Configuring device logs
You can set the Access Log Retention Period and Access Log Rotation Period.
About this task
Note: A system administrator can enable options to
perform log redaction (remove client IP addresses from management vaults or dump-log output), which
may help with meeting regulatory restrictions on collecting personally identifiable information. The
Cloud Object Storage Manager has two locations where log redaction can be configured. The two
locations configure different behavior. The first is on the page under the Management Vault Options
section (Redact
client information...). For this case, Management Vault redaction applies to rotated and zipped
access log files that exist or will be placed as objects in a device's management vault. Existing
objects will be downloaded from the management vault, unzipped, redacted, zipped, and placed back in
the management vault. The second place where log redaction can be configured is the page (Redact client IP addresses during log
collection). In this case, Log Collection redaction applies to access logs and HTTP logs (including
rotated and zipped logs) as well as netstat output. The original contents of the logs will not be
redacted; the dump-log content will be redacted before it is sent to an SFTP or HTTP server.
A system administrator can enable options to perform log redaction
(redact client information from management vaults or dump-log output), which may help with meeting
regulatory restrictions on collecting personally identifiable information. The Cloud Object Storage
Manager has two locations where log redaction can be configured. The two locations configure
different behavior. The first is on the page under the Management Vault Options
section (Redact client information). For this case, Management Vault redaction applies to rotated
and zipped access log files that exist or will be placed as objects in a device's management vault.
After the access log’s "access log redaction time" passes, it will be downloaded from the management
vault, unzipped, redacted, zipped, and placed back in the management vault. The second place where
log redaction can be configured is the page under
the Privacy Controls section (Redact client information during log
collection). In this case, Log Collection redaction applies to access logs and HTTP logs (including
rotated and zipped logs) as well as netstat output. The original contents of the logs will not be
redacted; the dump-log content will be redacted before it is sent to an SFTP or HTTP
server.