|Applies To||RSA Product Set: Web Threat Detection|
RSA Product/Service Type: Forensics
RSA Version/Condition: > 5.1
|Issue||Web Threat Detection Log and Report files have grown to the point of using up most of the available disk space. |
|Tasks||1. Determine if Processes are Running|
|Resolution||1. Determine the age of the data in-- |
3. Determine if the settings in Diskreaper, as they are, can keep up with the amount of data being stored.
4. Ask the customer to provide their Data Retention policy(how long do they need to keep logs and reports. )
5. Set Diskreaper so that the system will be able to maintain an amount of data with the given system resources, that can meet the customer's Data Retention policy.
6. Consider asking the customer to move data off the system if there is no disk space, either to temporarily allow the system to be restored to functionality, or to free up more disk space for normal running.
Logs and Reports can be easily moved off and back with services restart to restore the data.
7 Restart all services and make sure FI and System Manager is functioning
8 if Forensics UI is still not populating then torginizer may not have written the .task file to have the hourly reports created even after data was removed and services were started)
A. Go to /var/opt/silvertail/data/tasks
|Notes||Configuration and use of Diskreaper, available since version 4.6, is obtained from WTD Product documentation in SCOL System Management Guide|