openshift/openshift-docs
1
0
Fork 0
mirror of https://github.com/openshift/openshift-docs.git synced 2026-02-05 12:46:18 +01:00
Code Issues Releases Activity
Files
enterprise-4.21
openshift-docs/modules/microshift-audit-logs-config-intro.adoc
“Shauna Diaz” 4a0bd7b8b1 OSDOCS-16338: fixes cluster mentions MicroShift
2025-10-07 17:43:41 +00:00

42 lines
2.9 KiB
Plaintext
Raw Permalink Blame History

// Text snippet included in the following assemblies:
//
// * microshift_configuring/microshift-audit-logs-config.adoc
:_mod-docs-content-type: CONCEPT
[id="microshift-audit-logs-config-intro_{context}"]
= About setting limits on audit log files
Controlling the rotation and retention of the {microshift-short} audit log file by using configuration values helps keep the limited storage capacities of far-edge devices from being exceeded. On such devices, logging data accumulation can limit host system or node workloads, potentially causing the device stop working. Setting audit log policies can help ensure that critical processing space is continually available.
The values you set to limit {microshift-short} audit logs enable you to enforce the size, number, and age limits of audit log backups. Field values are processed independently of one another and without prioritization.
You can set fields in combination to define a maximum storage limit for retained logs. For example:
* Set both `maxFileSize` and `maxFiles` to create a log storage upper limit.
* Set a `maxFileAge` value to automatically delete files older than the timestamp in the file name, regardless of the `maxFiles` value.
[id="Default-audit-log-values_{context}"]
== Default audit log values
{microshift-short} includes the following default audit log rotation values:
.{microshift-short} default audit log values
[cols="20%,20%,50%",options="header"]
|===
|Audit log parameter|Default setting|Definition
|`maxFileAge`:|`0`|How long log files are retained before automatic deletion. The default value means that a log file is never deleted based on age. This value can be configured.
|`maxFiles`:|`10`|The total number of log files retained. By default, {microshift-short} retains 10 log files. The oldest is deleted when an excess file is created. This value can be configured.
|`maxFileSize`:|`200`|By default, when the `audit.log` file reaches the `maxFileSize` limit, the `audit.log` file is rotated and {microshift-short} begins writing to a new `audit.log` file. This value is in megabytes and can be configured.
|`profile`:|`Default`|The `Default` profile setting only logs metadata for read and write requests; request bodies are not logged except for OAuth access token requests. If you do not specify this field, the `Default` profile is used.
|===
The maximum default storage usage for audit log retention is 2000Mb if there are 10 or fewer files.
If you do not specify a value for a field, the default value is used. If you remove a previously set field value, the default value is restored after the next {microshift-short} service restart.
[IMPORTANT]
====
You must configure audit log retention and rotation in {op-system-base-full} for logs that are generated by application pods. These logs print to the console and are saved. Ensure that your log preferences are configured for the {op-system-base} `/var/log/audit/audit.log` file to maintain {microshift-short} node health.
====
View Git Blame Copy Permalink