This document explains how to remove events with specific criteria from the Symantec Critical System Protection (SCSP) 5.2.x database.
 

Currently, Symantec does not provide a tool that can purge events from the database. To remove events, use an SQL statement that removes specified events from the CSPEVENT database table. To remove events, use the DELETE command rather than the SELECT command. CSPEVENT is a flat database table that does not have any dependencies.

Example: Selecting events
In the following example, the SQL statement selects all events that are newer than the date that is specified in the statement:

• USE SCSPDB
  SELECT * FROM CSPEVENT WHERE EVENT_DT> 'yyyy-mm-dd hh:mm:ss:ttt'

In this example, yyyy is the year, mm is the month, and dd is the day. Similarly, hh is the hour, mm is the minute, ss is the second, and ttt is the thousandths of a second.

WARNING: The following examples permanently remove events from the database. Make a backup of your Symantec Critical System Protection database before you remove events.

Example: Removing old events
The following example removes all Symantec Critical System Protection events that are dated March 10, 2015 and earlier:

• USE SCSPDB
  DELETE FROM CSPEVENT WHERE EVENT_DT<= '2015-03-10 23:59:59:999'

Example: Removing new events
The following example removes all Symantec Critical System Protection events that are dated February 3, 2015 and later:

• USE SCSPDB
  DELETE FROM CSPEVENT WHERE EVENT_DT>= '2015-02-03 00:00:00:000'