|
| 1 | +--- |
| 2 | +title: Archiving a Security Engine |
| 3 | +description: Archiving a Security Engine |
| 4 | +--- |
| 5 | + |
| 6 | +Archiving a Security Engine allows you to deactivate it without losing historical alerts. This can be helpful when an engine is no longer actively used but you still want to retain its historical context and alerts for future analysis. |
| 7 | + |
| 8 | +In the case of Enterprise plans, an archived engine does not count as a used slot. |
| 9 | + |
| 10 | +When archived, the Security Engine will: |
| 11 | + |
| 12 | +- Stop reporting new alerts. |
| 13 | +- Be un-enrolled from the CrowdSec Console. |
| 14 | +- Remain available for historical consultation. All previously generated alerts from this engine remain accessible from the Alerts page. |
| 15 | + |
| 16 | +## How to Archive a Security Engine |
| 17 | + |
| 18 | +### Manually archiving a Security Engine |
| 19 | + |
| 20 | +1.Go to the Security Engines page |
| 21 | + |
| 22 | +2.Click on the three-dot menu (⋮) next to the Security Engine you wish to archive. |
| 23 | + |
| 24 | +3.Select _Archive Security Engine_ from the dropdown menu. |
| 25 | + |
| 26 | + |
| 27 | + |
| 28 | +4.Confirm the archival by clicking the _Archive_ button in the confirmation dialog. The dialog clearly indicates that alerts will remain accessible even after archiving. |
| 29 | + |
| 30 | + |
| 31 | + |
| 32 | +### Auto-archiving of Security Engines |
| 33 | + |
| 34 | +The CrowdSec Console also offers an auto-archiving feature based on inactivity. You can configure this policy from the Security Engines section in the console settings, where you can specify a duration of inactivity after which the engine is automatically archived. |
| 35 | + |
| 36 | +This feature helps maintain an organized workspace by automatically managing Security Engines that have ceased generating alerts, ensuring your active view remains relevant and uncluttered. All auto-archived engines retain their historical alerts, accessible through the Alerts page. |
| 37 | + |
| 38 | + |
| 39 | + |
| 40 | +## Viewing Archived Security Engines |
| 41 | + |
| 42 | +To see your archived Security Engines locate and check the option labeled _Show only archived_. |
| 43 | +Archived engines will appear in a greyed-out, read-only state. |
| 44 | + |
| 45 | +> Please note that the Console will no longer be synchronized with archived Security Engines. This means that blocklists, scenarios and remediation components counters will always be 0. |
| 46 | +
|
| 47 | + |
| 48 | + |
| 49 | +## Restoring an Archived Security Engine |
| 50 | + |
| 51 | +If you wish to restore an archived Security Engine, simply re-enroll the Security Engine by executing the enrollment command again from your server. |
| 52 | + |
| 53 | +**IMPORTANT**: Add the `--overwrite` flag to the enrollment command in order to replace the current status in the Console. |
| 54 | + |
| 55 | +## Permanently Deleting an Archived Security Engine |
| 56 | + |
| 57 | +If you decide to completely remove an archived Security Engine: |
| 58 | + |
| 59 | +1. Make sure you have selected Show only archived. |
| 60 | +2. Click the trash icon (🗑️) located in the top-right corner of the Security Engine card. |
| 61 | +3. Confirm deletion when prompted. This action will permanently remove all associated data and alerts. |
| 62 | + |
| 63 | + |
0 commit comments