Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >

KB-6027: Collector memory leak in Server Suite 2014.1

28 December,15 at 03:57 PM

Applies to: 

DirectAudit Collector 3.2.1 (Server Suite 2014.1) and below.

In the DirectAudit Audit Manager, collectors show in disconnected and the collector servers may observe high memory utilization. Entries similar to the following are logged in collector logs:

    [2015-06-08 19:09:41.304 +0800] collector.exe[1300,12] Warning: DadConnection.AddSession: Session with ID 5da917d1-b7d6-6547-86a5-bc46fcf99850 already exists. The existing session object will be overwritten.


DirectAudit session objects are not disposed of properly when being replaced, leading to a memory leak. This is likely to occur when there are very large numbers of small sessions sent to the collector. 


Restart affected collectors periodically to let older spool files deplete. 


This issue has been resolved in DirectAudit 3.2.3 (Server Suite 2015.1). 

Note: The same log message (The existing session object will be overwritten) may appear in DirectAudit 3.2.3, however this is does not indicate a memory leak problem. DirectAudit 3.2.3+ disposes this session object after the events were logged.

Still have questions? Click here to log a technical support case, or collaborate with your peers in Centrify's Online Community.