Solved: Re: How to permanently remove event log in CSA MC

infinitingr2 · ‎05-26-2004

I am running the Cisco Secure Agent 4 deployed on 4 PCs. I enabled verbose logging just because it is a test environment & I wanted to see how many events it would generate. Well, the last I checked CSA MC (under Events Summary) it has over 300,000 (that's right 300,000) events logged. I have modified the event manager and pplied the new rules, but the machine CSAMC is so slooooow because of the over 300,000 events. Please see the attached screen shot. How do I permanently purge the events log. I have used the purge command within CSA MC but it only deleted 10,000 events. The machine is running so slow I can't get anything done on it.

Well, I wanted to send the screen shot but the machine is slow I can't even attach the file. But in any case, the problem is that the events summary window shows message of over 300,000 & I need to permannently remove the events.

Thanks.

pcomeaux · ‎05-26-2004

The only was I know how is to use "Event Sets" and click on All Events. From here, you can either click or purge the events of your choice.

Also, what are the server specs you are running on?

I've been involved with MCs with more than 2x the events that you have & that server has performed satisfactory.

Hope this helps,

peter

View solution in original post

pcomeaux · ‎05-26-2004

The only was I know how is to use "Event Sets" and click on All Events. From here, you can either click or purge the events of your choice.

Also, what are the server specs you are running on?

I've been involved with MCs with more than 2x the events that you have & that server has performed satisfactory.

Hope this helps,

peter