-
- Service Provider
- Posts: 242
- Liked: 54 times
- Joined: Nov 17, 2014 1:48 pm
- Full Name: Florin
- Location: Switzerland
- Contact:
Malware detection and index retention
As we migrated the whole backup environment of one of our customers to new hardware, we used the chance to activate all malware features and create new full backups.
We never used guest indexing before, but had to enable it now to use "Suspicious activity detection". However, indexing data is growing rapidly and does not seem to stop consuming more space. It's populating 400GB now and grows daily. We are backing up a total of ~80TB and keep the data for 6 months on disk.
As far as i understand, suspicious acitivity detection only tracks changes between two backups. So it should be enough to only keep indexing data for the last few backups instead for the whole backup chain. Unfortunately i haven't found any setting to change index retention. We're not using enterprise manager and we do not need indexing data except for malware protection.
We never used guest indexing before, but had to enable it now to use "Suspicious activity detection". However, indexing data is growing rapidly and does not seem to stop consuming more space. It's populating 400GB now and grows daily. We are backing up a total of ~80TB and keep the data for 6 months on disk.
As far as i understand, suspicious acitivity detection only tracks changes between two backups. So it should be enough to only keep indexing data for the last few backups instead for the whole backup chain. Unfortunately i haven't found any setting to change index retention. We're not using enterprise manager and we do not need indexing data except for malware protection.
-
- Service Provider
- Posts: 242
- Liked: 54 times
- Joined: Nov 17, 2014 1:48 pm
- Full Name: Florin
- Location: Switzerland
- Contact:
Re: Malware detection and index retention
No one?
Thought that should be quite a common problem![Smile :-)](https://forums.veeam.com/images/smilies/icon_smile.gif)
Thought that should be quite a common problem
![Smile :-)](https://forums.veeam.com/images/smilies/icon_smile.gif)
-
- Product Manager
- Posts: 14536
- Liked: 1606 times
- Joined: Feb 04, 2013 2:07 pm
- Full Name: Dmitry Popov
- Location: Prague
- Contact:
Re: Malware detection and index retention
Hello Florin,
Correct. In guest file indexing analysis data from latest restore point is compared with the earliest one created for the last 24 hours ago.As far as i understand, suspicious acitivity detection only tracks changes between two backups.
You can control it with retention (index is removed together with the restore point) or via Enterprise Manager, that is correct.So it should be enough to only keep indexing data for the last few backups instead for the whole backup chain.
-
- Service Provider
- Posts: 242
- Liked: 54 times
- Joined: Nov 17, 2014 1:48 pm
- Full Name: Florin
- Location: Switzerland
- Contact:
Re: Malware detection and index retention
Thanks for your answer Dima.
I obviously don't want to lower restore point retention just to remove index data earlier. So as i understand, the only way to get around this problem is to install enterprise manager because it let's me control index retention independently from restore point retention? Is there any plan to implement an easier way to have most recent index data just for malware features, but without having to keep them for the whole lifetime of the related restore points?
I obviously don't want to lower restore point retention just to remove index data earlier. So as i understand, the only way to get around this problem is to install enterprise manager because it let's me control index retention independently from restore point retention? Is there any plan to implement an easier way to have most recent index data just for malware features, but without having to keep them for the whole lifetime of the related restore points?
-
- Product Manager
- Posts: 14536
- Liked: 1606 times
- Joined: Feb 04, 2013 2:07 pm
- Full Name: Dmitry Popov
- Location: Prague
- Contact:
Re: Malware detection and index retention
Hello Florin,
I agree that installing Enterprise Manager just to control the index retention sounds like an overkill, however some Enterprise Manager features might look attractive to justify the installation for you? Self-service restore capabilities, restore scopes or centralized license management are good addition to the excising B&R capabilities.
I will discuss the possibility to control the index retention with RnD folks, noted as an improvement request for now! Thank you!
I agree that installing Enterprise Manager just to control the index retention sounds like an overkill, however some Enterprise Manager features might look attractive to justify the installation for you? Self-service restore capabilities, restore scopes or centralized license management are good addition to the excising B&R capabilities.
I will discuss the possibility to control the index retention with RnD folks, noted as an improvement request for now! Thank you!
-
- Service Provider
- Posts: 242
- Liked: 54 times
- Joined: Nov 17, 2014 1:48 pm
- Full Name: Florin
- Location: Switzerland
- Contact:
Re: Malware detection and index retention
Hey Dima
The need to patch it every now and then is the main reason against using EM if you don't need it![Wink ;-)](https://forums.veeam.com/images/smilies/icon_wink.gif)
Would be very nice to have another possibility to control index retention. Thank you very much for noting a request!
The need to patch it every now and then is the main reason against using EM if you don't need it
![Wink ;-)](https://forums.veeam.com/images/smilies/icon_wink.gif)
Would be very nice to have another possibility to control index retention. Thank you very much for noting a request!
Who is online
Users browsing this forum: Baidu [Spider], Bing [Bot] and 102 guests