cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

IIS app pool restarts with OneAgent when Trelix is enabled

pawel_harbuz
Participant

Hi,

 

Our Customer has an IIS cluster with Windows Server 2022 with latest version of OneAgent and Trelix antivirus. On the servers we have app pools written in .NET 4.8. The problem is that if we have antivirus software and OneAgent enabled app pools restart in random moments and in event log we have the following message:

A process serving application pool 'PoolName' failed to respond to a ping. The process id was '00000'.) 

We discovered that if we have OneAgent or Trelix disabled, the problem does not occur anymore. We contacted Dynatrace One support and they suggested we should contact antivirus vendor, because indeed, it is a problem caused by this software, but we would like also to contact community for advice. Has anyone ever seen this kind of issue? Is there any solution for it?

 

Regards,

Paweł

3 REPLIES 3

Hi @pawel_harbuz 

  • On the host UI you can validate the monitored processes and disable the monitoring for any unwanted processes such as antivirus, ....etc which aren't critical to your business success.
  • keep focus on monitoring the most important processes to avoid such situation.

Regards,

Peter.

I think you didn't get what I wanted to said. The problem does not affect antivirus software but .NET processes that are monitored by OneAgent and protected by Trellix. So, disabling monitoring on antivirus process will not change anything.

Hello @pawel_harbuz 

  • The reason behind this behavior is the auto injection of oneagent code modules into the discovered processes.
  • So, the oneagent injects its code modules based on the discovered technology processes.
  • Another main factor is the process group deep monitoring: either you can switch it off for unwanted processes or make it default instead of monitor.
  • For the oneagent service attached below, it takes effect upon restart and shouldn't impact the IIS app pools.

Peter_Youssef_0-1727276648775.png

  • To disable the auto injection of oneagent modules on the IIS server side apply the below code: .\oneagentctl.exe --set-auto-injection-enabled=false

Or from the UI Host > Settings > General > Host Monitoring

Peter_Youssef_3-1727277448940.png

  • On the server side you can check the attached example: host > settings > process group monitoring.

Peter_Youssef_1-1727277134826.png

Hopefully the proposed solution fits for the raised concern.

Regards,

Featured Posts