Re: wdavdaemon / Microsoft Defender for Endpoint on Linux and slow Postgres recovery?

public inbox for [email protected]  
help / color / mirror / Atom feed

Re: wdavdaemon / Microsoft Defender for Endpoint on Linux and slow Postgres recovery?
3+ messages / 3 participants
[nested] [flat]

* Re: wdavdaemon / Microsoft Defender for Endpoint on Linux and slow Postgres recovery?
@ 2025-12-02 20:34  Christoph Moench-Tegeder <[email protected]>
  0 siblings, 2 replies; 3+ messages in thread

From: Christoph Moench-Tegeder @ 2025-12-02 20:34 UTC (permalink / raw)
  To: Colin 't Hart <[email protected]>; +Cc: PostgreSQL General <[email protected]>

## Colin 't Hart ([email protected]):

> I wonder if anyone here has any experience with configuring exclusions so
> that the WAL files can be processed faster?

https://learn.microsoft.com/en-us/defender-endpoint/linux-exclusions
mind this:
https://learn.microsoft.com/en-us/defender-endpoint/linux-exclusions#supported-exclusion-scopes
and work from these examples (if you're allowed to):
https://learn.microsoft.com/en-us/defender-endpoint/linux-exclusions#example-3-add-or-remove-a-folde...

> Any advice on what to communicate with their IT department about using this
> on their database servers? I've never encountered it on Linux before...

"Be glad it only slows your database down. All too often, AV/Endpoint
Protection Products just don't like the access pattern and eat your
database for breakfast." There is this joke "it has been 0 days since
Anti-Virus ate a database".

Regards,
Christoph

-- 
Spare Space

^ permalink  raw  reply  [nested|flat] 3+ messages in thread

* Re: wdavdaemon / Microsoft Defender for Endpoint on Linux and slow Postgres recovery?
@ 2025-12-02 22:06  Colin 't Hart <[email protected]>
  parent: Christoph Moench-Tegeder <[email protected]>
  1 sibling, 0 replies; 3+ messages in thread

From: Colin 't Hart @ 2025-12-02 22:06 UTC (permalink / raw)
  To: Christoph Moench-Tegeder <[email protected]>; +Cc: PostgreSQL General <[email protected]>

Thanks. I just get

This setting is managed by your organization

so I'm going to have to talk with the IT guys... we have a meeting
scheduled tomorrow.

/Colin

On Tue, 2 Dec 2025 at 21:34, Christoph Moench-Tegeder <[email protected]>
wrote:

> ## Colin 't Hart ([email protected]):
>
> > I wonder if anyone here has any experience with configuring exclusions so
> > that the WAL files can be processed faster?
>
> https://learn.microsoft.com/en-us/defender-endpoint/linux-exclusions
> mind this:
>
> https://learn.microsoft.com/en-us/defender-endpoint/linux-exclusions#supported-exclusion-scopes
> and work from these examples (if you're allowed to):
>
> https://learn.microsoft.com/en-us/defender-endpoint/linux-exclusions#example-3-add-or-remove-a-folde...
>
> > Any advice on what to communicate with their IT department about using
> this
> > on their database servers? I've never encountered it on Linux before...
>
> "Be glad it only slows your database down. All too often, AV/Endpoint
> Protection Products just don't like the access pattern and eat your
> database for breakfast." There is this joke "it has been 0 days since
> Anti-Virus ate a database".
>
> Regards,
> Christoph
>
> --
> Spare Space
>


^ permalink  raw  reply  [nested|flat] 3+ messages in thread

* Re: wdavdaemon / Microsoft Defender for Endpoint on Linux and slow Postgres recovery?
@ 2025-12-02 22:07  Ron Johnson <[email protected]>
  parent: Christoph Moench-Tegeder <[email protected]>
  1 sibling, 0 replies; 3+ messages in thread

From: Ron Johnson @ 2025-12-02 22:07 UTC (permalink / raw)
  To: PostgreSQL General <[email protected]>

On Tue, Dec 2, 2025 at 3:35 PM Christoph Moench-Tegeder <[email protected]>
wrote:

> ## Colin 't Hart ([email protected]):
>
> > I wonder if anyone here has any experience with configuring exclusions so
> > that the WAL files can be processed faster?
>
> https://learn.microsoft.com/en-us/defender-endpoint/linux-exclusions
> mind this:
>
> https://learn.microsoft.com/en-us/defender-endpoint/linux-exclusions#supported-exclusion-scopes
> and work from these examples (if you're allowed to):
>
> https://learn.microsoft.com/en-us/defender-endpoint/linux-exclusions#example-3-add-or-remove-a-folde...
>
> > Any advice on what to communicate with their IT department about using
> this
> > on their database servers? I've never encountered it on Linux before...
>
> "Be glad it only slows your database down. All too often, AV/Endpoint
> Protection Products just don't like the access pattern and eat your
> database for breakfast." There is this joke "it has been 0 days since
> Anti-Virus ate a database".
>

Things must have improved, since we had Carbon Black for a number of years,
and now use Coretex XDR.

CB would quite often consume 300% CPU, while XDR "only" uses 100% on
occasion, but have never corrupted or crashed a PG instance.  (This is
standard installations, with no exclusions.)

-- 
Death to <Redacted>, and butter sauce.
Don't boil me, I'm still alive.
<Redacted> lobster!

^ permalink  raw  reply  [nested|flat] 3+ messages in thread

end of thread, other threads:[~2025-12-02 22:07 UTC | newest]

Thread overview: 3+ messages (download: mbox mbox.gz follow: Atom feed)
-- links below jump to the message on this page --
2025-12-02 20:34 Re: wdavdaemon / Microsoft Defender for Endpoint on Linux and slow Postgres recovery? Christoph Moench-Tegeder <[email protected]>
2025-12-02 22:06 ` Colin 't Hart <[email protected]>
2025-12-02 22:07 ` Ron Johnson <[email protected]>

This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox