Tagged: audit log, Recon, reconciliation, rotate
This topic has 2 replies, 2 voices, and was last updated 3 years, 10 months ago by Bill Nelson.
-
AuthorPosts
-
September 19, 2018 at 9:34 am #23225
user1234
ParticipantHi,
I have configured “/opt/openidm/conf/schedule-autoPurgeAuditRecon.json” like that:{ "enabled" : true, "type" : "cron", "schedule" : "* * * * *", "persisted" : true, "misfirePolicy" : "doNothing", "invokeService" : "script", "invokeContext" : { "script" : { "type" : "text/javascript", "file" : "audit/autoPurgeAuditRecon.js", "input" : { "mappings" : [ "%" ], "purgeType" : "purgeByExpired", "numOfRecons" : 1, "intervalUnit" : "days", "intervalValue" : 30 } } } }
But Audit log not clean, why? Because I need to remove every so often the size of audit folder.
Thanks!September 19, 2018 at 1:38 pm #23226Bill Nelson
ParticipantThe autoPurgeAuditRecon.js script is used to purge recon entries from the repository, not the file system. See the description in the autoPurgeAuditRecon.js file.
/** <strong>* A script for purging recon entries in the repository.</strong> *
The verbiage in the Integrator’s Log is confusing. It talks about “disk space” but uses a reference to the autoPurgeAuditRecon.js file (which is not the best reference). It does say in that section of the guide,
“IDM provides a sample purge script, autoPurgeRecon.js, in the bin/defaults/script/audit directory. This script purges reconciliation audit log entries only from the internal repository.”
Which is consistent with the header in the script.
To prune files on the file system, you need to configure the Audit Log Handler. See here for reference on how to do this: https://backstage.forgerock.com/docs/idm/6/integrators-guide/#audit-log-rotation
September 19, 2018 at 1:43 pm #23227Bill Nelson
ParticipantMy apologies, a more appropriate reference to file rotation can be found here:
https://backstage.forgerock.com/docs/idm/6/integrators-guide/#audit-log-file-retention
-
AuthorPosts
You must be logged in to reply to this topic.