Submit a ticketCall us

Webinar: Web Help Desk for HR, Facilities and Accounting Departments
This webinar will focus on use cases for HR, Facilities and Accounting.

Having a unified ticketing and asset management system for all the departments in your company can provide end-users with a seamless experience and make things easier for your IT team. Yet, with different business tasks and objectives, many departments don’t fully understand the capabilities of Web Help Desk and how the software can be customized for effective use in their departments.
Register Now.

Home > Success Center > Kiwi Syslog Server > Kiwi Syslog Server Getting Started Guide > Create schedules to automate log archival and retention

Create schedules to automate log archival and retention

Kiwi Syslog Server Getting Started Home

Most organizations have retention policies that require log files to be kept for a certain period. Retention policies ensure that the organization complies with regulatory standards and that documents are available if needed for audits or other legal issues.

To save time and ensure accuracy, use Kiwi Syslog Server schedules to automate your log archival and retention process. The following example creates two schedules:

  • The first schedule archives log files that are not needed for current analysis.
  • The second schedule removes archived log files after the retention period is over.

Task 1: Create a rule to log each message

If you have not already done so, create a rule to log each message to a file. Split the log files based on the date and the IP address of the sending device.

Task 2: Create a schedule to archive log files

To save disk space, you can archive log files that you probably will not need for troubleshooting. The following example moves log files into a compressed archive when they are more than one week old.

  1. Create a folder to store archived log files. For this example, archived files are stored in C:\Program Files (x86)\Syslogd\Archive.
  2. Select File > Setup to open the Kiwi Syslog Server Setup dialog box.
  3. Right-click Schedules and select Add new schedule.

    File:Success_Center/Reusable_content_-_InfoDev/Kiwi_Syslog_Server_GSG/GS_MT/040/gs-schedules-create-new.png

  4. Replace the default name with a descriptive name (for example, Archive logs after 7 days).

    File:Success_Center/Reusable_content_-_InfoDev/Kiwi_Syslog_Server_GSG/GS_MT/040/gs-schedules-rename.png

  5. Leave the default Task Type and Task Trigger.

    File:Success_Center/Reusable_content_-_InfoDev/Kiwi_Syslog_Server_GSG/GS_MT/040/gs-schedules-task-type.png

  6. Set the frequency to Day and set it to run every day.

    File:Success_Center/Reusable_content_-_InfoDev/Kiwi_Syslog_Server_GSG/GS_MT/040/gs-schedules-frequency.png

  7. Click the Source tab and verify that the Source location is your log folder.

    File:Success_Center/Reusable_content_-_InfoDev/Kiwi_Syslog_Server_GSG/GS_MT/040/gs-schedules-source-location.png

  8. Under Source files, specify a File age of At least 8 days.

    Leave the default File mask and File size values to include all files in the directory.

    File:Success_Center/Reusable_content_-_InfoDev/Kiwi_Syslog_Server_GSG/GS_MT/040/gs-schedules-file-age.png

  9. Click the Destination tab, and browse to select the folder you created to store archived files.

    File:Success_Center/Reusable_content_-_InfoDev/Kiwi_Syslog_Server_GSG/GS_MT/040/gs-schedules-destination-folder.png

  10. Verify that Move files is selected.

    File:Success_Center/Reusable_content_-_InfoDev/Kiwi_Syslog_Server_GSG/GS_MT/040/gs-schedules-move-files.png

  11. Click the Archive Options tab and select Zip files after moving/copying.

    Optionally, you can also increase the compression level.

    File:Success_Center/Reusable_content_-_InfoDev/Kiwi_Syslog_Server_GSG/GS_MT/040/gs-schedules-zip.png

  12. Click Apply to save the schedule.

Task 3: Create a schedule to remove archived files after the retention period

To keep the Archive folder clean, remove archived log files after the retention period is over.

  1. Right-click Schedules and select Add new schedule.

    File:Success_Center/Reusable_content_-_InfoDev/Kiwi_Syslog_Server_GSG/GS_MT/040/gs-schedules2-create-new.png

  2. Replace the default name with a descriptive name (for example, Remove logs after 7 years).

    File:Success_Center/Reusable_content_-_InfoDev/Kiwi_Syslog_Server_GSG/GS_MT/040/gs-schedules2-rename.png

  3. Change the Task Type to Clean-up. Leave the default Task Trigger (On a schedule).

    File:Success_Center/Reusable_content_-_InfoDev/Kiwi_Syslog_Server_GSG/GS_MT/040/gs-schedules2-task-type.png

  4. Set the frequency to Day and set it to run every day.

    File:Success_Center/Reusable_content_-_InfoDev/Kiwi_Syslog_Server_GSG/GS_MT/040/gs-schedules-frequency.png

  5. Click the Source tab and change the Source location to your archive folder.

    File:Success_Center/Reusable_content_-_InfoDev/Kiwi_Syslog_Server_GSG/GS_MT/040/gs-schedules2-source-location.png

  6. Under Source files, specify a File age of At least 7 years (or your organization's retention period).

    File:Success_Center/Reusable_content_-_InfoDev/Kiwi_Syslog_Server_GSG/GS_MT/040/gs-schedules2-file-age.png

  7. Click Apply to save the schedule.

Log files are automatically split by date and sending device, archived after a week, and removed after the retention period.

Last modified
10:58, 28 Feb 2017

Tags

Classifications

Public