Audit aging reference configurations

You must be aware about other related audit aging configurations that are required while working with optimizing the storage requirements and retaining the required audit data in your Atlas application.

The following configuration options provide you flexibility to manage your audit aging operations.

• By default, Atlas skips deleting all ENTITY_CREATE events. Atlas audit aging options are directed at non ENTITY_CREATE events which are handled according to the specified configurations. If you plan to delete audit data which includes ENTITY_CREATE events, use the parameter atlas.audit.create.events.ageout.allowed=true. By default, the value of this parameter is true.

• The frequency for performing the audit aging process is moderated by using the atlas.audit.aging.scheduler.frequency.in.days=10 parameter. By default the audit aging process is scheduled for every 10 days.
• You cannot directly configure the custom or default TTL value less than the minimum TTL configured for this property - min.ttl.to.maintain. If the TTL value is configured for less than the minimum TTL, Atlas considers TTL as the value configured for the parameter. The default value is 3.
• You cannot directly configure custom or default audit count less than the minimum audit count configured for this property - min.audit.count.to.maintain. If you configure a lesser value, Atlas considers audit count as the value configured for the parameter. The default value is 5.
• By default audit aging will be executed for all the subtypes of the entity types configured using the property atlas.audit.aging.subtypes.included. By default it is configured as true. To limit audit aging operation for configured entity types but not sub types, this configuration can be used to exclude the subtypes. For example, the iceberg_table is a subtype of hive_table and if the user wants to purge audit data for only hive_table, in that case this configuration can be set to false.