When the CMDB is fully used, it is necessary to decrease the database size, or the malware database can have some outdated data. It is possible to clear the malware tables that can have big sizes.

From super CLI as root:

1. Check the current size: 
   
   

df -h /cmdb

2. List malware tables in a variable:
   
   

   tablelist=`psql -U phoenix phoenixdb -At -c "select tablename from pg_catalog.pg_tables where tablename like 'ph_malware_%';" | tr '\n' ',' | sed 's#,$##g'`

    

3. If keeping entries manually added from the GUI is required:

IFS=$','
for table in $tablelist; do psql -U phoenix phoenixdb -c "delete from $table where sys_defined='t';"; done

psql -U phoenix phoenixdb -c "vacuum $tablelist ;"

4. If removing all the malware-updated data is possible (recommended actions):
   
   psql -U phoenix phoenixdb -c "truncate table $tablelist ;"
   psql -U phoenix phoenixdb -c "vacuum $tablelist ;"

    

5. Check the disk space again:
   
   

   df -h /cmdb
   
   

   

    

    

Disk space has been freed up and an IOC update can be run again to have fresh data.