Support Center > Search Results > SecureKnowledge Details
When Threat Extraction enabled on Security Gateway, /var/log partition fills up rapidly, and most of disk space is utilized by the /var/log/scrub/repository/ Technical Level
Symptoms
  • When Threat Extraction is enabled on the Security Gateway, the /var/log partition fills up rapidly. Most of the disk space is utilized by thr /var/log/scrub/repository/.

    [Expert@Fw01:0]# du -hcx --max-depth=1 /var/log/scrub | sort -n -r

    73G total

    73G /var/log/scrub/repository

    73G /var/log/scrub

  • On the problematic Security Gateway, you can see a large scrub_db

    [Expert@Fw01:0]# sqlite3 $FWDIR/conf/scrub_db.sqlite

    SQLite version 3.7.14

    Enter ".help" for instructions

    Enter SQL statements terminated with a ";"

    sqlite> SELECT COUNT(*) from ScrubRevisionTable;

    1040031

    sqlite> .exit

Cause

The scrub database has a large number of old entries. This caused all the interactions with it to take a long time and was interfering with the housekeeping process to clean old scrub files on the Security Gateway.


Solution
Note: To view this solution you need to Sign In .