About ouss

ouss · ‎06-27-2022

Thanks for the suggested workaround this was helpful.

ouss · ‎06-27-2022

Hello @soumyasaha25 , I am having a similar issue and was wondering if you have figured out the root cause or a fix?

ouss · ‎06-22-2022

Hello @phanTom, you are right the script works well and the containers data is purged from the database. However, I am noticing that the folder "/phantom/data/db/pg_wal" (45G) is huge compared to "/phantom/data/db/base" (4.5 G). From searchihng in Postgres forums it seems that pg_wal is supposed to be cleaned automatically by postgres ... any ideas on why this is not happening or from where I coud start troubleshooting 🙂 thank you in advance.

ouss · ‎06-20-2022

Thank you for your reply @phanTom , I have executed this script and deleted approximately 10k containers with the artifacts, playbook runs and action runs associated to them ... However I do not seem to notice any changes on disk Space usage, (by the way my goal of purging containers is to free up some disk space). Is the script deleting the data from the database or should I follow further steps to delete this data from the database?

ouss · ‎06-20-2022

Hello, What is the proper way to purge Splunk SOAR/phantom containers from the database. It seems that deleting a container only hides it from the UI. Is there a way to purge containers with certain filters for example purge containers where label="secific_label" and created before 6 months ... ?

Posts	5
Solutions	0
Karma Given	4
Karma Received	0
Member Since	‎06-20-2022

Online Status	Offline
Date Last Visited	‎06-27-2022 03:18 PM

What is the proper way to purge SOAR containers/ev...

Re: Phantom App for Splunk not respecting Global f...

Re: Phantom App for Splunk not respecting Global f...

Re: Purge SOAR containers/events

Re: Purge SOAR containers/events

What is the proper way to purge SOAR containers/ev...