Cleanup of the Audit Trail

Remove entries from the audit trail by means of the Commander service.

It is possible to delete old audit trail entries by means of the audit cleanup command provided by the Commander service, together with the ./config/system/cleanupConfiguration.json configuration file.

Configuration

The audit field in the JSON file contains details on the deletion of the audit trail entries using the following parameters:

ParameterDescription
defaultCleanupAfterDays

An integer default value for the cleanupAfterDays parameter. It is valid for any action that is not listed in actions.

actions

Contains a list of mappings of the minimum age of audit trail entry types and the corresponding cleanup timing.

ParameterDescription
commentAn optional string parameter for the purpose of help. The value is arbitrary and is not evaluated in the Commander service. 
actionThe integer Core API code specifying the audit trail entry type. Only existing values are considered. Not existing values lead to ignoring of the mapping element.
cleanupAfterDays

The integer minimum age of audit trail entries with the history code action in days. Any entry of type action older than cleanupAfterDays will be deleted when the audit cleanup command is executed.

Only values >= 0 are valid. If a negative value is set, audit trail entries of the corresponding type will never be deleted.

Example cleanupConfiguration.json
{
	"audit": {
		"defaultCleanupAfterDays": 10,
		"actions": [				
			{
				"comment": "OBJECT_CREATED",
				"action": 100, 
				"cleanupAfterDays": -1
			},
			{
				"comment": "DOCUMENT_ACCESSED",
				"action": 400,
				"cleanupAfterDays": 1
			}			
		]
	}
}

When the lifetime of the audit trail entries is exceeded, they are not automatically deleted. The deletion of entries takes place only as a result of the execution of the audit cleanup command in the Commander service AND if the specified lifetime is exceeded. When executed, the command reads the cleanupConfiguration.json file. If the file does not exist, the defaultCleanupAfterDays value is set to -1 and thus no entry will be deleted from the audit trail.

Execution in the Commander

Two parameters can be given to the audit cleanup command:

ParameterDescriptionExample
-t | --tenantSpecifys the target tenant. If not specified, the command is executed for all tenants.audit cleanup -t default
(with the example tenant default)

Read on

Audit Trail - an "Object's History"

The audit trail is the history protocol of an object, serving to document its total lifecycle. There are many different actions that trigger the creation of a new entry in the respective object's audit trail. Keep reading

Commander Service for System Maintenance

Perform low-level maintenance on your core system, access the database and carry out Elasticsearch queries. Keep reading