Processed event log data older than what is required for immediate audit reporting can be cleared from the ADAudit Plus database and archived. Event log data are categorized or stratified under the below mentioned categories.
User Modification,
Account Creation
Computer Modification
Account Logon
Group Modification
Domain Policy Changes
OU Management
GPO Management
Local Logon-Logoff
ADAudit Plus allows category wise filtering and archiving of processed event log data collected in its database. It also allows one to specify different time periods (days) for clearing processed event log data from each of those categories.
To enable event cleanup
Click on the "Admin" Tab --> "Event CleanUp" under "Administration"
Provide a check against desired categories and enter the "days" older than which the processed data will be cleared from the immediate database and archived.
Only event log data that are processed by ADAudit Plus are cleared from its immediate(working) database. The archived data are stored at the location provided under Archive Settings of ADAudit Plus. |
The cleared events can be restored. This is done using the "Restore Archived Events" option. |