Using custom audit aging
For additional flexibility to manage audit data, the custom audit aging mechanism is used to contrive the configuration of TTL and limit audit event count which is based on entity or audit action type.
Supported custom aging configurations
atlas.audit.custom.ageout.count=20
atlas.audit.custom.ageout.ttl.in.days=30
atlas.audit.custom.ageout.entity.types=<List of entity types>
atlas.audit.custom.ageout.action.types=<List of audit action types>
Using these configurations, Atlas limits (with audit count) or age-out (with TTL) audit data for the configured entity and audit action types.
Custom audit aging configurations are categorized using the following use cases:
Actions by | Description |
Entity Type |
Example: Limit to five latest audits for hive_column.
|
By Action Type |
Example: Delete all ENTITY_UPDATE audit events older than ten days.
|
Limited audit by Action type for specific entity type |
Example: Limit to five latest ENTITY_UPDATE audits for hive_storagedesc entities.
Example: Limit to five latest audits created in last 1 week for hive_db entities
|