Storage Times

The following defaults can be customized via the configuration file, with the following default values set:

Metrics (hosts/endpoints): 14 days
System events (hosts): 3 days
Network anomalies (hosts): 3 days
Audits (pentests): 90 days
Activity log: 6 months
PDFs: 1 year

If you customize a configuration file on the application server, you must always run setup.sh afterwards. Only then will the settings be applied.

Be sure to follow the JSON format. In case of problems, use a JSON validator to verify that the entire file is compliant.

1. Open the configuration file.

nano /opt/enginsight/enterprise/conf/services/config.json

2. Add or adjust the values of the following indexes parameters to the existing section database. The storage time is specified in seconds. Leave the value of uriConnectionString as you find it in your config.json.

database without defined storage times:

"database": {
    "uriConnectionString": "%%MONGODB_URI%%"
  },

The extended section then looks like this:

 "database": {
    "uriConnectionString": "%%MONGODB_URI%%",
    "indexes": {
      "siemIncidents": {
        "ttl": 7776000
      },
      "siemExports": {
        "ttl": 2592000
      },
      "shieldLogs": {
        "ttl": 2592000
      },
      "hostFimLogs": {
        "ttl": 86400
      },
      "pentestAudits": {
        "ttl": 7776000
      },
      "endpointWebsites": {
        "ttl": 1209600
      },
      "hostMetrics": {
        "ttl": 1209600
      },
      "hostEvents": {
        "ttl": 259200
      },
      "hostNetworkAttacks": {
        "ttl": 259200
      },
      "history": {
        "ttl": 15552000
      },
      "reportsPDFs": {
        "ttl": 31536000
      }
      
    }
  },

3. Save the configuration file (Ctrl+o) and confirm the saving process. Close nano (Ctrl+x).

4. Navigate to /opt/enginsight/enterprise

cd /opt/enginsight/enterprise

5. Update your installation for the changes to take effect.

./setup.sh

TTL (time to life) specifies the duration of data storage in seconds. If no values are set, the default values are used.

The minimum value is set to 259200 seconds (3 days) to prevent accidental deletion of data.

A day has 86400 seconds.

PreviousSSO via Office 365 NextWhite Label

Last updated 5 months ago

Was this helpful?

"database": { "uriConnectionString": "%%MONGODB_URI%%", "indexes": { "siemIncidents": { "ttl": 7776000 }, "siemExports": { "ttl": 2592000 }, "shieldLogs": { "ttl": 2592000 }, "hostFimLogs": { "ttl": 86400 }, "pentestAudits": { "ttl": 7776000 }, "endpointWebsites": { "ttl": 1209600 }, "hostMetrics": { "ttl": 1209600 }, "hostEvents": { "ttl": 259200 }, "hostNetworkAttacks": { "ttl": 259200 }, "history": { "ttl": 15552000 }, "reportsPDFs": { "ttl": 31536000 } } },