In the case of the Symantec Endpoint Protection (SEP) client using large amounts of disk space:
Stop the Symantec service
Deleting the files
NOTE: The following instructions are to be accomplished from the Command Prompt, as attempting to perform the deletions from Windows Explorer may result in delays and application hangs. Please note that these instructions will delete the files in the targeted directories/folders, not the directories/folders themselves. Do not remove the directories/folders themselves.
NOTE: The following steps will delete files from the system and having a backup of the system in case of problems resulting from the the deletions is advised.
Open the Command Prompt
Deleting files from User Temp folder
- Click Start, then Run
- Type: cmd
- Click OK
1. Type the following command in Command Prompt. (The following command will vary depending on the user name.) Replace "<NAMEOFUSER>" with the username of the desired Windows user you wish to empty the temp folder for:
- For Windows 2000/XP/2003
DEL /F /Q "C:\Documents and Settings\<NAMEOFUSER>\Local Settings\Temp"
- For Windows Vista/7/2008
DEL /F /Q "C:\Users\<NAMEOFUSER>\AppData\Local\Temp"
2. Deleting the contents of the temp folder at the root of C:\
- Type the following command in Command Prompt:
DEL /F /Q C:\temp
3. Deleting the contents of the Windows Temp folder
4. Deleting the contents of the xfer and/or xfer_temp directories
- Type the following command in Command Prompt:
The Quarantine Folder
NOTE: The following instructions are to be done from the Command Prompt as attempting to open the Quarantine folder in the Windows user interface may result in delays and Windows Explorer application hangs due to the large amount of files that can reside there.
Delete the Quarantine Folder
Type the following commands in the Command Prompt:
Recreate the Quarantine Folder
Type the following command in Command Prompt:
- Windows 2000/XP/2003
MD "C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine"
- Windows Vista/7/2008
MD "C:\ProgramData\Symantec\Symantec Endpoint Protection\Quarantine"
Start the Symantec service
- Click Start, then Run
- Type: smc -start
- Click OK
In the case of the Symantec Endpoint Protection Manager (SEPM) using large amounts of disk space:
The catalina.out file can grow quite large, possible to 1 GB or more in size
The most typical cause is not disabling the debugging mode of the SEPM, which can lead to large log files building up, including Catalina.out. This situation can be remedied as follows:
- Stop the Symantec Endpoint Protection Manager service. Browse to C:\ProgramFiles\Symantec\Symantec Endpoint Protection Manager\tomcat\etc\
- Open the conf.properties file and delete the line that says: scm.log.loglevel=(FINEST, FULL...)
- Save and close the conf.properties file
- While the SEPM service is stopped you can delete or archive all the log files located in \Program Files\Symantec\Symantec Endpoint Protection Manager\tomcat\logs folder (be sure to only move or delete the contents of the logs folder, not the logs folder itself)
- Start the SEPM service.
Retaining a large amount of definition content can lead to folder growth under \Program Files\Symantec\Symantec Endpoint Protection Manager\Inetpub\Content
To adjust the amount of content retained by the SEPM go to the Admin page of the SEPM Console, Servers section, then select Local Site and click Edit Site Properties. From here go to the LiveUpdate tab, then see the section labeled 'Disk Space Management for Downloads'.
Please see the following article for additional information on managing the number of Content revisions retained by a SEPM, as well as other useful information:
http://www.symantec.com/business/support/index?page=content&id=TECH96214&locale=en_US
NOTE: According to the product system requirements, the SEP client requires at least 600 MB of free hard disk space.
Note: the LiveUpdate component is always installed on the C: drive, regardless of any custom installation path selected for the SEP client. LiveUpdate requires at least 130 MB of free space on C:.
Check to make sure enough disk space is available
It is recommended to utilize the following articles for additional information:
1) Disk Space Management procedures for the Symantec Endpoint Protection Manager
http://www.symantec.com/docs/TECH96214
2) Symantec Endpoint Protection virus definition folder consumes a large amount of disk space
http://www.symantec.com/docs/TECH102927
3) Incase, you we want to Monitoring Server Health from Symantec Endpoint Protection Manager and Receive Notification, follow the Article below:
http://www.symantec.com/docs/TECH122731
Regards