Request a Demo
Home   >   mailing lists

Re: wdavdaemon / Microsoft Defender for Endpoint on Linux and slow Postgres recovery? - Mailing list pgsql-general

From Ron Johnson
Subject Re: wdavdaemon / Microsoft Defender for Endpoint on Linux and slow Postgres recovery?
Date
Msg-id CANzqJaB-emsdnCrhZrs1H5ax1A+89nfwEm7HF22CyHTsQeSwKg@mail.gmail.com
Whole thread Raw
In response to Re: wdavdaemon / Microsoft Defender for Endpoint on Linux and slow Postgres recovery?  (Christoph Moench-Tegeder <cmt@burggraben.net>)
List pgsql-general
Tree view
On Tue, Dec 2, 2025 at 3:35 PM Christoph Moench-Tegeder <cmt@burggraben.net> wrote:
## Colin 't Hart (colinthart@gmail.com):

> I wonder if anyone here has any experience with configuring exclusions so
> that the WAL files can be processed faster?

https://learn.microsoft.com/en-us/defender-endpoint/linux-exclusions
mind this:
https://learn.microsoft.com/en-us/defender-endpoint/linux-exclusions#supported-exclusion-scopes
and work from these examples (if you're allowed to):
https://learn.microsoft.com/en-us/defender-endpoint/linux-exclusions#example-3-add-or-remove-a-folder-exclusion

> Any advice on what to communicate with their IT department about using this
> on their database servers? I've never encountered it on Linux before...

"Be glad it only slows your database down. All too often, AV/Endpoint
Protection Products just don't like the access pattern and eat your
database for breakfast." There is this joke "it has been 0 days since
Anti-Virus ate a database".
 
Things must have improved, since we had Carbon Black for a number of years, and now use Coretex XDR.

CB would quite often consume 300% CPU, while XDR "only" uses 100% on occasion, but have never corrupted or crashed a PG instance.  (This is standard installations, with no exclusions.)

--
Death to <Redacted>, and butter sauce.
Don't boil me, I'm still alive.
<Redacted> lobster!

pgsql-general by date:

Previous
From: "Colin 't Hart"
Date:
Subject: Re: wdavdaemon / Microsoft Defender for Endpoint on Linux and slow Postgres recovery?
Next
From: Adrian Klaver
Date:
Subject: Re: Interaction between "client_connection_check_interval" and "log_lock_waits" parameters