The tos vacuum Command

Overview

The tos vacuum command identifies and removes unnecessary items, such as files that should have already been deleted, from TOS databases. Using this command saves disk space and helps the databases, which include the SecureTrack, SecureChange, and Remote Cluster (RC) databases, run more efficiently. You can run tos vacuum on one or more of these databases.

In High Availability (HA) environments, run tos vacuum on the primary node only.

How does it work?

tos vacuum stops the TOS core services; TOS is unavailable while this command runs. It uses a temporary file in /opt as a workspace and when it completes, it writes data from this temporary space back to the database. After completion, it runs the analyze flag, and then restarts the core services and TOS. This command times out automatically after six hours.

When should I run this command?

Tufin recommends that each postgres database maintain at least 20% free space before running the vacuum command. You should run this command when there are problems with the database, such as running out of space or transactions are not completing within the specified time threshold.

Prerequisite

You must have at least 20% free space in the /opt directory.
Before running this command, Tufin recommends that you take a backup of your database and wait for the backup to complete. tos vacuum fails while a backup (either started manually or scheduled) is in progress.

TOS vacuum

Description

Runs a full vacuum operation on the local postgres database, which could be SecureTrack or SecureChange. In the case of the RC database, the postgres database name (and the tos vacuum command) is the same as SecureTrack. Therefore:

If you run tos vacuum from the SecureTrack server, it will run on the postgres database of SecureTrack.
If you run tos vacuum from the RC server, it will run on the postgres database of RC.

Syntax

[<ADMIN> ~]# tos vacuum [--modules <MODULE>] [--debug] [--help]

tos vacuum

Parameters

Parameter	Description	Mandatory/Optional	Possible Values
`<MODULE>`	Specify one or more modules on which to run the vacuum. If no module is specified, the default value is `ST` (SecureTrack).	Optional	`ST` `=SC` `=ST,SC`

Parameter

Description

Mandatory/Optional

Possible Values

<MODULE>

Specify one or more modules on which to run the vacuum.

If no module is specified, the default value is ST (SecureTrack).

Optional

ST

=SC

=ST,SC

Example

[<ADMIN> ~]# tos vacuum --modules=ST,SC