Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1951
Views
5
Helpful
3
Replies

Firepower Management Centre - Sourcefire Snort directory size (200GB+)!

magurwara
Level 1
Level 1

‎11-28-2019 02:28 AM

Hi,

Currently facing a disk utilization issue on FMC1500 at a client.  Clearing old updates, patches, and log files, recovered about 10GB but the /var partition is full again causing FMC GUI to stop working.

 

Checking disk usage, the "sfsnort" directory is 200GB+.  Total /var partition is 280GB.

 

Any ideas how to reduce the size of this directory?


Thanks,

 

mag

Labels:
0 Helpful
3 Replies 3

Marvin Rhoads
Hall of Fame
Hall of Fame

‎11-28-2019 03:57 AM

I always recommend a TAC case when modifying the directories within an FMC. It is very easy to make the system have an unrecoverable error if you do something wrong.

0 Helpful

magurwara
Level 1
Level 1
In response to Marvin Rhoads

‎12-06-2019 01:38 AM

Resolved!

 

Opened a Cisco TAC case as suggested by @Marvin Rhoads 

TAC engineer removed a bunch of files, name containing "packet_log",  from the sfsnort directory.

Brought down disk utilization very significantly and all is well now.

Apparently these were very old files.

 

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to magurwara

‎12-06-2019 04:17 AM

Thanks for sharing your solution.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card