Thanks for the reply Marvin.

I haven't configured it to automatically download any updates, so patches, rule updates and geolocation updates I have been doing manually.  Just checked and the 'Cisco-Intelligence-Feed' is set to every 2-hours.  However surely its incremental and doesn't need to download a Gigabytes worth of data every 2-hours?

If I change this to every day is it likely to then just download 12-Gigabytes in one go?

Seems excessive to me?

Andy

You can find the SI feed files as noted here:

https://www.lammle.com/post/how-to-find-the-list-of-ip-url-and-dns-entries-in-the-cisco-firepower-feed/

I just checked my lab FMC (also set to every 2 hours) and added up everything in those directories with today's date. I got 469,834,482 bytes or about 0.44 GB. That's raw file size, so if you add the overhead of SSL/TLS. tcp, ip, Ethernet encapsulation etc. if will be more (but I would think something less than 2 GB per update but ho knows without hard data to analyze it). I'm not positive the extent to which they are incremental vs. replacing large files. Since they are just text files I'd think it's the latter.

admin@fmc:/var/sf$ cd iprep_download/
admin@fmc:/var/sf/iprep_download$ ls -al
total 2868
drwxr-xr-x  5 www  www     4096 Jul 25 12:11 .
drwxr-xr-x 73 root root    4096 Jul 22 18:09 ..
-rw-r--r--  1 root root  154770 Jul 25 10:28 032ba433-c295-11e4-a919-d4ae5275a468
-rw-r--r--  1 root root      51 Jul 25 10:28 1b117672-7453-478c-be31-b72e89ca1acb
-rw-r--r--  1 root root   99296 Jul 25 10:28 23f2a124-8278-4c03-8c9d-d28fe08b5e98
-rw-r--r--  1 root root     162 Jul 25 10:28 2CCDA18E-DDFF-4F5C-AF9A-F009852183F4
-rw-r--r--  1 root root      40 Jul 25 10:28 2b15cb6f-a3fc-4e0e-a342-ccc5e5803263
-rw-r--r--  1 root root      33 Jan 18  2018 2bfe7284-9303-11e7-b8d1-14a892033bf6
-rw-r--r--  1 root root      35 Feb 13  2018 2bff8b6a-9303-11e7-b8d1-14a892033bf6
-rw-r--r--  1 root root      33 Jan 18  2018 2c01166a-9303-11e7-b8d1-14a892033bf6
-rw-r--r--  1 root root      35 Jan 18  2018 2c02721c-9303-11e7-b8d1-14a892033bf6
-rw-r--r--  1 root root      37 Jul 25 10:28 30f9e69c-d64c-479c-821d-0e4edab8217a
-rw-r--r--  1 root root      47 Jul 25 10:28 3e2af68e-5fc8-4b1c-b5bc-b4e7cab598ba
-rw-r--r--  1 root root  107850 Jul 25 10:28 5a0b6d6b-e2c3-436f-b4a1-48248b330a26
-rw-r--r--  1 root root      32 Jul 25 10:28 5f8148f1-e5e4-427a-aa3b-ee1c2745c350
-rw-r--r--  1 root root    4552 Jul 25 10:28 60f4e2ab-d96c-44a0-bd38-830252b63f46
-rw-r--r--  1 root root      31 Jul 25 10:28 6ba968f4-7a25-4793-a2c8-7cc77f1ff437
-rw-r--r--  1 root root      37 Jul 25 10:28 A27C6AAE-8E52-4174-A81A-47C59FECC092
-rw-rw-r--  1 www  www       42 Jul 25 12:10 IPRVersion.dat
-rw-r--r--  1 root root 2438690 Jul 25 10:21 Sourcefire_Intelligence_Feed
-rw-r--r--  1 root root   16338 Jul 25 10:28 abdc925f-4f85-4504-90a7-c891979ac517
