![\"\"](\"https:\/\/pariswells.com\/blog\/wp-content\/uploads\/2022\/08\/img_62ecbf5101297.png\")
<\/p>A Server with Sentinal One had 60GB of data in C:\\System Volume Information.<\/p>
Originally thought this was Veeam not cleaning up snapshots but eventually realised it was Sentinel One\u2019s ransomware protection, which by default takes a snapshot at 4 hourly intervals.<\/p>
The reason it was taking up so much space on this server was the maximum shadow copy storage space for the disk was set to \u201cunbounded\u201d.<\/p>
To check this run\u00a0vssadmin list shadowstorage\u00a0<\/b>in an elevated command prompt:<\/p>
<\/p>
Confirmed the standard is to set this to 10%, but to do this we needed to temporarily disable the Sentinel One policy as it protects shadow copies and storage settings from being tampered with.<\/p>
Once disabled you can run the following command to set the max size:\u00a0vssadmin Resize ShadowStorage \/For=C: \/On=C: \/MaxSize=10%<\/b><\/p>
![\"\"](\"https:\/\/pariswells.com\/blog\/wp-content\/uploads\/2022\/08\/img_62ecbf518d108.png\")
<\/p>
Sentinel One policy will need to be enabled again once complete.<\/p>","protected":false},"excerpt":{"rendered":"
A Server with Sentinal One had 60GB of data in C:\\System Volume Information.Originally thought this was Veeam not cleaning up snapshots but eventually realised it was Sentinel […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[3877,3876,3718,3875,3878,1342,3879],"class_list":["post-5957","post","type-post","status-publish","format-standard","hentry","category-research","tag-copies","tag-sentinel-one","tag-sentinelone","tag-shadow","tag-shadowstorage","tag-vss","tag-vssadmin"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/posts\/5957","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/comments?post=5957"}],"version-history":[{"count":1,"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/posts\/5957\/revisions"}],"predecessor-version":[{"id":5960,"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/posts\/5957\/revisions\/5960"}],"wp:attachment":[{"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/media?parent=5957"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/categories?post=5957"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/tags?post=5957"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}