Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Purging or Archiving and Purging Audit Logs in Security Director

Junos Space enables you to manage the volume of audit log data stored by purging log files from the Junos Space database without archiving them or by purging log files after archiving them. You can purge audit logs before a specified date and time or audit logs that are older than a specified number of days. Audit logs can be archived locally (on any node that is in the UP state) or to a remote server.

To purge or archive and purge audit logs:

  1. Select Monitor > Audit Logs.

    The Audit Logs page appears.

  2. Click the Archive/Purge button.

    The Archive / Purge Audit Logs page appears.

  3. Specify the audit logs to be purged, or archived and purged, according to the guidelines provided in Table 1.
  4. Click OK.

    The Audit Log Archive/Purge page appears asking you to confirm the purge, or archive and purge, operation.

  5. Click Yes to continue with the purge, or archive and purge, operation.

    The Job Detail: Audit Log Archive/Purge page appears displaying the details of the job.

  6. Click OK to close the Job Details page.

    You are returned to the Audit Logs page.

Table 1: Archive/Purge Audit Logs Settings

Setting

Guideline

Purge Logs

Specify a date and time (in MM/DD/YYYY and HH:MM:SS formats) before which audit logs should be purged or that audit logs that are older than a specified number of days should be purged.

Note:

You specify the time in the local time zone of the client computer but the audit logs are purged according to the time zone configured on the Junos Space server.

Purge audit logs from all accessible domains

Select this check box to purge audit logs from all domains to which you have access. By default, audit logs are purged only from a domain that you accessed, so this check box is cleared.

Archive logs before purge

Select this check box to archive audit logs before they are purged. This check box is selected by default.

CAUTION:

If you choose not to archive the audit logs before purging, the audit logs are deleted from the Junos Space database and cannot be recovered.

Archive Mode

Specify whether audit logs are archived locally (on the active node) or on a remote server.

Username

Enter a valid username of a user on the remote server. The username and password will be used to access the remote server.

Password

Enter a valid password of the user on the remote server.

Confirm Password

Reenter the password of the user on the remote server.

Remote Server IP Address

Enter the IPv4 address of the remote server.

Remote Server Directory

Enter the full path of the directory (ending with /) on the remote server where the audit logs will be archived.

Note:

The directory must already exist on the remote server.

Type

Specify whether the purge, or archive and purge, operation should be run immediately or later.

If you specify that the operation should be run later, you must specify a start date and time (in MM/DD/YYYY and HH:MM:SS 24-hour or AM/PM formats) for the purge or archive and purge operation.

Recurrence

Specify whether the purge, or archive and purge, operation should be done on a recurring basis.

Note:

This field is enabled only when you specify (in the Purge Logs field) that audit logs that are older than a specified number of days should be purged.

Repeat

Specify the periodicity of the recurrence:

  • Minutes

  • Hourly

  • Daily (Default)

  • Weekly

  • Monthly

  • Yearly

Every

Specify the period at which the purge should recur. For example, if you specified a periodicity in hours (Hourly), enter the number of hours after which the purge should recur.

On

Specify one or more days on which you want the purge to recur.

Note:

  • This field is displayed only when you specify a weekly periodicity (Weekly).

  • The day on which the purge is scheduled is disabled. For example, if you scheduled a job on a Wednesday, then Wed is selected by default and disabled. You can select other days by enabling the corresponding check boxes.

Ends

Specify one of the following:

  • Select Never to continue (without an end date) the recurring purge operation at the specified recurrence interval.

  • Select On and specify a date and time on which to stop the recurring purge operation.

Summary

Displays a summary of the recurrence.

Related Documentation