4000 log messages deleted emails from CA PAM

Document ID : KB000046273
Last Modified Date : 14/02/2018
Show Technical Document Details

Question:

We are frequently getting log messages deletion emails from CA PAM. Database log purging is turned off in our systems. Can you please help us understand the reason for these logs being deleted from CA PAM? What is the impact?

 

Answer:

There is a maximum number of records defined for the session log, which is kept in a database table. It's 82000. Once that number is exceeded, a logwatch utility running on the appliance will start purging rows even without explicit configuration of the automatic log purge settings on the Config>Logs page. This is to protect the appliance against a disk full condition due to ever growing session logs. By default the utility checks the session log size every 24 hrs and deletes 4000 rows at a time.