Excessive RAM Usage on Scan Engines

Hi everyone. I’m currently running Windows Server 2019 scan engines on 6.6.185 and since early this week I;m seeing my scan engines run out of RAM when running our normal network vulnerability scans. The scans we ran on Monday ran without issue but since Tuesday we have seen almost all the scans paunse and fail to complete. I’m seeing the scan engines using almost all of their RAM and failing to free up the RAM even after the scan jobs are cancelled. Is anyone else seeing this issue? I have a case open with support but haven’t gotten any replies on that. I have tried allocating more RAM to the scanners (increasing the from 16gb to 24) but the scanner process just continues using more RAM until it completely exhausts the server and the scan job pauses. This is pretty much a work stoppage so far as our ability to complete scans.

Peter, same issue. The XDR on the server is consuming a ton of memory. We are going to test pausing XDR this weekend. Will let you know.

I’ve been scheduling my scan engine servers to reboot every night at 2am as we don’t have any scans running at that time and that seems to be mitigating the issue for now. I can make the issue occur if I run a big scan job against a scan pool that has already run a large job and not been rebooted. After the reboot, memory usage returned to a normal baseline but will increase when the first scan job is run and does not return to the baseline level when the scan completes. Of 16gb mine hit 11-12gb used after the first scan job and stay at that level. So if I try to run another large scan using the scan scanner pool the severs only have 3gb of RAM free for the second scan job out of 16 total.

Did you ever find a solution to this? We have been experiencing the same issue and have tried similar steps to troubleshoot with short term positive results that revert back to the same memory failed issues. Only scan engines in one area have the issue and they all sit at 7+ GB memory between scans, while other engines sit between 3-4 GB. When scanning, the scan engines with issues use the remaining memory (typically 16 GB total) rather than the Nexpose designed 3-4 GB allocated. We have been working with support for months on it with no success.