Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Jason_Grubbs
Participant

/var/log/jail Folder

We have a 5200 R80.40 that is running out of space in /var/log:

Screenshot_288.png

I found that there was a jail folder located inside of /var/log:

Screenshot_289.png

Further digging resulted in finding 37G of files located in the following folder:

/var/log/jail/opt/CPsuite-R80.40/fw1/dlp/ftp/

This firewall does not have DLP enabled

Screenshot_290.png

Any ideas if these files are ok to delete?

0 Kudos
14 Replies
the_rock
Legend
Legend

I would definitely back them up first, but seems safe to remove from what I see in my lab.

0 Kudos
Jason_Grubbs
Participant

Is the /var/log/jail folder even necessary?  Why was it created?

0 Kudos
the_rock
Legend
Legend

Do they use MTA for DLP/Email Security/AV?

That would possibly explain the use of that particular log folder.

0 Kudos
Jason_Grubbs
Participant

We use AV with the Threat Prevention blade.

0 Kudos
Jason_Grubbs
Participant

Screenshot_292.png

0 Kudos
the_rock
Legend
Legend

That might explain it...honestly, I would verify with TAC, because I see that folder in my lab as well, but I dont use any of those blades, so not 100% sure.

0 Kudos
Jason_Grubbs
Participant

Ok, I will reach out to TAC

the_rock
Legend
Legend

Definitely better to get an official answer, because if I were you, I would certainly be a bit worried about removing stuff thats 37 GB in size, specially if Im not 100% sure the purpose for it. I mean, as I stated before, I would backup everything from that folder anyway first, but let support clarify for you beforehand. In my lab, that folder is only few MBs, so there is certainly something in your environment causing the folder to fill up rather quickly.

Andy

0 Kudos
Tal_Paz-Fridman
Employee
Employee

Hi

After consulting R&D, the issue is known and is handled in two parts – one is already integrated into R80.40 Ongoing Take 126.

The other fix will be included in the next JHF.

@pavelko 

0 Kudos
genisis__
Leader Leader
Leader

Can you expand?  Is there a SK?

 

Tal_Paz-Fridman
Employee
Employee

I also agree.  I asked R&D owner to publish an SK including instructions on how to clear up the space.

0 Kudos
(1)
the_rock
Legend
Legend

I agree with @genisis__ . SK would be nice...also, considering that @Jason_Grubbs has 37 GB worth of space there (which is pretty significant), it poses a question if its really safe to remove in the first place.

0 Kudos
genisis__
Leader Leader
Leader

100%!

0 Kudos
Jason_Grubbs
Participant

I have not yet seen an SK for this issue.  Still exists in R81.  I had to remove another 36GB today from the jail folder.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events