IBM FileNet P8, Version 5.2.1            

Automatic pruning

Audit entries in the audit log are pruned in accordance with audit disposition policies. You can configure objects within the standard server hierarchy levels for this pruning. When the audit log is automatically managed in this way, your custom audit processing applications partly control the pruning of audit events by setting bookmarks. Bookmarks prevent the subsystem task from deleting those audit events that your applications did not process yet.

For example, in accordance with the current audit disposition policies and bookmarks, the subsystem task might remove audit entries for update events after three months. You can schedule the subsystem task to run in a particular time period, such as a four hour time period that starts at 2 a.m. on Tuesdays.

Your audit processing applications are expected to start and end audit processing sessions in the following manner:

Your applications set bookmarks by using the Content Engine API, and you can also edit or delete bookmarks by using Administration Console for Content Platform Engine.

The audit subsystem task does not delete any audit events that have audit sequence numbers greater than the lowest-valued bookmark. If your applications do not set bookmarks, unprocessed audit entries might be deleted prematurely. Conversely, if an application does not update its bookmark, previously processed entries are not deleted. If you permanently discontinue running an application, delete the bookmark that is associated with the application.



Last updated: March 2016
p8pcc001.htm

© Copyright IBM Corporation 2016.