Sorry, I forgot to mark this resolved.
You were right about the memory limitation. It hit the server limits (that I didn’t want to further increase) but I am able to export CSV when I choose to store data for 7 days only.
The thing was I wanted to export the data because the server had been attacked, so I wanted to use the malicious IPs as an ipset list for my other servers. But due to the attack there was really a lot of IPs.
Thanks for the link, all seems to be fine. Oh well, it’s just a dev site, I wrote a bash script to do the backup into a webdav. Thanks for help though!
