Using custom audit aging

For additional flexibility to manage audit data, the custom audit aging mechanism is used to contrive the configuration of TTL and limit audit event count which is based on entity or audit action type.

Supported custom aging configurations

atlas.audit.custom.ageout.count=20
atlas.audit.custom.ageout.ttl.in.days=30
atlas.audit.custom.ageout.entity.types=<List of entity types>
atlas.audit.custom.ageout.action.types=<List of audit action types>

Using these configurations, Atlas limits (with audit count) or age-out (with TTL) audit data for the configured entity and audit action types.

Custom audit aging configurations are categorized using the following use cases:


Actions by	Description
Entity Type	Example: Limit to five latest audits for hive_column. `atlas.audit.custom.ageout.count=5` `atlas.audit.custom.ageout.entity.types=hive_column`
By Action Type	Example: Delete all ENTITY_UPDATE audit events older than ten days. `atlas.audit.custom.ageout.ttl.in.days=10` `atlas.audit.custom.ageout.action.types=ENTITY_UPDATE`
Limited audit by Action type for specific entity type	Example: Limit to five latest ENTITY_UPDATE audits for hive_storagedesc entities. `atlas.audit.custom.ageout.count=5` `atlas.audit.custom.ageout.entity.types=hive_storagedesc` `atlas.audit.custom.ageout.action.types=ENTITY_UPDATE` Example: Limit to five latest audits created in last 1 week for hive_db entities `atlas.audit.custom.ageout.count=5` `atlas.audit.custom.ageout.ttl.in.days=7` `atlas.audit.custom.ageout.entity.types=hive_db`