Archive and Backup on SPS

Hi Dario,

Backup Policy assigned to Connection Policy:

- Audit Trails (for example recorded session .zat files) are copied to external storage location specified in backup policy

Archive Policy assigned to Connection Policy:

- Audit Trails  (for example recorded session .zat files) are moved to external storage location, means recordings from this connection policy will be removed from SPS appliance and moved to archive location based on Archive Policy.

Note: Never delete an archive policy because its used to identify where the audit trails are located

Metadata is additional data about the audit trails which resides in a database in SPS and displayed in the Search menu to show additional details about the audit trails.

- This database is backed up as part of the System backup

Now if you use a clean up policy (to delete older audit trails and its associated metadata) - this action only affects the audit trails and metadata that reside in SPS 

- Cleanup of audit trails in an external archive storage location is not managed by SPS.

There were changes from LTS to Feature releases about how data was cleaned up but the above is basically the latest method from a SPS feature release perspective.

Thanks!

Hi Dario,

Backup Policy assigned to Connection Policy:

- Audit Trails (for example recorded session .zat files) are copied to external storage location specified in backup policy

Archive Policy assigned to Connection Policy:

- Audit Trails  (for example recorded session .zat files) are moved to external storage location, means recordings from this connection policy will be removed from SPS appliance and moved to archive location based on Archive Policy.

Note: Never delete an archive policy because its used to identify where the audit trails are located

Metadata is additional data about the audit trails which resides in a database in SPS and displayed in the Search menu to show additional details about the audit trails.

- This database is backed up as part of the System backup

Now if you use a clean up policy (to delete older audit trails and its associated metadata) - this action only affects the audit trails and metadata that reside in SPS 

- Cleanup of audit trails in an external archive storage location is not managed by SPS.

There were changes from LTS to Feature releases about how data was cleaned up but the above is basically the latest method from a SPS feature release perspective.

Thanks!

that's great and perfectly clear! 

Then, why i see only the last 30 days of audit trails (in the sessions tab) even if there is no cleanup policy configured? Is by default? If i need to keep the last 90 days it is enough to specify in a new cleanup policy 90 days and i should display the last 90 days of connection datas?

--> if i specify a value of days i can display all the connection datas about this time range of days, otherwise by default i can see only the last 30 days?

thank you so much!!!

Yes that date selection is only to filter which days you want to show and does not control what is cleaned up

The default will display last 30 days from today then you can modify as needed.

https://support.oneidentity.com/technical-documents/one-identity-safeguard-for-privileged-sessions/7.5/administration-guide/90#TOPIC-2157792

Clean policy information can be found here:

https://support.oneidentity.com/technical-documents/one-identity-safeguard-for-privileged-sessions/7.5/administration-guide/28#TOPIC-2157546

Thanks!