https://community.cisco.com/t5/network-security/logs-storage-capacity/m-p/5277887#M1120442 <P>You can look at your access control policy rules and see which ones you really need to log. We typically see this level of overutilization when you have sett ALL rules to log connection events including your "catch all" outbound traffic allow rule. In many deployments, that covers 90% or more of the hits to your access control policy rules (and associated connection events).</P> Thu, 03 Apr 2025 12:47:52 GMT Marvin Rhoads 2025-04-03T12:47:52Z https://community.cisco.com/t5/network-security/logs-storage-capacity/m-p/5277825#M1120438 <P>Hi All,</P> <P>I have CDO manage fmc and SAL license to store logs on Cisco Cloud Events with retention period of 90days, however im facing an issue of over utilisation of logs storage with respect to storage allocated. Can someone guide me how to mitigate this. Can i store logs only for a 1hour and post it will delete or something like that.</P> <P>Any help will be highly appreciated</P> Thu, 03 Apr 2025 09:05:21 GMT https://community.cisco.com/t5/network-security/logs-storage-capacity/m-p/5277825#M1120438 Vishal6 2025-04-03T09:05:21Z https://community.cisco.com/t5/network-security/logs-storage-capacity/m-p/5277887#M1120442 <P>You can look at your access control policy rules and see which ones you really need to log. We typically see this level of overutilization when you have sett ALL rules to log connection events including your "catch all" outbound traffic allow rule. In many deployments, that covers 90% or more of the hits to your access control policy rules (and associated connection events).</P> Thu, 03 Apr 2025 12:47:52 GMT https://community.cisco.com/t5/network-security/logs-storage-capacity/m-p/5277887#M1120442 Marvin Rhoads 2025-04-03T12:47:52Z