Audit log full

The audit log is full.

Important:
  • Because the audit log limit has been reached, it has limited ability to record new events.

  • Only users with Security admin privileges or users logging in through SSH will have system access. Users without Security admin privileges will not be able to access the system until this issue is resolved.

Recovery Steps

  1. The problem can be resolved by deleting audit log events, and/or setting the audit log policy to overwrite.

    • If you want to delete audit log events, go to step 2.

    • If you want to allow the oldest events in the audit log to be overwritten when the audit log is full, go to step 3.

  2. Delete audit log events, and then go to step 4.

    1. Go to Settings > Access Management. Then, select the Audit Log tab.

    2. Select Delete and delete the events from the audit log. It is recommended that you export the audit log events before deleting them.

  3. Set the audit log policy to overwrite, and then go to step 4.

    1. Go to Settings > Access Management. Then, select the Audit Log tab.

    2. Select View/Edit Settings and set the policy to Allow the oldest events in the audit log.

  4. Select Recheck to ensure the problem has been resolved.