-rw-r--r--  1 root root      30 Jul 25 10:28 b1df3aa8-2841-4c88-8e64-bfaacec7fedd
-rw-r--r--  1 www  www       30 Oct 11  2017 c30db61a-ae80-11e7-aa36-d3175395fa36
-rw-r--r--  1 www  www       65 Dec  6  2018 c76556bc-6167-11e1-88e8-479de99bfdf1
-rw-r--r--  1 root root    2081 Jul 25 10:28 d7d996a6-6b92-4a56-8f10-e8506e431ca5
-rw-r--r--  1 www  www       65 Dec  6  2018 d8eea83e-6167-11e1-a154-589de99bfdf1
drwxr-xr-x  2 www  www     4096 Aug 16  2017 health
-rw-r--r--  1 root root       0 Jul 20 04:51 health_status
-rw-r--r--  1 root root       0 Jul 20 04:51 health_statuslock
drwxr-xr-x  2 www  www     4096 Dec  6  2018 peers
-rw-r--r--  1 root root    4847 Jul 25 10:21 rep_dd.yaml
drwxr-xr-x  2 www  www     4096 Jul 25 10:28 tmp
admin@fmc:/var/sf/iprep_download$ cd ..
admin@fmc:/var/sf$ cd sidns_download/
admin@fmc:/var/sf/sidns_download$ ls -al
total 395120
drwxrwxr-x  5 www  detection      4096 Jul 25 10:28 .
drwxr-xr-x 73 root root           4096 Jul 22 18:09 ..
-rw-r--r--  1 root root         759300 Jul 25 10:28 032ba433-c295-11e4-a919-d4ae5275b77b
-rw-r--r--  1 root root             62 Jul 25 10:28 1b117672-7453-478c-be31-b72e89ca2dde
-rw-r--r--  1 root root        1084792 Jul 25 10:28 23f2a124-8278-4c03-8c9d-d28fe08b71ab
-rw-r--r--  1 root root            412 Jul 25 10:28 2CCDA18E-DDFF-4F5C-AF9A-F00985219707
-rw-r--r--  1 root root             56 Jul 25 10:28 2b15cb6f-a3fc-4e0e-a342-ccc5e5804576
-rw-r--r--  1 root root             40 Jan 18  2018 2bfb25de-9303-11e7-b8d1-14a892033bf6
-rw-r--r--  1 root root             42 Feb 13  2018 2bfd147a-9303-11e7-b8d1-14a892033bf6
-rw-r--r--  1 root root             53 Jul 25 10:28 30f9e69c-d64c-479c-821d-0e4edab8348d
-rw-r--r--  1 root root            151 Jul 25 10:28 3e2af68e-5fc8-4b1c-b5bc-b4e7cab5abcd
-rw-r--r--  1 root root             82 Jul 25 10:28 5a0b6d6b-e2c3-436f-b4a1-48248b331d39
-rw-r--r--  1 root root             48 Jul 25 10:28 5f8148f1-e5e4-427a-aa3b-ee1c2745d663
-rw-r--r--  1 root root        6672114 Jul 25 10:28 60f4e2ab-d96c-44a0-bd38-830252b65259
-rw-r--r--  1 www  www              74 Dec  6  2018 663da2e4-32f4-44d2-ad1f-8d6182720d32
-rw-r--r--  1 root root             47 Jul 25 10:28 6ba968f4-7a25-4793-a2c8-7cc77f1f1074
-rw-r--r--  1 www  www              48 Oct 11  2017 7612c1ba-ae81-11e7-aa36-d3175395fa36
-rw-r--r--  1 root root             53 Jul 25 10:28 A27C6AAE-8E52-4174-A81A-47C59FECd3a5
-rw-r--r--  1 root root      371388852 Jul 25 10:28 Cisco_DNS_Intelligence_Feed
-rw-rw-r--  1 www  www              40 Jul 25 12:10 IPRVersion.dat
-rw-r--r--  1 root root         576244 Jul 25 10:28 abdc925f-4f85-4504-90a7-c891979ad82a
-rw-r--r--  1 root root       20337664 Jul 25 10:28 b1df3aa8-2841-4c88-8e64-bfaacec7111f
-rw-r--r--  1 root root        3675542 Jul 25 10:28 d7d996a6-6b92-4a56-8f10-e8506e432fb8
