When Threat Extraction enabled on Security Gateway, /var/log partition fills up rapidly, and most of disk space is utilized by the /var/log/scrub/repository/
|Platform / Model
- When Threat Extraction is enabled on the Security Gateway, the /var/log partition fills up rapidly. Most of the disk space is utilized by thr /var/log/scrub/repository/.
[Expert@Fw01:0]# du -hcx --max-depth=1 /var/log/scrub | sort -n -r
- On the problematic Security Gateway, you can see a large scrub_db
[Expert@Fw01:0]# sqlite3 $FWDIR/conf/scrub_db.sqlite
SQLite version 3.7.14
Enter ".help" for instructions
Enter SQL statements terminated with a ";"
sqlite> SELECT COUNT(*) from ScrubRevisionTable;
The scrub database has a large number of old entries. This caused all the interactions with it to take a long time and was interfering with the housekeeping process to clean old scrub files on the Security Gateway.
Note: To view this solution you need to