This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Juan_Concepcion
Advisor
‎2017-10-12 10:00 PM

GAIA Backups

There exists an issue in GAIA presently where backups just continuously grow and cannot be setup to auto delete.  The result is that the /var/log/ directory becomes full and then causes all types of application issues.  The following will run every  2 months and auto clean any backups older than the specified number of days (30 days in example below).  The reason this method is used is because the normal cron scheduler will not accept the command through webui or cli - therefore this will use the native crontab capabilities of linux to assist in cleaning up older backups.

 

In Gaia Clish, create a root user without capability to login:

 

HostName> add user jobuser uid 0 homedir /home/jobuser
HotsName> save config

 

Note: Avoid giving the user a password and avoid giving the user any Gaia roles as they are not needed.

 

In Expert mode, create a cron job for this user:
[Expert@HostName]# crontab -u jobuser -e

 

(This creates and allows you to edit the file /var/spool/cron/jobuser).

 

 Syntax for Entry in crontab:

 

Minute

Hour

Day of Month

Month

Day of week | Command

0

0

 1

 1,3,5,7,9,11

*                   | /usr/bin/find /var/log/ -mtime +30 -wholename “/var/log/CPbackup/backups/*.tgz" -delete

 

 

Save the file: shift+: then x!

 

This will clean up backups older than 30 days @ midnight on the specified day every other month (in this example on the 1st day every two months)

7 Replies
Kalyan_Addenki
Contributor
‎2018-05-09 06:18 AM

It worked successfully after a slight change to the command

/usr/bin/find /var/log/CPbackup/backups/ -mtime +30 -name "*.tgz" -delete

Juan_Concepcion
Advisor
‎2018-05-09 06:46 AM
In response to Kalyan_Addenki

Worked for me can you provide error you are getting or simply doesn’t clean up as expected??

--Juan

Kalyan_Addenki
Contributor
‎2018-05-09 06:52 AM
In response to Juan_Concepcion

Here is the error:

]# /usr/bin/find /var/log/ -mtime +30 -name "/var/log/CPbackup/backups/*.tgz" -delete
/usr/bin/find: warning: Unix filenames usually don't contain slashes (though pathnames do). That means that '-name /var/log/CPbackup/backups/*.tgz' will probably evaluate to false all the time on this system. You might find the '-wholename' test more useful, or perhaps '-samefile'. Alternatively, if you are using GNU grep, you could use 'find ... -print0 | grep -FzZ /var/log/CPbackup/backups/*.tgz'.

Juan_Concepcion
Advisor
‎2018-05-09 06:58 AM
In response to Kalyan_Addenki

This fixes it – I’ll update

/usr/bin/find /var/log/ -mtime +30 -wholename "/var/log/CPbackup/backups/*.tgz" -delete

Kalyan_Addenki
Contributor
‎2018-05-09 07:05 AM
In response to Juan_Concepcion

That worked!

simoneciotti
Explorer
‎2021-04-23 02:12 AM
In response to Kalyan_Addenki

05 11 * * * /usr/bin/find /var/log/ -wholename "/var/log/CPbackup/backups/*.tgz" -delete

This work, every day delete old tgz file

 

0 Kudos
_Val_
Admin
Admin
‎2021-04-23 04:32 AM
In response to simoneciotti

You do not want to delete all but the newest file, some rotation is advised. In case your OS is corrupted, the latest backup is likely to have those corrupted files, but several previous might not.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    In-Person

    Tue 07 Oct 2025 @ 09:30 AM (CEST)

    CheckMates Live Denmark!
    CheckMates Events