Increasing disk usage since enabling SPFD WolfSSL logging
search cancel

Increasing disk usage since enabling SPFD WolfSSL logging

book

Article ID: 386105

calendar_today

Updated On:

Products

CA Privileged Access Manager (PAM)

Issue/Introduction

While working on a case, PAM Support may be asking for a change in the SPFD log level on the Configuration > Diagnostics > Diagnostic Logs page. Options Info+WolfSSL and Debug+WolfSSL include additional logging from the WolfSSL libraries. While either of these options is enabled, there is a continuous increase in disk usage. On a busy system this can be rather rapid and the disk may fill up in a few days.

Environment

Affects PAM releases up to 4.2.0.

Cause

The WolfSSL module logs into a separate log file, which is not subject to daily log rotation in releases up to 4.2.0.

Resolution

This problem is fixed in 4.2.1 and later releases, where the log file is added to the list of files rotated daily, see the following item on documentation page Resolved Vulnerabilities and Issues in 4.2.1:

36054293    DE624798    Increased disk usage with WolfSSL logging enabled.

Additional Information

In general, these log levels are meant to be set only while reproducing a problem with PAM Support. The SPFD log level always should be set back to "Info" afterwards, in which case the WolfSSL log file stops growing.