the registry key HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\TempPerfCPU into 1, otherwise, leave it as 0.

Here is the content of this VBScript:

Const PerfCPU = "HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\TempPerfCPU"
On Error Resume Next
Set oOSSet = GetObject("winmgmts:\\.\root\cimv2:Win32_OperatingSystem")
 os_name = oOSSet.CSName
 os_totalmem = oOSSet.TotalVisibleMemorySize
 os_freemem = oOSSet.FreePhysicalMemory
 os_totalvirmem = oOSSet.TotalVirtualMemorySize
 os_freevirmem = oOSSet.FreeVirtualMemory

Set oOSCPU = GetObject("winmgmts:\\.\root\cimv2:win32_processor='cpu0'")
 os_CPULoad = oOSCPU.LoadPercentage

Set WshShell = WScript.CreateObject("WScript.Shell")

If (os_freemem*2<os_totalmem) or (os_freevirmem*2<os_totalvirmem) or os_CPULoad>50 Then
   WshShell.RegWrite PerfCPU, "1", "REG_DWORD"
Else
   WshShell.RegWrite PerfCPU, "0", "REG_DWORD"
End if

4. Check the value of the registry key HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\TempPerfCPU. If the value is 0, then set the HI result as PASS.

5. If the value is 1, then set the HI result to FAIL. And, add a notification on the endpoint.

Below is the notification on the endpoint:

And, this is the screenshot of the Security Log on endpoint:

Attached is the exported policy file.

Comments 2 CommentsJump to latest comment

wildbill's picture

where do i start to check this thing,laptop,so i can do maintenance,i could not afford a warranty,im on disability.i keep getting cpu warnibgs,90 percent usage.anyone want to help

0
Login to vote