Log/Events retention in Security Onion 2.4.80 #13552
-
|
Hello all, By default for how long SO is keeping records like PCAP, alarm events etc? I have installed Standalone on 200GB HDD. Could not find option to control retention in configuration Thanks in Advance |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 1 reply
-
|
By default, Security Onion will try to store as much data as possible without filling up your storage. For more information, please see: |
Beta Was this translation helpful? Give feedback.
-
|
Thanks very much! |
Beta Was this translation helpful? Give feedback.
By default, Security Onion will try to store as much data as possible without filling up your storage. For more information, please see:
https://docs.securityonion.net/en/2.4/stenographer.html#disk-free-percentage
https://docs.securityonion.net/en/2.4/elasticsearch.html#index-management