hi fleet team our fleet has a var log fleet result log file

Question

hi fleet team our fleet has a var log fleet result log file storing lots of logging long time ago could anyone help to explain what is it about

Rachel Perkins · Answer

Could you give us an example or screenshot to help us understand what you re experiencing

Benjamin Edwards · Answer

Hey I think this might just be the default logging destination for osquery results scheduled queries in Fleet So this would be expected More on osquery logs here

wennan.he · Answer

yes sure we have some issue before and we found this file storing logging 2 weeks ago like

wennan.he · Answer

this is caused by a scheduled query we setup long time ago which is already stopped

wennan.he · Answer

but i dont understand why it is not rotated

Benjamin Edwards · Answer

you can enable rotation using this <https fleetdm com docs deploying configuration filesystem enable log rotation>

wennan.he · Answer

so you mean the that log file is not enabled for rotated by default

Benjamin Edwards · Answer

Correct it s not enabled by default

wennan.he · Answer

so if it is not and if fleet collects huge size of data for scheduled queries that might cause disaster right

wennan.he · Answer

IO will crash the disk