ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Symantec Threat Defense for Active Directory logs size is growing fast.

book

Article ID: 226796

calendar_today

Updated On:

Products

Endpoint Threat Defense for Active Directory

Issue/Introduction

You might notice the hard drive of your 3.6.2 TDAD Core server  filling up. This can be due to a known issue where log files at C:\..\ SETAD\DmDAta\JSM2\Logs are growing around 500MB-1500MB daily.

Cause

In normal circumstances DM component debug logs for 48 hours and then  archives those into zip files, which retain for 7 days. However DM fails to archive a particular log file, stops the routine and further continues with the archiving. 

 

Resolution

Fix will be released in the next  version of Threat Defense for Active Directory. Current plans is to release this version in Feb / March 2022.

As a workaround you can safely delete all logs older than  48 hours manually from C:\..\ SETAD\DmDAta\JSM2\Logs or use a scheduled task to do it for you.
Below is a sample syntax for such a task, replace 'C:\..\SETDAD'  with  path to your installation.

$logsPath='C:\..\SETDAD\Logs','C:\..\SETDAD\DmData\JSM2\Logs','C:\..\SETDAD\DmData\JSM2\ArchiveLogs','C:\..\SETDAD\SETDADDMManager\Logs','C:\..\SETDAD\SETDADHelperSvc\Logs','C:\..\SETDAD\SETDADUpdateSvc\Logs'
ForEach($path in $logsPath){
    Get-ChildItem -Path $path -Recurse | Where CreationTime -lt  (Get-Date).AddDays(-15) | remove-item -force}



Please contact Broadcom Technical Support  in case of any  questions or concerns.