Contributor

Technical Tip: Accelops: How to purge, delete, remove, truncate events older than 'x' days

Forum|Forum|9 years ago
October 5, 2016
0 replies
3649 views

Description

This article describes the process of purging events older than X days. This applies only to the event database.

Scope

FortiSIEM.

Solution

Copy the attached purgeData.py script to the /tmp directory.
SSH to the accelops server.
Run 'su - admin'.
Run 'cd /tmp'.
Run 'python purgeData.py X'.

Additional Information:

Where X means to purge all the events before the most recent X days. For example, if having 300 days of data and using 200 as a parameter, the script purges the oldest 100 days of events.

Once copied to the /tmp directory, it may be necessary to run dos2unix on the file to convert it to Linux format.

dos2unix purgeData.py

Version Application:

All.

purgeDataPyhon3.zip

purgeDataMod.zip

purgeData.zip

Fortisiem

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded