Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Replies 6 replies
  • Subscribers 0 subscribers
  • Views 2127 views
  • Users 0 members are here
Options
Suggested

Problem with Log Disk saturation

atinivelli
Hi, my free installation is doing a soooo good work in my enviroment (web publishing) managing a very high traffic.

The only problem i'm experiencing is the saturation of the /var/log (Log Disk): it seems the scheduled log maint running once per day it is not enough to keep space occupation under danger level.

Is it possible to make it run twice per day? Or... any other possible solution?

The "extrema ratio" is to disable local logging.... but i'd prefer to have some logging active.

Thanks in advance

P.S.: i'm in a virtual environment, it woudl be easy to extend the hard disk on the hypervisor side but then...?
Parents
  • 0
    I wasn't suggesting a "log killer" rule, just some rules that drop traffic from the worst attackers.  For instance, I have a rule to stop recording the Chinese military hackers' attempts to break into our Astaro:

    {221.224.78.0/24, 222.93.240.0/22, 61.139.15.128/26} -> Any -> External (Address) : Drop



    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0
    I wasn't suggesting a "log killer" rule, just some rules that drop traffic from the worst attackers.  For instance, I have a rule to stop recording the Chinese military hackers' attempts to break into our Astaro:

    {221.224.78.0/24, 222.93.240.0/22, 61.139.15.128/26} -> Any -> External (Address) : Drop



    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?