Retention of audit logs

Audit log records are kept indefinitely by default. However, an automatic service can be configured in the SQL Server database to delete old audit log records. When enabled, cleanup occurs daily at 6:00am in which logs older than a configured number of days are deleted.

Use the following steps to configure automatic cleanup in the SQL Server database.

1. INSERT INTO PA_CONFIG_PROPERTIES (ID, NAME, GROUP_NAME, VALUE, GROUP_ORDER, OPTLOCK) SELECT TOP 1 dbo.PA_CONFIG_PROPERTIES_NEXTVAL(), 'DELETE_AUDIT_RECORDS_OLDER_THAN_DAYS', 'AUDIT_CONFIGURATION', 0, 0, 0 FROM sys.objects T1 WHERE NOT EXISTS (SELECT 1 FROM PA_CONFIG_PROPERTIES WHERE (NAME = 'DELETE_AUDIT_RECORDS_OLDER_THAN_DAYS') );

2. Update PA_CONFIG_PROPERTIES set value = <number of days> where NAME = 'DELETE_AUDIT_RECORDS_OLDER_THAN_DAYS';

   Replace <number of days> with the age, in days, after which old audit log records should be deleted. Cleanup does not occur if this property is missing or its value is less than one.

3. Restart the Websense Data Security Manager service on the management server.