• State Not Answered
  • Replies 3 replies
  • Subscribers 94 subscribers
  • Views 167 views
  • Users 0 members are here
Options
Related

v8.2.1: Too much resources used on IIS pool: sessions (user not logged in) is spiking

hans moviat
1 month ago

We see the following IIS Server behavior:

  • After restarting the IIS server the number of “User account: (User is not logged in); started at: xxxxxxxxxxx” – sessions is building up to 80-90 sessions. Netstat registers 9 IP connections with port 443.
    What is happening and why? Can we lower this number somewhere?

  • Once a month or so the CPU usage of the ITShop is soaring to 99,5%. Nothing interesting to see in the DBQueue and the JobQueueInfo. How can we see what is happening and prevent this behavior?

Thx!

Parents
  • 0 29 days ago

    Hi Hans,

    This isn't an easy thing to answer on a forum... :) But some things to take a look at;

    -It sounds like those sessions and connections are coming from somewhere. Have you taken a look at the devices actually making the connections?

    -On that IIS machine, is it really the IIS application taking 99.5% of the CPU, or just 'something' on the machine? You're not going to see anything in the DBQueue or JobQueueInfo because those are running on entirely different machines (I expect) from the machine hosting the IIS / IT-Shop application.

    Consider pulling in a microsoft / windows server specialist in your organization to help see why the machine is busy. What service is causing the load, where are the network connections coming from, etc.. This sounds more like an infrastructural / system set-up issue than the One Identity IT-Shop application itself...

Reply
  • 0 29 days ago

    Hi Hans,

    This isn't an easy thing to answer on a forum... :) But some things to take a look at;

    -It sounds like those sessions and connections are coming from somewhere. Have you taken a look at the devices actually making the connections?

    -On that IIS machine, is it really the IIS application taking 99.5% of the CPU, or just 'something' on the machine? You're not going to see anything in the DBQueue or JobQueueInfo because those are running on entirely different machines (I expect) from the machine hosting the IIS / IT-Shop application.

    Consider pulling in a microsoft / windows server specialist in your organization to help see why the machine is busy. What service is causing the load, where are the network connections coming from, etc.. This sounds more like an infrastructural / system set-up issue than the One Identity IT-Shop application itself...

Children
  • 0 24 days ago in reply to Jos Groenewegen

    HI Jos,

    Thanks for your message.

    We found that AppleBot was bombarding our IIS server with about 5000 deeplinks per day. We assume one of these links set the IIS server into a frenzy. We excluded the Applebot network (17.*.*.*) from accessing the IIS server. After finding that this hepled a lot we also placed a robots.txt "asking" all crawlers to not index.

  • 0 24 days ago in reply to hans moviat

    Hi Hans,

    Thanks for coming back to post what you found. That always helps future people with similar issues when they're looking for information (building what we have as a community here is something we do together :) ).

    Glad to hear you found a likely cause and a solution. And I suppose the good advice for everyone is that if they make the IT-Shop accessible from outside of a corporate network to set up a robots.txt file.