Device is encountering low disk space on /var/log drive
search cancel

Device is encountering low disk space on /var/log drive

book

Article ID: 225195

calendar_today

Updated On:

Products

Endpoint Detection and Response

Issue/Introduction

There is a warning on Symantec Endpoint Detection and Response (SEDR) console as follows:
Device is encountering low disk space on /var/log drive

On checking the output of df -h command through EDR CLI, it is found that usage of /var/log directory is very high or reached 100%

Cause

Auto purging of logs is somehow not working and causing high usage of drive space (/var/log)

Resolution

Run "list -t" command to find the top large files and identify the log file which has grown too large.

Then use the delete command to clear the log files and free up space.
Example: delete /var/log/nginx/access.log

If you are unable to delete files or any query, please contact Broadcom Technical Support.

Additional Information

Partition /var/log is full (100% usage) in Endpoint Detection and Response due to atp-microservices log growing large

Powered by Wolken Software