Audit retention period and catalog backups of audit records
The audit records are kept as part of the NetBackup database, for as long as the retention period indicates. The records are backed up as part of the NetBackup catalog backup. The NetBackup Audit Service (nbaudit) deletes expired audit records once every 24 hours at 12:00 A.M. (local time).
If no audit retention period is indicated, audit records are retained for 90 days, which is a default value. Set the audit retention period to 0 (zero) if you do not want to delete the audit records.
To configure the audit retention period
- Log on to the primary server.
- Run the following command:
bpnbat -login
- Open the following directory:
Windows: install_path\NetBackup\bin\admincmd
UNIX: /usr/openv/netbackup/bin/admincmd
- Enter the following command:
nbseccmd -setsecurityconfig -auditretentionperiod number_of_days
The audit report is retained for the value that is specified for the number_of_days option.
In the following example, the records of user actions are retained for 30 days and then deleted.
nbseccmd -setsecurityconfig -auditretentionperiod 30
To ensure that audit records are backed up during catalog backups, configure the catalog backup frequency to be less frequent or equal to the value that you specify for -auditretentionperiod.
- To check the current audit retention period, run the following command:
nbseccmd -getsecurityconfig -auditretentionperiod