Re: [Open-scap] How to reduce openscap memory usage in OL7?

Mon, 25 Apr 2022 00:44:39 -0700 

Hello Ajay,
yes, I believe this can be a solution for you. Are you using some profile provided in the upstream project or are you using some custom made profile? 

I believe the problematic rules could be within these group and subgroups:

https://github.com/ComplianceAsCode/content/tree/master/linux_os/guide/system/permissions/files

This one comes to my mind as well:

https://github.com/ComplianceAsCode/content/tree/master/linux_os/guide/system/auditing/auditd_configure_rules/audit_privileged_commands/audit_rules_privileged_commands

I hope it helps,

Vojta






Dne 20. 04. 22 v 17:46 ajay nair napsal(a):

Hey Marek,


Thanks for the response! To reduce memory usage, can I simply divide 
all the rules that I want to run into different profiles + tailor 
combinations? E.g. if I want to run 20 rules (r1-r20) from a profile 
that has 100 rules (r1-r100), can I run openscap twice, once by using 
a tailor that disables r11-r100 and then again by using a tailor that 
disables r1-r10 + r21-r100? Will this reduce the memory usage?


On Wed, 20 Apr 2022 at 09:58, Marek Haicman <mhaic...@redhat.com> wrote:

    Hello Ajay,
    yeah, the openscap can be a bit memory demanding. What we have
    found, the main culprits are the rules that are traversing the
    whole filesystem. If you separate those, you should be able to get
    the memory usage under control.

    Best of luck!
    Marek

    On Tue, Apr 19, 2022 at 10:11 AM ajay nair <ajaynai...@gmail.com>
    wrote:

        Hi team,

        I was experimenting with Openscap and I observed that the
        memory usage is very high. Is there a way to reduce/bottleneck
        it? E.g. I use profile + tailor to run around 200 rules at a
        time. Can I break the runs into multiple parts by using
        separate tailor to reduce the memory usage?


        -- 
        -- Ajay Nair

        _______________________________________________
        Open-scap-list mailing list
        Open-scap-list@redhat.com
        https://listman.redhat.com/mailman/listinfo/open-scap-list



--
-- Ajay Nair

_______________________________________________
Open-scap-list mailing list
Open-scap-list@redhat.com
https://listman.redhat.com/mailman/listinfo/open-scap-list
_______________________________________________
Open-scap-list mailing list
Open-scap-list@redhat.com
https://listman.redhat.com/mailman/listinfo/open-scap-list






















					Reply via email to