Table of Contents
- Getting Started
- Agent-Based Management
- Common Tasks
- Data Providers
- Directory Services
- Auditing
- Hosts
- Templates
- Template Properties
- Batch Update Templates
- Assign Templates
- Log Management Templates
- SCAP Compliance Monitor
- Active Directory User Monitor Templates
- File and Directory Monitor Templates
- Windows Monitor Templates
- CPU Monitor Template
- Memory Monitor Template
- Disk Space Monitor Template
- Account Lockout Monitor Template
- Audit Policy Monitor Template
- Logon As Monitor Template
- Logon Monitor Template
- Performance Counter Monitor Template
- PowerShell Template
- Process Monitor Template
- RDP Session Monitor Template
- Registry Value Monitor Template
- Service Monitor Template
- SMART Disk Monitor Template
- System Security Monitor Template
- Windows Update Template
- WMI Query Template
- Task Scheduler Template
- Clock Synchronization Template
- Defragment NTFS Disks Template
- Network and Application Monitor Templates
- SSL Certificate Monitor Templates
- Database Templates
- Email Monitor Templates
- SNMP Monitor Templates
- Windows Accounts Templates
- Monitors
- Reports
- Auto-Configurators
- Filters
- Actions
- Schedules
- Environment Variables
- Options
- SNMP
- SSH Shell
- Syslog
- System Reset
- Shared Views
- Active Directory User and Group Filters
- Assign Actions
- Assign Azure Audit Logs
- Assign Consolidated Logs
- Assign Directories
- Assign Disks
- Assign Event Logs
- Assign Files
- Assign Services
- Assign Shares
- Auto-Config Host Assignment Properties
- Define CSV and W3C Log Entry Columns
- Define Log Entry Columns
- Define Log Entry Columns with Regular Expressions
- Executable Status
- Executable Timeline
- Explicitly Assigned Logs
- File Explorer
- General Executable Properties
- Report Columns
- Report Date/Time Ranges
- Report Security Event Log Filters
- Select Folder or File
- Target Files and Sub-Directories
- Command Line Interface
- Server Configuration
- Agent Configuration
- Troubleshooting
- Terminology
Log Entry Retention Policy Template
The Log Entry Retention Policy Template enables you to remove old log entries no longer required for either reporting or compliance so disk space can be freed and table size maintained over time for faster reporting.
Background:
When storing log entries for long periods of time, such as one year, log entry tables will become quite large. Running daily reports, such as Account Management Reports, require table scans to isolate the target log entries. If we were to store each log in a single table for the entire year, daily reports would be unnecessarily table scanning irrelevant data burning CPU, memory, power and time. For this reason, Corner Bowl saves log entries to two tables is separate databases. This design has two advantages. First, daily reports only need to execute table scans against recent data, and second, archive databases can be implemented on alternate hardware, with different specifications, while simultaneously isolating CPU intense archive reporting from production systems. Corner Bowl Server Manager implements these two databases in the Explorer View under Data Providers. By default, the databases are called the Primary Log Database and the Archive Log Database respectively.
Tutorials
How it works:
The Log Entry Retention Policy is responsible for removing log entries from the Primary Log Database and saving them to the Archive Log Database. Once the entries are older than the maximum configured time, for example 365 days, the Log Entry Retention Policy deletes the entries from the database. Entries are deleted in batches of one hour minimizing the size of transaction tables and memory consumption.
How to configure the Log Entry Retention Policy Template:
- From the Menu Bar, select File | New. The Create New Object View displays.
- From the Create New Object View, expand Templates | Log Management then select Log Entry Retention Policy. The New Template Properties View displays.
- The Template Properties view contains 3 tabs.
The Options Tab
- Use the Log entry retention filter drop-down to optionally select a filter to target specific entries.
- Use the Log entry retention policy drop-down to select to either Remove or Archive log entries then select the number of days to maintain in the log database.
- If you choose to Archive log entries, use the Retain archived entries for check box to enable the removal of old archived entries. Lastly, set the number of days to maintain in the archive log database.