Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

Purge all logs option

Created: 06 Aug 2009 | 4 comments
Zoidberg's picture
14 Agree
0 Disagree
+14 14 Votes
Login to vote

I would like to see a Purge All Logs button in the Manager to be able to just delete all existing logs in order to get fresh information starting from scratch.
This would be a great option to allow the Admin to make sure that all the logs and information are fresh in the Database for monitoring purposes.

I believe that it should be in the Admin Tab -> Servers -> Local Site -> Site properties -> Log Settings, so that it will have to intentionally be pushed. Also would like to see a double confirmation for pushing it letting the Admin know that this will purge all data, so that there can and will be NO confusion on what is about to occur.

Thoughts?

Comments 4 CommentsJump to latest comment

Kurt G.'s picture

This is an excellent idea. I would like to add that it would also be nice to be able to do this for specific groups or perhaps even individual clients. This way if there is an issue with a specific client's logs or an entire group you wouldn't need to remove all logs from other groups or clients that you may want to retain.

Kurt G.
Symantec Technical Specialist: Endpoint Security Advanced Team

Symantec Corporation www.symantec.com

Symantec Enterprise Support: (800) 342 0652 

+5
Login to vote
Scuba Steve's picture

I would like to add that it would be a nice idea if that were to work instantly. Rather than waiting for the maintenence cycle. This way if the database grows to large and fills the hard drive up, the customer can purge data from the database, and gain space back.

+2
Login to vote
Jeremy Dundon's picture

But it does not have a convenient button and is instead a command run in a web browser. (and relatively instantly, ScubaSteve...as long as you run it twice as the first time only flags the logs for deletion)

I see no harm in adding a button to accomplish this, provided it is difficult to press by accident. 

+2
Login to vote
Anshuman's picture

Having the purge option is a good option. We can also think for following additional options -

1. Having an automised way built in the endpoint configuration which will archive the old database where the admin should have an option to mention how mcuh data he needs to store in the database. Like he can say that he the database should only maintain logs for last 30 days or specified MB/GB of data. Rest all data will be moved in the archived database. Here I am assuming that if required the archived database can be used to fetch the required data.

2. In confinuation for point number 1 there should be an option where admin would also say that the archived data should be in chunks of 1GB / 4 GB, etc. which will allow them to burn this data on a media. This might be required as per the archival policy set by the organisation in line with the certification which they have like ISO 27001/SOX or HIPAA.

I hope this makes a sense. All of you please let me know your thoughts on this.

0
Login to vote