LogoLogo
Home
  • ExaVault Documentation
  • Installing & Upgrading The Appliance
    • Downloading The Base Image
    • System Requirements
    • Firewall Configuration
    • Installation & Setup
      • AWS Installation
      • VMWare Prerequisites
    • Mounting the Data Drive
    • Upgrading to v18.x from v16.10
      • VMWare Upgrade Prerequisites
    • Upgrading From 16.05 or Earlier
  • Using ExaVault
    • Users
      • SSH Key Authentication
        • Creating an SSH Key on Windows
        • Creating an SSH Key on Linux
        • Creating an SSH Key on macOS
      • Export List of Users and Groups
      • Two-Factor Authentication (2FA)
      • Single Sign On (SSO), SAML, SCIM
    • Links (Share Links)
    • Notifications
    • Ciphers
    • Customizing Your Site
      • Login Page
      • Contact Information
      • Custom CSS
      • Custom Terms of Use Agreement
  • Connection Methods
    • SFTP
      • Supported SSH Ciphers
      • Maximizing SFTP Performance
      • Command Line SFTP Examples
      • Troubleshooting SFTP
    • FTP and FTPS
      • Troubleshooting FTP
    • WebDAV
  • Administration Tasks
    • Restarting the Appliance
    • Logging
    • License Keys
    • Installing or Updating SSL Certificate
    • Increasing Available Storage
    • Deleting Old Activity
    • Deleting Old Quotas
    • Appliance Manager Password Reset
  • Premium Features
  • Migrating to Files.com Cloud
    • Migration Process Overview
    • Technical Enablement Steps
    • Regional Considerations
  • HyperPrivacy Mode
    • User Home Folders
    • User Deletions
    • Sharing
    • Retention Rules
    • Trash Can
Powered by GitBook

©2023 Orange Platform LLC dba ExaVault. All rights reserved.

On this page
  • Viewing Indexes
  • Deleting Indexes
  1. Administration Tasks

Deleting Old Activity

In ExaVault, history logs (activity logs) are stored in Elasticsearch and are made searchable via the UI. Certain customers with large Elasticsearch datasets may wish to purge older activity log data from Elasticsearch to improve performance.

If you want to preserve this old log data, make a backup of your VM before continuing.

To interact with Elasticsearch, first connect to your appliance via SSH. Once connected, open a shell inside the Elasticsearch container:

sudo docker exec -it exavault_elasticsearch_1 bash

Viewing Indexes

You can list the indexes containing daily activity logs by sending a curl command to Elasticsearch like the following:

curl -X GET "localhost:9200/_cat/indices/audit-*?v=true&s=index&pretty"

This will list the daily audit indexes. All audit indexes are named using the format of audit-YEAR.

Deleting Indexes

Deleting indexes is as simple as sending an HTTP DELETE command to Elasticsearch with the name of the index. You can do this using curl:

curl -X DELETE "localhost:9200/audit-1990?pretty"

To delete more than one year, the indexes can be comma separated. Here is an example of deleting indexes 1990 and 1991:

curl -X DELETE "localhost:9200/audit-1990,audit-1991?pretty"
PreviousIncreasing Available StorageNextDeleting Old Quotas

Last updated 2 months ago