Long-term Data Archive to SAN Storage
The system's data store has a finite amount of disk space, but you need to store several year's worth of data for compliance purposes. Older and non-critical data does not need to be available online.
The Administrator configures CA User Activity Reporting Module to store seven day's worth of data online. At the end of each cycle, the Administrator uses a third-party utility to back up the compressed event log store data, transfers it to the SAN used for archiving log data, and updates the catalog of the transfer in CA User Activity Reporting Module.
Procedure |
More Information |
---|---|
Example: Auto-Archiving Across Three Servers Note: These procedures are not specific to SAN storage; they apply to storage solutions in general. |
For an illustrated overview of log storage, see Log Storage. See also About Log Storage and Event Log Store Considerations. |
Long-term Data Archive to WORM storage
The system's data store has a finite amount of disk space, but you need to store several year's worth of data for compliance purposes. Older and non-critical data does not need to be available online.
The Administrator configures CA User Activity Reporting Module to store seven day's worth of data online. At the end of each cycle, the Administrator uses a third-party utility to back up the compressed data, and then archives all order data to a WORM drive. CA User Activity Reporting Module integrates properly with all major WORM solutions, for example, NetApp, Snaplock, EMC Centera, and Nexsan Assureon.
Procedure |
More Information |
---|---|
Example: Auto-Archiving Across Three Servers Note: These procedures are not specific to SAN storage; they apply to storage solutions in general. |
For an illustrated overview of log storage, see Log Storage. See also About Log Storage. |
Data Restoration with an Archive Query
You store years of data for compliance purposes in an archive, but the data needs to be available for long-term querying.
The security analyst needs to review all activities that occurred on a PCI in-scope server over the past year.
An Administrator uses CA User Activity Reporting Module's archive catalog query to retrieve the catalog of all archives that contain the host name of interest, and runs the retrieved data through a host investigation report.
Procedure |
More Information |
---|---|
|
Copyright © 2013 CA.
All rights reserved.
|
|