2 of 2 people found this helpful
Very good question, you have a couple of options.
The content cleaner is excellent for keeping the content repository clean, and with valid linked files.
In addition to this you have the ability through the interface to remove packages, and vulnerabilities.
First it may help to explain the difference.
Vulnerabilities - Metadata, fingerprint, pre-req and package details like the CVE, bulletin data, summary text.
The vulnerability is separate from the actual binary package which is what is using space on your server.
Packages - This is the binary package that is deployed as part of the vulnerability being patched on a machine.
Generally speaking it is best to maintain all the current content to provide the most relevant and complete results. The EMSS suite supports multiple languages which can be added/removed from your subscription through the web interface in the EMSS console. To access this you can go to Tools>Subscription Updates>Configure (Button)>Languages. This allows you to de-select the languages you don't use and will reduce the amount of space needed for updates. In addition this will speed the replication times for the server.
Specific Content Removal:
In your case wishing to remove non-Microsoft content you can simply select the content under the Review>Vulnerabilities>All
Using this view in the interface you can filter down to the content you wish to remove. For example you may wish to remove Software Installers by selecting this filter in the Content Type filter. In addition to this you may wish to apply this to Applicability > ALL. You may individually select content, and by clicking into the vulnerability you will be presented with another screen allowing you to see the package details for that content. Allowing you to make an educated decision at this point about the benefits of removing that single package.
This information is accessed by selecting the view package button at the top of the screen.
A new window will be opened with the binary package details.
In this case I can see the package is not using any space, 0kb so no benefit from removing the content.
If you wish to remove package is mass without the individual detail level approach above you can do so from the Packages page in the interface.
To access this you can visit the Review>Other>Packages page.
From this page you may filter based on the name, status such as disabled which we covered above and Operating System. Once you see the content you wish to remove you can select the check box and hit Delete which will remove the binary content from your hard drive.
Most customers are most concerned with third party updates since these represent the largest attack vector but if you have another means to patching these vulnerabilities you can remove them as noted above through the interface.
1 of 1 people found this helpful
Run the contentcleaner.exe with the following syntax to purge cached packages and to start from scratch:
ContentCleaner.exe -L -M -R -S -V -PurgeAll -T=600
Hope this helps.