Website Migration Notice: SafePoint is now operated by CyberServal.Learn more →
DiscussionSLA
Sign inSign up

Disk Space Management Guide for SafeLine WAF

Published a year ago

# SafeLine WAF

Published a year ago

xiaobing.wang

Updated a year ago

0

I. Why Does the Disk Get Full? — Understanding Where Space Goes

SafeLine WAF continuously records various security data while protecting your website. There are two main "repositories" that occupy space:

1. Protection Log Repository (Database)

  • Content: Attack records, Anti-Bot verification logs, access statistics, etc.
  • Storage Location: Managed by PostgreSQL database by default, path is /data/safeline/resources/postgres/data
  • Reason for Overflow: Logs not cleared for long periods, especially during high-frequency attacks when data grows rapidly

2. Container Toolbox (Docker)

  • Content: Images and temporary files required for SafeLine operation
  • Storage Location: /var/lib/docker
  • Reason for Overflow: Old images not deleted after multiple upgrades, or abnormal residual files accumulation

II. How to Clean Up? — Two Methods to Choose From

Method 1: Console One-Click Cleanup (Recommended for Beginners)

Operate through the web interface, safe and intuitive:

  1. Login to SafeLine Console → System → Clean Data
  2. Set retention time:
    • Recommended to set 7 days initially (retain the last week's logs, can be adjusted later)
    • Immediate effect: Cleanup triggers automatically after saving, just wait for completion

⚠️ Note:

  • Cleanup time depends on log volume, temporary lag may occur, don't repeat operations!
  • Logs cannot be recovered after cleanup!

Method 2: Command Line Complete Cleanup (Efficient but Use with Caution)

If log volume is extremely large or console cleanup fails, use command for forced cleanup:

1# Clean all security logs (immediate effect, irreversible!)
2docker exec safeline-mgt cleanlogs

Operation example:

1# After executing the cleanup command, you'll see the following information
2[INFO] Clearing logs...
3[INFO] Truncating detect log...
4[INFO] Truncating event...
5[INFO] Truncating statistics...
6[INFO] Done

III. Preventing Overflow — Regular Maintenance Tips

  1. Set automatic cleanup cycle: Console System → Clean Data → Select Keep 7 Days and enable automatic cleanup
  2. Regular image cleanup:
    • During manual upgrades, old version images aren't automatically deleted. Execute the following command to delete all Docker images belonging to chaitin/safeline or chaitin-safeline repository with <none> tags (usually old versions or dangling images):
    1bash -c "[ $(docker images | grep chaitin[/-]safeline | grep -c none) == 0 ] || docker images | grep chaitin[/-]safeline | grep none | awk '{print \$3}' | xargs docker rmi"

IV. FAQ

Q: Will cleaning logs affect protection functionality?

A: No! Only historical records are cleaned, real-time protection is unaffected

Q: What if important logs are accidentally deleted?

A: Regular database backups or snapshots can help recover

Q: Will wrong images be deleted?

A: No! The command specifically deletes SafeLine images, other software is unaffected

Following these steps, you can quickly free up SafeLine WAF's disk space! If you still encounter issues, it's recommended to save screenshots of any error messages and contact official technical support.

Related Posts
#
Webhook Response
#
Load Balancing to two upstream servers.
#
Adding the Ability to Create Users with LDAP/Active Directory
#
Access log viewer
#
Safari - Challenge Not Work
Disk Space Management Guide for SafeLine WAF | CyberServal | CyberServal