Banks, credit unions, insurance companies,
|Symptoms||The Netwrix Auditor event log reports do not show recent data and the summary report for event log collection contains the following error:
Usually this error happens when the Express editions of the SQL Server are in use as they have the database file growth limitations:
To resolve the issue please perform the following steps:
The old data which does not fall under the specified time period will be automatically deleted from the product database in the next data collection.
The number of days the data should be stored in the database depends on the number of events that are uploaded to the database on a daily basis and will vary for each situation.
2. Verify there is no limitation for the database file size:
3. Review the event collection settings to see what data is collected and the way the product archives it. Exclude or disable certain events from being uploaded to the reporting database.
Some automation services can produce numerous events on their activity which then are collected by Netwrix Auditor and uploaded to the database. For example the Security event logs may contain all logons, logoffs and authentication for system and machine accounts, which can be more than 70% of the Security event log events and may be deemed unnecessary to collect.
Such events can be collected and stored in the audit archive only (without uploading to the reporting database) or excluded by certain event ID, Type, User name and other parameters and not collected at all. This can be done by modifying the Audit Archive Filters.