Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commitd63bb2c

Browse files
authored
chore: add Audit Log purge advice (#20052)
Audit Log entries can be deleted safely (with appropriate caveats), butwe don't specifically call this out in the docs.---------Signed-off-by: Danny Kopping <danny@coder.com>
1 parentd2c286d commitd63bb2c

File tree

1 file changed

+51
-1
lines changed

1 file changed

+51
-1
lines changed

‎docs/admin/security/audit-logs.md‎

Lines changed: 51 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -125,6 +125,56 @@ log entry:
125125
2023-06-13 03:43:29.233 [info] coderd: audit_log ID=95f7c392-da3e-480c-a579-8909f145fbe2 Time="2023-06-13T03:43:29.230422Z" UserID=6c405053-27e3-484a-9ad7-bcb64e7bfde6 OrganizationID=00000000-0000-0000-0000-000000000000 Ip=<nil> UserAgent=<nil> ResourceType=workspace_build ResourceID=988ae133-5b73-41e3-a55e-e1e9d3ef0b66 ResourceTarget="" Action=start Diff="{}" StatusCode=200 AdditionalFields="{\"workspace_name\":\"linux-container\",\"build_number\":\"7\",\"build_reason\":\"initiator\",\"workspace_owner\":\"\"}" RequestID=9682b1b5-7b9f-4bf2-9a39-9463f8e41cd6 ResourceIcon=""
126126
```
127127

128+
##Purging Old Audit Logs
129+
130+
>[!WARNING]
131+
>Audit Logs provide critical security and compliance information. Purging Audit Logs may impact your organization's ability
132+
>to investigate security incidents or meet compliance requirements. Consult your security and compliance teams before purging any audit data.
133+
134+
Audit Logs are not automatically purged from the database, though they can account for a large amount of disk usage.
135+
Use the following query to determine the amount of disk space used by the`audit_logs` table.
136+
137+
```sql
138+
SELECT
139+
relnameAS table_name,
140+
pg_size_pretty(pg_total_relation_size(relid))AS total_size,
141+
pg_size_pretty(pg_relation_size(relid))AS table_size,
142+
pg_size_pretty(pg_indexes_size(relid))AS indexes_size,
143+
(SELECTCOUNT(*)FROM audit_logs)AS total_records
144+
FROMpg_catalog.pg_statio_user_tables
145+
WHERE relname='audit_logs'
146+
ORDER BY pg_total_relation_size(relid)DESC;
147+
```
148+
149+
Should you wish to purge these records, it is safe to do so. This can only be done by running SQL queries
150+
directly against the`audit_logs` table in the database. We advise users to only purge old records (>1yr)
151+
and in accordance with your compliance requirements.
152+
153+
###Backup/Archive
154+
155+
Consider exporting or archiving these records before deletion:
156+
157+
```sql
158+
-- Export to CSV
159+
COPY (SELECT*FROM audit_logsWHEREtime<CURRENT_TIMESTAMP- INTERVAL'1 year')
160+
TO'/path/to/audit_logs_archive.csv' DELIMITER',' CSV HEADER;
161+
162+
-- Copy to archive table
163+
CREATETABLEaudit_logs_archiveAS
164+
SELECT*FROM audit_logsWHEREtime<CURRENT_TIMESTAMP- INTERVAL'1 year';
165+
```
166+
167+
###Permanent Deletion
168+
169+
>[!NOTE]
170+
>For large`audit_logs` tables, consider running the`DELETE` operation during maintenance windows as it may impact
171+
>database performance. You can also batch the deletions to reduce lock time.
172+
173+
```sql
174+
DELETEFROM audit_logsWHEREtime<CURRENT_TIMESTAMP- INTERVAL'1 year';
175+
-- Consider running `VACUUM VERBOSE audit_logs` afterwards for large datasets to reclaim disk space.
176+
```
177+
128178
##How to Enable Audit Logs
129179

130-
This feature is only available with a[Premium license](../licensing/index.md).
180+
This feature is only available with a[Premium license](../licensing/index.md), and is automatically enabled.

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp