Partition /var/log is full (100% usage) in Endpoint Detection and Response
Article ID: 387192
Updated On:
Products
Endpoint Detection and Response
Issue/Introduction
Partition /var/log is full (100% usage) in Symantec Endpoint Detection and Response (EDR).
Environment
SEDR 4.8, 4.9.x, 4.10, 4.12
Cause
Log file getting filled with excessive statements causing the issue of partition /var/log getting full.
Resolution
This issue is fixed in EDR 4.11.
On EDR builds 4.8 to 4.10, the patch can be installed as follows:
- To confirm the patch is available:
patch listorpatch list -v atp-patch-generic-4.8_4.9_4.10-1 - To download:
patch download atp-patch-generic-4.8_4.9_4.10-1 - To install:
patch install atp-patch-generic-4.8_4.9_4.10-1
Note: If you are getting this issue on EDR 4.12, contact Broadcom Technical Support for further review and apply a potential fix.
Additional Information
How to install patches for SEDR
If "patch list" command times out, refer : Failed to apply patch in Endpoint Detection and Response
Feedback
Yes
No
Powered by
