I do not know if there is a better recommended approach by IBM, but one way is to use the clean dam_data cli command with purge_type msgs. I write that with the addendum that this command always comes with the warning:
Warning - Only use the "clean DAM_data" command when all other options are exhausted. Unlike the normal purge process, this command does not ensure data was properly archived, so it can result in permanent loss of audit data. Before running this command, contact IBM Support. If you open a case, include the output of these commands.
I recommend you read and fully comprehend the command before running it in your environment.
------------------------------
Chase Walkup
------------------------------
Original Message:
Sent: Wed February 14, 2024 10:21 AM
From: Federico Martinisi
Subject: clear smtp alert queue
Dear all
I recently configured a new security policy. Unfortunately, this policy triggered too many alerts via smtp than originally intended. I immediately uninstalled this policy to stop it. But more emails still arrive, even two days after stopping/uninstalling. I suspect there are still some smtp alerts pending in some kind of queue in Guardium. Do you know how to clean up this queue?
Thank you
Best regards
------------------------------
Federico Martinisi
------------------------------