If you have bulklogging rotation enabled in your Data Center Security Common Parameters Configuration file with and IDS policy, you may notice that the 'sisipsservice' log is not being removed and causing space consumption on the server. 

If the same file is monitored as a normal file, IDS will not monitor it as a log file. This is by design. the customer can modify his IDS policy to not monitor the "agentlog" and "sdcsslog" folder as a workaround.

Remove the following values from file monitoring in the IDS policy.

%%HKEY_LOCAL_MACHINE\Software\symantec\intrusion security\Agent\InstallRoot%%\*
%%HKEY_LOCAL_MACHINE\Software\symantec\intrusion security\Agent\LogInstallRoot%%\*

-Windows Baseline Detection Policy
-'System Symantec Software Monitoring' section
-'Monitor DCS Files' section
-Remove the values above and reapply the policy.