This error can appear on either the Central Manager or on any individual sensor.  The percentage can vary, but if the /home partition ever reaches higher than 90% utilization, this error will appear.

Typically this message is more prevalent on a Central Manager but can happen on an individual sensor.  The cause of this issue was large pcaps in the /home/apache/pcaps directory.  You can run the following command to see which directory is taking up the most space:  du -h /home/

When you request PCAP files from multiple sensors while connected to the Central Manager, it will first pull all PCAPs and store them locally in the /home/apache/pcaps directory.  It will then zip up all the PCAPs into one large zip file before presenting the browser the option to download the file.  These PCAP files will automatically be deleted after they have been sitting for 72 hours.  If you run: ls -l /home/apache/pcaps and you see files there that are older than 72 hours, then you may need to delete them manually.

It is possible that even after disk space has been cleaned up, the pink banner with the error message may still remain.  You can either click the "X" on the message in the GUI to dismiss it or you can clear the banner from the command line.  If the "X" does not exist, log in to the CLI as root and run the following command:  scm db clear_panic