Hi Everyone
I'm running a network of 15 machines and have SEP 12.1 RU5 Small Business Edition on a Windows Server 2012 R2 Essentials.
Every couple of weeks, the SEPM Embedded Database goes I/O crazy and hammers my server's disks. It's not got a great RAID controller so long periods of heavy I/O tend to make the network shares eventually bottleneck too :(
The symptoms are little CPU activity, but 100% I/O disk activity with high read/write on the files C:\Users\SQLANYs_sem5\AppData\Local\Temp\sqla0000.tmp and C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\db\sem5.log. Both files are upward of 500Mb in size and for all I know has been hammering for hours before being reported by users. It might settle itself, but who knows how long it would take.
To work around the problem I do the following;
- Stop the SEPM Service
- Kill the SQL Anywhere Network Server (dbsrv16.exe) process as the Service cannot be stopped gracefully.
- Start the Engine manually with dbeng16.exe -m "C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\db\sem5.db" and it starts cleanly and truncates the transaction log sem5.log back to a practical size.
- Shutdown the manually started engine in step 3.
- Delete the sqla0000.tmp file.
- Start the Symantec Embedded Database service
- Start the SEPM service
By now, everything has returned to normal with less than average 15% disk utilisation.
Presumably this is a problem with Liveupdate updating the repository. I think this because shortly after I will see in the console log that LU has performed a run and completed. The files will then have quickly grown to exactly the same size again, but the database will behave nicely and not cause strain on the disk and will keep going unattended for a few weeks. Eventually (after I think 4 hours) the transaction log will shrink to normal too.
So anyone have similar experiences before I contact tech support? I have seen articles where similars issues have affected old versions but nothing relevant. I am thinking of doing a nightly restart of the two services, but I am not convinced it will fix the problem if LU is involved.
Marty