Cloudera Docs

Audit aging reference configurations

You must be aware about other related audit aging configurations that are required while working with optimizing the storage requirements and retaining the required audit data in your Atlas application.

The following configuration options provide you flexibility to manage your audit aging operations.

  • By default all the aging options are applicable to only non ENTITY_CREATE events. Atlas ignores deleting all ENTITY_CREATE / ENTITY_CREATED_BY_IMPORT events by default. If users need to delete audit data, including entity creation events, they can configure this property to true. By default it is configured as false. If you set the value of atlas.audit.create.events.ageout.allowed=true , ENTITY_CREATE / ENTITY_IMPORT_CREATE events will be considered as any other non-create events and will be deleted.

  • The frequency for performing the audit aging process is moderated by using the atlas.audit.aging.scheduler.frequency.in.days parameter. By default the audit aging process is scheduled for every 30 days.
  • You cannot directly configure the custom or default TTL value less than the minimum TTL configured for this property - min.ttl.to.maintain. If the TTL value is configured for less than the minimum TTL, Atlas considers TTL as the value configured for the parameter. The default value is 7.
  • You cannot directly configure custom or default audit count less than the minimum audit count configured for this property - min.audit.count.to.maintain. If you configure a lesser value, Atlas considers audit count as the value configured for the parameter. The default value is 50.
  • By default audit aging will be executed for all the subtypes of the entity types configured using the property atlas.audit.aging.subtypes.included. By default it is configured as true. To limit audit aging operation for configured entity types but not sub types, this configuration can be used to exclude the subtypes. For example, the iceberg_table is a subtype of hive_table and if the user wants to purge audit data for only hive_table, in that case this configuration can be set to false.