Re: High consumption POWERSHELL in Active Director...

hcarvcamp · ‎06-30-2016

Hi, everyone

I have a simple PowerShell script that runs every 5 minutes grabbing data from a database.
I have noticed the memory climbs quite high (almost 4GB). I have an "output" is the Heavy Forwarder. Seems like the memory keeps climbing.

Print below, the processes:

alt text

Any suggestions?

Thank you,

Hugo Campelo.
_

spayneort · ‎06-30-2016

Are you running the ad-repl-stat.ps1 script on Windows Server 2012 R2?

http://blogs.splunk.com/2014/01/13/active-directory-replication-and-windows-server-2012-r2/

richgalloway · ‎06-30-2016

Are you sure the offending powershell process is related to Splunk. Not to be alarmist, but some ransomware use powershell to encrypt files.

---
If this reply helps you, Karma would be appreciated.

hcarvcamp · ‎06-30-2016

Rich,

When i STOP the UF, the highest consumption "die", and, back to the "normal" consumption.

richgalloway · ‎06-30-2016

That would seem to confirm it's Splunk-related.

---
If this reply helps you, Karma would be appreciated.

hcarvcamp · ‎06-30-2016

Yeah,

But do you have any idea what can be?

High consumption POWERSHELL in Active Directory without related processes Splunk-Powershell.

See your relevant APM services, dashboards, and alerts in one place with the updated ...

Index This | What goes away as soon as you talk about it?

What's New in Splunk Observability Cloud and Splunk AppDynamics - May 2025

Are you a member of the Splunk Community?

High consumption POWERSHELL in Active Directory without related processes Splunk-Powershell.

See your relevant APM services, dashboards, and alerts in one place with the updated ...

Index This | What goes away as soon as you talk about it?

What's New in Splunk Observability Cloud and Splunk AppDynamics - May 2025