Error message "Disk usage for /opt/pancfg exceeds limit" due to replaydb size

Error message "Disk usage for /opt/pancfg exceeds limit" due to replaydb size

14102
Created On 12/14/23 02:29 AM - Last Modified 07/24/25 07:51 AM


Symptom


  • Critical error messages of disk space are seen in system log (show log system)
critical general        general 0  Disk usage for /opt/pancfg exceeds limit, 90 percent in use
  • Replaydb size is seen high. This occurs when a lot of changes/commits are done on the Firewall
> show system pancfg-directory-usage | match replay
28G     /opt/pancfg/mgmt/replaydb

Environment


  • Palo Alto Firewalls or Panorama
  • PAN-OS 10.1 or later
  • Disk Space

Cause


  • Replaydb keeps past config changes.
  • It is purged only when mgmtsrvr starts with exceeded thresholds.
  • Sometimes when the threshold is not met so the past config changes are not purged causing the size to be high.

Resolution


  1. Clear the replaydb changes manually. 
  2. Clearing all entries will delete the entire replayDB from the underlying database. Be cautious when there are active changes being done by other admins.
  3. After you confirm there are no uncommited changes, clear replaydb entries manually by this command.
> request clean-replay entries all
  1. *This command is available in PAN-OS version 10.1, but purge occurs in versions 11.0.3, 10.2.5, and 10.1.11 or later.
> show system pancfg-directory-usage | match replay
28G     ​​​​/opt/pancfg/mgmt/replaydb

> request clean-replay entries all
Successfully cleaned all entries from replay database

>  show system pancfg-directory-usage | match replay
24K     /opt/pancfg/mgmt/replaydb


 

Additional Information


Persistent Uncommitted Changes on PAN-OS
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u0000008WDWCA2&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail