Activity Log Retention

S

Snafu

ADSM.ORG Member
Joined
Jun 4, 2010
Messages
28
Reaction score
1
Points
0
Our auditors have indicated we should be keeping 24 month's worth of Backup Logs.

What affect will increasing the Activity Log retention to 730 day have on the database, or is there a better way to retain the the data.

Thanks
 
You can run a weekly (or monthly) script ... to export the actlog records to a textfile
 
Thanks, but will there be any negative effects for the TSM database? Also, how do I go back changing the retention period?
 
domino said:
You can run a weekly (or monthly) script ... to export the actlog records to a textfile
Click to expand...

Being a Security and Audit Professional myself, this option is not an answer. The requirement is to keep the Actlog in the system for two years. Thus, when the audit comes, you must be able to show that the Actlog can be extracted from the system.

This is a matter of Compliance and not just having the Actlog available.

Snafu will just have to bear the increase in DB size to accommodate the long retention requirement for the Actlog
 
My database size is 110 GB and actlog retention is 100 days and my q sta says Activity Log Size: 137 M.

Roughly calculatiing if i chnage the retention to 730 days, the db would increase by 10 GB only for actlog retnetion in the next 2 years!!!

I would really hate that and the auditor ofcourse :)
 
Thanks Folks. I've increased my retention to 730 Days.
 
Is there an external legal reason to keep the ACT log that long? I work for an insurance company and we haven't been directed to retain our logs for any particular amount of time. We keep 30 days worth in the DB and that's it.
 
Jeff_Jeske said:
Is there an external legal reason to keep the ACT log that long? I work for an insurance company and we haven't been directed to retain our logs for any particular amount of time. We keep 30 days worth in the DB and that's it.
Click to expand...

Sometimes it not a matter of a legal reason.

The truth of the matter is that Risk and Compliance sees things differently than Technical people. Audit might have seen an 'anomaly' on how data is being backed up and restored, how fees are collected (in the case of Service providers), how data is aged and disposed of, etc.

If the organization is in the Medical field, this will be HIPAA driven; and for Financial organizations, SOX driven
 
You must log in or register to reply here.

Data Privacy Impact Assessment

Compliance Assurance in Every Byte: Discover the Impact of Our DPIA Services.

Sponsor ADSM.ORG

If you are reading this, so are your potential customer. Advertise at ADSM.ORG right now.

Navigation Menu

Forums
   IBM TSM
   EMC Backup and Recovery
   Symantec NetBackup  
   SAN  
   NAS
   Platforms / OS
Mailing List Archives
   ADSM-L
User Groups

NordVPN 3 Months FREE

Help Support ADSM.ORG and Get NordVPN with 64% Off and 3 Months FREE.

NordVPN with 64% off + 3 months FREE

Forum statistics

Threads
31,982
Messages
135,471
Members
21,953
Latest member
smeegama
Back
Top