7.14. Procedure – Configuring cleanup for the PSM connection database

Purpose: 

PSM can automatically archive audit trails older than a specified retention time. However, the metadata of the corresponding connections is not deleted from the PSM connection database. Deleting the stored data about old connections decreases the size of the database, making searches faster, and might be also required by certain policies or regulations. The period after metadata is deleted can be specified individually for the different protocols, (for example, data about SSH connections can be stored longer than other connections) and also for every connection policy. In order to configure PSM to delete the metadata of old connections for a particular protocol, complete the following steps:

Steps: 

  1. Navigate to the Global Options page of the respective protocol, for example, to SSH Control > Global Options.

  2. Figure 7.21. <Protocol name> Control > Global Options — Configuring connection database cleanup for a protocol

    <Protocol name> Control > Global Options — Configuring connection database cleanup for a protocol

    Enter how long PSM (in days) should keep the metadata into the Channel database cleanup field. For example, if you specify 365, PSM will delete the data of connections older than a year. Enter zero (0) to keep the data indefinitely (this is also the default behavior of PSM).

    Note

    The time you specify cannot be shorter than the Retention time in days set for the Archive policies used in the connections of this protocol.

    The time you specify cannot be shorter than the Channel database cleanup set in the individual connection policies of this protocol.

  3. Click and repeat the previous step for other protocols if needed.

  4. Figure 7.22. <Protocol name> Control > Connections — Configuring connection database cleanup for a connection

    <Protocol name> Control > Connections — Configuring connection database cleanup for a connection

    To delete the metadata of certain connections earlier than the time set in the Global Options > Channel database cleanup field of the protocol, navigate to the particular connection policy, and enter how long PSM (in days) should keep the metadata of the sessions of this connection policy into the Channel database cleanup field. Enter zero (0) to use the settings of the protocol (this is also the default behavior of PSM).

    Note

    The time you specify cannot be shorter than the Retention time in days set for the Archive policy used in the particular connection.

  5. Click and repeat the previous step for other connections if needed.

    Expected outcome: 

    Every day PSM deletes the metadata of connections older than the given cleanup time from the connection database.