"/var/log/" partition is filling up for Gateway 11
search cancel

"/var/log/" partition is filling up for Gateway 11

book

Article ID: 264109

calendar_today

Updated On:

Products

CA API Gateway

Issue/Introduction

"/var/log" partition is filling up and these files storing logs related to class "audisp-syslog". 

Gateway Version: Gateway 11

OS: Debian 11

 

[root@SomeHostlog]# ls -ltrh user.log syslog messages
-rw-r----- 1 root adm 630M Apr  9 02:46 user.log
-rw-r----- 1 root adm 656M Apr  9 02:46 messages

### File contents 

[root@SomeHost log]# tail -n10 messages
2023-02-17T23:47:50.010262+00:00 SomeHost audisp-syslog:  type=PROCTITLE msg=audit(1676677670.006:179733): proctitle=2F62696E2F7368002D6300726561646C696E6B202D6D20222F6465762F7364613222
2023-02-17T23:47:50.010297+00:00 SomeHost audisp-syslog:  type=EOE msg=audit(1676677670.006:179733):

Environment

Release : 11.0

Resolution

Auditing levels have been increased (more verbose) in Gateway 11. As part of the April 2023 Monthly Platform Patch and above as they are cumulative this will be addressed by having logrotate with a max file size operand. Please apply the latest Monthly Platform Patch. 

 

Powered by Wolken Software