A Linux server running the DCS 6.9.1 has disk space being occupied by the following file which has grown very large.

/opt/Symantec/sdcssagent/AMD/system/scaninput

The question was ask as to if this file can be deleted manually.

Release : 6.9.1

Component : AMD

The scaninput file contains the record of folders and files that have been scanned. It is supposed to be maintained by the system so as to clean up when the process is flagged as successfully completed. However, in this case the scan configuration was unrestricted so that the AMD process was scanning every folder. It was also scanning NFS mounted drives-- each being multiple terabytes in size. As such the scanning process was never actually completed with the scanning of all drives and folders before the next scheduled iteration was set to run.

The only valid solution was to reconfigure the scan settings to focus on specific folders where local and web application processes were creating, modifying and maintaining files subject to potentially becoming infected.

Although not recommended as a common practice, if the file need be eliminated to free up disk space it can be manually deleted after stopping the services.

1. Stop the agent services:

service sisidsagent stop
service sisipsutil stop
service sisamddaemon stop

2. Delete the scaninput file

3. Start the services again:

service sisidsagent start
service sisipsutil start
service sisamddaemon start