-rw-r--r--  1 www  www              74 Dec  6  2018 ded9848d-3580-4ca1-9d3c-04113549f129
drwxr-xr-x  2 www  www            4096 Aug 16  2017 health
-rw-r--r--  1 root root              0 Jul 20 04:51 health_status
-rw-r--r--  1 root root              0 Jul 20 04:51 health_statuslock
drwxr-xr-x  2 www  www            4096 Oct 23  2017 peers
-rw-r--r--  1 root root           4847 Jul 25 10:21 rep_dd.yaml
drwxr-xr-x  2 www  www            4096 Jul 25 10:28 tmp
admin@fmc:/var/sf/sidns_download$ cd ..
admin@fmc:/var/sf$ cd siurl_download/
admin@fmc:/var/sf/siurl_download$ ls -al
total 61132
drwxrwxr-x  5 www  detection     4096 Jul 25 10:28 .
drwxr-xr-x 73 root root          4096 Jul 22 18:09 ..
-rw-r--r--  1 root root        952672 Jul 25 10:28 032ba433-c295-11e4-a919-d4ae5275d599
-rw-r--r--  1 www  www             74 Dec  6  2018 127dc4a2-1ea3-4423-a02d-1f02069828ac
-rw-r--r--  1 root root            76 Jul 25 10:28 1b117672-7453-478c-be31-b72e89ca4bfc
-rw-r--r--  1 root root      30134687 Jul 25 10:28 23f2a124-8278-4c03-8c9d-d28fe08b8fc9
-rw-r--r--  1 root root           543 Jul 25 10:28 2CCDA18E-DDFF-4F5C-AF9A-F0098521b525
-rw-r--r--  1 root root            56 Jul 25 10:28 2b15cb6f-a3fc-4e0e-a342-ccc5e5806394
-rw-r--r--  1 root root            32 Jan 18  2018 2c06f904-9303-11e7-b8d1-14a892033bf6
-rw-r--r--  1 root root            34 Feb 13  2018 2c08fe34-9303-11e7-b8d1-14a892033bf6
-rw-r--r--  1 root root            53 Jul 25 10:28 30f9e69c-d64c-479c-821d-0e4edab852ab
-rw-r--r--  1 root root           242 Jul 25 10:28 3e2af68e-5fc8-4b1c-b5bc-b4e7cab5c9eb
-rw-r--r--  1 www  www             74 Dec  6  2018 5915d129-0d33-4e9c-969a-eab3cde32156
-rw-r--r--  1 root root        108095 Jul 25 10:28 5a0b6d6b-e2c3-436f-b4a1-48248b333b57
-rw-r--r--  1 root root            48 Jul 25 10:28 5f8148f1-e5e4-427a-aa3b-ee1c2745f481
-rw-r--r--  1 root root       6698669 Jul 25 10:28 60f4e2ab-d96c-44a0-bd38-830252b67077
-rw-r--r--  1 root root            47 Jul 25 10:28 6ba968f4-7a25-4793-a2c8-7cc77f1f1256
-rw-r--r--  1 root root            53 Jul 25 10:28 A27C6AAE-8E52-4174-A81A-47C59FECf1c3
-rw-rw-r--  1 www  www             40 Jul 25 12:10 IPRVersion.dat
-rw-r--r--  1 root root        592761 Jul 25 10:28 abdc925f-4f85-4504-90a7-c891979af648
-rw-r--r--  1 root root      20337664 Jul 25 10:28 b1df3aa8-2841-4c88-8e64-bfaacec71300
-rw-r--r--  1 root root       3679844 Jul 25 10:28 d7d996a6-6b92-4a56-8f10-e8506e434dd6
-rw-r--r--  1 www  www             29 Mar 26  2018 ea5547c6-ae7e-11e7-9996-e24bbb2214cc
drwxr-xr-x  2 www  www           4096 Aug 16  2017 health
-rw-r--r--  1 root root             0 Jul 20 04:51 health_status
-rw-r--r--  1 root root             0 Jul 20 04:51 health_statuslock
drwxr-xr-x  2 www  www           4096 Oct 23  2017 peers
drwxr-xr-x  2 www  www           4096 Dec  6  2018 tmp
admin@fmc:/var/sf/siurl_download$