We wish to start clearing some of our Audit logs as we believe this is causing slowness in SM & IM response times

book

Article ID: 51533

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) AXIOMATICS POLICY SERVER CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction

Description:

Historical audit data can be archived and deleted from the Siteminder and IdentityMinder Audit database tables.

It will require your DBA to set up a script, based on the information provided here, and to then determine how often you wish to run the script.

Solution:

We wish to start clearing some of our Audit logs as we believe this is causing slowness in SM & IM response times. The tables we need to clear are from the Auditing
database, table name:

SMACCESSLOG4
SMOBJLOG4
IMSAUDITPROFILES5
IMSAUDIT5

The basic rules for deletion of old Audit log data (with SQL syntax includes) are:

SiteMinder Audit Data Purge

For the two Siteminder tables:

SMACCESSLOG4
SMOBJLOG4

delete from smaccesslog4 where sm_timestamp < 'dd-mmm-yy' >
delete from smobjlog4 where sm_timestamp < 'dd-mmm-yy' >

Identity Minder Audit Data Purge

For the two Identity Minder tables:

IMSAUDITPROFILES5
IMSAUDIT5

The SQL is a little more complex since the timestamp is in imsaudit5 but not in imsAuditProfile5, and we need to follow the link via ims_eventId to
join the two first.

delete from imsauditprofiles5
where ims_eventid in select ims_eventid
from imsaudit5
where ims_audittime < 'dd-mmm-yy' >

delete from imsaudit5 where ims_audittime < 'dd-mmm-yy' >

The above scripts are based on Oracle format database. You should get your DBA to review the scripts and modify them to suit your environment and then test them prior to running them on a production server.

Environment

Release:
Component: SMPLC