This was caused due to the following reasons :
CAV requests are identified in user access logs as below requests, do confirm if we see high number of such requests to match issue :info - [x.x.x.x] - System() - 2020/03/24 04:15:50 - NODE-3 - Unauthenticated request url /api/v1/cav/client/status came from IP x.x.x.x
- The Pulse Clients were sending data even without receiving instructions from PCS.
- CAV traffic from higher number of end-points will load the web process causing performance issues.
NOTE : To log unauthenticated requests, we need to enable below settings :