.png){kind=logo}
To control audit log size on disk, EJBCA provides an audit log archival mechanism to archive older audit log entries in a secure and verifiable manner.
Configuration
Audit log archival is configured through two main areas: archival mode and archival policy. These settings determine whether archival is enabled, how entries are processed, and under what conditions they become eligible for archival or deletion.
Archival mode
The archival mode defines how audit log entries are handled once they reach the retention threshold defined in the archival policy.
Disabled
Disables the archival functionality completely.
Delete Only
Audit log entries are periodically deleted from the database.
Export and Delete
Audit log entries are exported before being deleted from the database.
Archival policy
To determine which entries are eligible for archival, a set of policy properties is used. The following properties define this policy:
|
Property |
Description |
Default value |
|---|---|---|
|
Retention time |
Defines how long audit log entries are kept in the database before they become eligible for archival or deletion. |
180d |
|
Archival period |
Defines how often the archival service runs and evaluates entries against the retention policy. |
1h |
|
Maximum archival entries |
Maximum number of entries that are archived in a single run. |
1000 |
|
Maximum archival size |
Maximum size of data processed in a single run. |
100 MB |