How to determine if the aggressive disk cleaning is enabled.
64907
Created On 11/07/19 18:58 PM - Last Modified 12/16/19 22:31 PM
Objective
This article aims to explain how to determine if the aggressive cleaning is enabled or disabled on the Palo Alto Networks firewall.
Environment
- Any Palo Alto Firewall.
- Any PAN-OS.
Procedure
Aggressive disk cleaning is one way of preventing the firewall disk from running out of available space rendering some firewall management functions to be unavailable. When enabled aggressive cleaning kicks in when 95% of the disk usage is reached.
- To find out the current setting for the aggressive cleaning, issue the following command:
> show system state | match aggressive-cleaning
- To enable aggressive cleaning, use the command specified below:
> debug software disk-usage aggressive-cleaning enable
This will automatically purge all old log files if disk hits 95% occupancy. Do you accept this potential loss of debuggability? (y or n)
- To verify the aggressive cleaning setting:
> show system state | match aggressive-cleaning
cfg.debug-sw-du.config: { 'aggressive-cleaning': True, }
- To disable aggressive cleaning, issue the following command:
> debug software disk-usage aggressive-cleaning disable
- To verify if aggressive cleaning is disabled:
> show system state | match aggressive-cleaning
cfg.debug-sw-du.config: { 'aggressive-cleaning': False, }