Event Log item life-time base-line usage guidelines
On this page we shall give few example use cases and related guidelines for Event Log item life-time.
If using setting "Indefinitely", always monitor disk space and be prepared for real-life surprises.
Remember, it is always possible to select Event Log items by filtering, and then export them out for archival purposes. This, however, is not possible in all use cases.
Base-line settings for enterprise use
Life-time class | Base value | Remarks |
---|---|---|
General | 180 days | Optionally 365 days |
Long life-time | 3 years | Optionally 4+ years |
Permanent | Indefinitely | Fixed setting |
Base-line settings for governmental use
External central syslog service and/or SIEM and/or Graylog is strongly recommended and in some cases mandatory.
Life-time class | Base value | Remarks |
---|---|---|
General | 365 days | Optionally 730 days |
Long life-time | 5 years | Optionally 6+ years |
Permanent | Indefinitely | Fixed setting |
Base-line settings for healthcare use
External central syslog service and/or SIEM and/or Graylog is strongly recommended and in some cases mandatory.
Life-time class | Base value | Remarks |
---|---|---|
General | 730 days | Idenfinitely is possible but enable it with caution |
Long life-time | 15 years | Idenfinitely is possible but enable it with caution |
Permanent | Indefinitely | Fixed setting |
Base-line settings for finance/insurance use
External central syslog service and/or SIEM and/or Graylog is in most cases mandatory.
Life-time class | Base value | Remarks |
---|---|---|
General | 730 days | Idenfinitely is possible but enable it with caution |
Long life-time | 10 years | Idenfinitely is possible but enable it with caution |
Permanent | Indefinitely | Fixed setting |