This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(44.800000000000004, 19%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDB%3C/text%3E%3C/svg%3E)
The log file for Defender ATP is filling up my C Drive on one of my Windows servers, it is 27Gb.
Location C:\ProgramData\Microsoft\Windows Defender Advanced Threat Protection\Temp
Is there any way to configure what is logged, and/or a max size for the log file?
Hi anonymous user-2419
Thank you for posting your question to Microsoft Q&A forum.
How did you configure your Windows Defender Advanced Threat Protection? SCCM? Intune?
You can also try contacting Microsoft Defender for Endpoint support:
https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/contact-support?view=o365-worldwide
Best Regards,
Wesley Li
Hi,
Windows defender files will appear in disk clean up if you click the clean up system files option. This will tidy it up for now.
There’s no configuration options for what’s logged but if it’s producing so many logs, there’s likely to be something wrong. Have you checked the logs to see if you can remove files or change something else on the server to prevent them being created in the first place?
I hope this answers your question.
-------------------------------------------------------------------------------------------------------------------------------------
--If the reply is helpful, please Upvote and Accept as answer--
Hello
Do you have any other questions?
If the above reply is helpful to you, please mark it as answer.
Thanks
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(83.2, 8%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETR%3C/text%3E%3C/svg%3E)
I have a dozen VM's that have needed increased drive space because of huge log files created since November of 2022. They do not show up in disk clean up as previously posted. Can these be deleted? How to prevent them from being created?