Netflow - keep last X days - db limit

[e97]

Disk is filling up with netflow logs from local collector. Only want netflow for the past X days.

I've since turned off netflow to avoid disk full.

There is an old thread (20.7) about this with no response: https://forum.opnsense.org/index.php?topic=20262.msg93861

Is this possible in 23.7?

If not, this is my implementation idea I'd like feedback on:

Since the logs are stored in sqlite, use python3 to connect to sqlite db and delete rows older than X days.

This functionality can be added to flowd_aggregate and exposed on the Reporting > Settings page in the webUI and only apply to local collector.

..and where is the code for the local collector?

[doktornotor]

No, nothing to limit anything and with sqlite vacuum it's probably gonna kill your box with OOM before anything gets done.

[becks0815]

I also would love to have a solution for this. I found out that my FW consumes a lot of power, even when there is no traffic, and after searching for a while, I came across netflow, which consumes 99.7% of a single core (Intel N100), with a SQL lite db of 6.1 GB size.

Turning off netflow resulted in a drastic reduction of the CPU power consumption, re-enabling in the observed behavior. After I manually resetted netflow data, enabling netflow didn't result in the cpu usage increase like before, so I am pretty sure the python process consumes a lot of power when writing to a big db (on a SSD, ZFS formatted, in case it is interesting).

So is there a function available to drop data after X days, reduce the db size and also cpu usage?