Configuring device logs

You can set the Access Log Retention Period and Access Log Rotation Period.

About this task

Note: A system administrator can enable options to perform log redaction (remove client IP addresses from management vaults or dump-log output), which may help with meeting regulatory restrictions on collecting personally identifiable information. The Cloud Object Storage Manager has two locations where log redaction can be configured. The two locations configure different behavior. The first is on the Settings > Vaults > Management Vault page under the Management Vault Options section (Redact client information...). For this case, Management Vault redaction applies to rotated and zipped access log files that exist or will be placed as objects in a device's management vault. Existing objects will be downloaded from the management vault, unzipped, redacted, zipped, and placed back in the management vault. The second place where log redaction can be configured is the Settings > Support > Logs > Log Collection > Log Collection Configuration page (Redact client IP addresses during log collection). In this case, Log Collection redaction applies to access logs and HTTP logs (including rotated and zipped logs) as well as netstat output. The original contents of the logs will not be redacted; the dump-log content will be redacted before it is sent to an SFTP or HTTP server. A system administrator can enable options to perform log redaction (redact client information from management vaults or dump-log output), which may help with meeting regulatory restrictions on collecting personally identifiable information. The Cloud Object Storage Manager has two locations where log redaction can be configured. The two locations configure different behavior. The first is on the Settings > Vaults > Management Vault page under the Management Vault Options section (Redact client information). For this case, Management Vault redaction applies to rotated and zipped access log files that exist or will be placed as objects in a device's management vault. After the access log’s "access log redaction time" passes, it will be downloaded from the management vault, unzipped, redacted, zipped, and placed back in the management vault. The second place where log redaction can be configured is the Settings > Support > Logs > Log Collection > Log Collection Configuration page under the Privacy Controls section (Redact client information during log collection). In this case, Log Collection redaction applies to access logs and HTTP logs (including rotated and zipped logs) as well as netstat output. The original contents of the logs will not be redacted; the dump-log content will be redacted before it is sent to an SFTP or HTTP server.

Procedure

  1. On the Settings tab, navigate to Support > Device Logs.
  2. Select the desired Retention Period from the drop-down menu.
    The Retention Period is the maximum amount of time that access logs are persisted on Accesser devices and Slicestor devices.
  3. Select the desired Rotation Period from the drop-down menu.
    The Rotation Period applies to both Vault Mode and Container Mode, controlling how often access logs are rotated. If "Not Set", the rotation only occurs once the access log reaches 500 MB. Otherwise, the logs rotate based on the selected time interval. The Management vault upload of the access log occurs within one (1) hour of the log rotation.
    Note: An access log rotation period must be set if redaction of client information in the management vault is enabled.
  4. Click Update.
    Note: The Retention Period and Rotation Period for access logs will be applied to notification logs as well.