This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

CLI scripts

Hi guys, I am fairly new with UTM and there was an issue(their log files are 100%) with one of our clients which was resolved by a Sophos Support. 

Here is what she said she did (yes the support is a female).

 

>Found out that the packetfilter and working logs were greater than 50 GB each and hence were causing the log file partition to be filled up.

>So, we moved the file to /var/storage directory and after that log partition came down

>We cleared that file as well so now the root partition seems to be down.

>But it seemed like heavy packet dropping was occurring for port 445 so we created a drop rule to block that communication without logging it.

 

Im pretty sure they did it using SSH. Can you please tell me how did she do it? Especially the linux commands because I am really not that familiar with linux.

Should i login as 'loginuser' then switch to root first before I can input the command lines? 

Thank you in advance guys!



This thread was automatically locked due to age.
Parents
  • Hi Marion Paolo Abagar,

    what is the purpose of your question?
    If you are not familiar with linux you should first learn a little bit to work with it before SSH on your UTM.

    Most configuration are done by webadmin and not by ssh.

    If you desperatly want to know what she did i tell you.

    She logged in with loginuser and switched to root if you gave her the credentials otherwise she used the logindata comming with your support access ID
    In the Next step she analysed the disks/partitions to see where the usage come from. [du]
    After she found the file she looked what is filling up the file. [cat|less|more]
    Then moved it to another directory and removed it [mv|rm]

    Commands can be found on every linus help site

    Best Regards
    DKKDG

Reply
  • Hi Marion Paolo Abagar,

    what is the purpose of your question?
    If you are not familiar with linux you should first learn a little bit to work with it before SSH on your UTM.

    Most configuration are done by webadmin and not by ssh.

    If you desperatly want to know what she did i tell you.

    She logged in with loginuser and switched to root if you gave her the credentials otherwise she used the logindata comming with your support access ID
    In the Next step she analysed the disks/partitions to see where the usage come from. [du]
    After she found the file she looked what is filling up the file. [cat|less|more]
    Then moved it to another directory and removed it [mv|rm]

    Commands can be found on every linus help site

    Best Regards
    DKKDG

Children
No Data