Hi all, I have a problem with a Windows Server 2016 which C: drive is being filled from Sophos Server Protection. The Endpoint version is latest and Updates are running fine. The problem is that Safestore.log and Clean.log are very large and still growing; 17.8 GB and 12.5 GB respectively. In Sophos documentation it says this (also for Clean.log) but obviously the rotation and size limit do not work on this machine for some reason. SophosCleanup.log (Only applicable to Windows 10 (x64) and later and Windows Server 2016 and later) Location C:\ProgramData\Sophos\Clean\Logs Description Contains cleanup actions, Safestore verification, and command process flow logging. The log size limit is compressed to 10MB and there are five log rotations. Can anyone please tell me how to shrink the files and get things back to normal? Thank you very much. BR, Daniel

Safestore.log and Clean.log very large - multiple GB

Hi all,

I have a problem with a Windows Server 2016 which C: drive is being filled from Sophos Server Protection. The Endpoint version is latest and Updates are running fine.

The problem is that Safestore.log and Clean.log are very large and still growing; 17.8 GB and 12.5 GB respectively.

In Sophos documentation it says this (also for Clean.log) but obviously the rotation and size limit do not work on this machine for some reason.

SophosCleanup.log (Only applicable to Windows 10 (x64) and later and Windows Server 2016 and later)
Location	`C:\ProgramData\Sophos\Clean\Logs`
Description	Contains cleanup actions, Safestore verification, and command process flow logging. The log size limit is compressed to 10MB and there are five log rotations.

Can anyone please tell me how to shrink the files and get things back to normal? Thank you very much.

BR,
Daniel

Parents

0 astiadmin 1 day ago

Really? No one?
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 LuCar Toni 1 day ago in reply to astiadmin

Did you open a Support Case for this situation?

__________________________________________________________________________________________________________________
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 astiadmin 1 day ago in reply to LuCar Toni

No, not yet.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 astiadmin 18 hours ago in reply to LuCar Toni

I have now managed to get the .log files recreated. I did disable tamper protection, stopped the Sophos Health Service and renamed both files to .log.old. Now both have been recreated and seem to grow only at reasonable sizes. So far so good... The thing now is that I am unable to delete both files although I am local administrator I can't delete nor can take ownership of the files. If trying to run cmd.exe as SYSTEM with psexec did not help. How can I get rid of the files to free up the diskspace? Yes, you are right, no really Sophos related question, well, as long as Sophos does not set some kind of hidden permissions that keep me from deleting the files.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Reply

0 astiadmin 18 hours ago in reply to LuCar Toni

I have now managed to get the .log files recreated. I did disable tamper protection, stopped the Sophos Health Service and renamed both files to .log.old. Now both have been recreated and seem to grow only at reasonable sizes. So far so good... The thing now is that I am unable to delete both files although I am local administrator I can't delete nor can take ownership of the files. If trying to run cmd.exe as SYSTEM with psexec did not help. How can I get rid of the files to free up the diskspace? Yes, you are right, no really Sophos related question, well, as long as Sophos does not set some kind of hidden permissions that keep me from deleting the files.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Children

No Data