SentinelOne agent is consuming a lot of diskpace
Eddy77 Newbie ✭
It looks like the SentinelOne agent is consuming a lot of diskpace.
After investigation we found a large number of "log" / .sst files under C:\Programdata\Sentinel\data\prdb
Is anyone else facing the same problem? And is it save to delete the .sst files??
Category: Capture Client
Hey! You will be signed out in 60 seconds due to inactivity. Click here to continue using the site.
@Eddy77 I checked my remaining one or two CC installations and do not have this amount of files. These Files are used for tracking threats, related processes and actions.
According to the SentinelOne KB if this endpoint is a server it should be purged after a reboot, this does not apply to non-server OS.
In the SentinelOne Management Console there is an Action called "Purge Database", but it is not available in the Capture Client Management.
I'am afraid (literally) you need to open a Support Ticket to get this resolved or uninstall the agent and re-install again. There is another KB article in the S1 KB for solving that kind of issue on infected Endpoints, but I'am not sure if this applies here.