![\"\"](\"https:\/\/pariswells.com\/blog\/wp-content\/uploads\/2022\/08\/img_62ecbf5101297.png\")
<\/p>A Server with Sentinal One had 60GB of data in C:\\System Volume Information.<\/p>
Originally thought this was Veeam not cleaning up snapshots but eventually realised it was Sentinel One\u2019s ransomware protection, which by default takes a snapshot at 4 hourly intervals.<\/p>
The reason it was taking up so much space on this server was the maximum shadow copy storage space for the disk was set to \u201cunbounded\u201d.<\/p>
To check this run\u00a0vssadmin list shadowstorage\u00a0<\/b>in an elevated command prompt:<\/p>
<\/p>
Confirmed the standard is to set this to 10%, but to do this we needed to temporarily disable the Sentinel One policy as it protects shadow copies and storage settings from being tampered with.<\/p>
Once disabled you can run the following command to set the max size:\u00a0vssadmin Resize ShadowStorage \/For=C: \/On=C: \/MaxSize=10%<\/b><\/p>
![\"\"](\"https:\/\/pariswells.com\/blog\/wp-content\/uploads\/2022\/08\/img_62ecbf518d108.png\")
<\/p>
Sentinel One policy will need to be enabled again once complete.<\/p>","protected":false},"excerpt":{"rendered":"
A Server with Sentinal One had 60GB of data in C:\\System Volume Information.Originally thought this was Veeam not cleaning up snapshots but eventually realised it was Sentinel […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[3877,3876,3718,3875,3878,1342,3879],"class_list":["post-5957","post","type-post","status-publish","format-standard","hentry","category-research","tag-copies","tag-sentinel-one","tag-sentinelone","tag-shadow","tag-shadowstorage","tag-vss","tag-vssadmin"],"aioseo_notices":[],"aioseo_head":"\n\t\t\n\t\n\t\n\t\n\t\n\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t