Maintenance

Privilege Manager has many tasks that can be run to ensure that the data in the database is up-to-date and to purge old or unwanted information. This section provides an overview of the maintenance tasks and other schedulable tasks in #[PRODUCTNAME}#.

Determining how often to schedule maintenance tasks depends on the associated items, like events, files, computers, etc. and their build up. These tasks have default parameters assigned but are not scheduled to run. Privilege Manager administrators should schedule these tasks based on their needs and system performance.

The primary maintenance tasks that will need to be scheduled to ensure Privilege Manager databases do not grow too excessively are the

  • Purge Maintenance - Application Control Events and
  • Purge Maintenance - Files Undiscovered tasks and,

  • in pre-10.5 systems, the

    • Purge Maintenance - Completed File Upload Sessions and
    • Purge Maintenance - Incomplete File Upload Sessions tasks.

Maintenance Tasks

These maintenance tasks can be found at

  • Admin | Configuration | General (tab) or
  • Admin | Tasks | Jobs and
  • Tasks | Infrastructure Scheduled Activities | Maintenance Tasks.

Assign Orphaned Agent Uploads

This task will assign agent event uploads that have been orphaned.

Parameters: Max records [default setting = 2500]

Delete Old Performance Counter Events

This task will delete internal Server performance counter events last updated before the specified time. You can check if performance counters are enabled by the Save performance Counters setting in Admin | Configuration (Advanced tab).

alt

Parameters: Can be set to Seconds, Minutes, Hours, Days, and Weeks. The default is 1 Day.

This maintenance task should be used if Save Performance Counters is enabled in the general section of the advanced configuration settings.

Initialize Item Change History

This task is run after installs to ensure items with change tracking enabled have initial history entries. This is an automated task to populate initial states of items across updates.

LSS Migration Tasks

For information on the LSS Migration tasks refer to Migrate Local Security Policies.

Purge Agent and Gauge Data for Deleted Computers

This task will delete orphaned data from AgentActivity, AgentRegistration, and GaugeInstanceState.

This can be helpful to run, to remove unwanted data for computers that have been deleted from Privilege Manager.

Purge Duplicate Computers

Remove duplicate computers.

When AD sync occurs, Privilege Manager creates a new object in the database for each computer object. When the agent is installed, it references this same object. If the agent is installed before AD sync occurs, there can be 2 different objects in the database for the same machine. This task merges the duplicate objects and is usually only needed when agents are installed before a computer comes in from AD sync.

Purge Maintenance - Agent Logs

This server task will remove all Agent Log data that is older than the time period specified. This task is not enabled by default, since there is typically nothing in the logs to clear.

Parameters: Can be set to Seconds, Minutes, Hours, Days, and Weeks. The default is 1 Week.

Purge Maintenance - Application Control Events

Purges the selected Application Control Event types from the database using either of these methods:

  • manually based on a specified range of time, or
  • automatically after reaching a set threshold. Refer to Maximum Application Event Count time range specified.

This task is not enabled by default, so events remain until purged. We recommend using SysLog connector to send events for long term storage.

If you are retaining data for 3-5 years, we recommend collecting a minimum amount of data since there is a maximum number of events enforced in the cloud. This is dependent on your licensing, but typically is 100,000 - 1,000,000 events.

Parameters: Event Types to Purge (Application Action Events, Application Justification Events, Application Metering Events, Application Verifier Events). All of these Application Control Events are populated in the various Application Action reports.

Only Purge Events that belong to specific policies

Purge Application Control Events older than [default setting = 30 day(s)]

Depending on policy settings, Application Control Events can pull a large amount of data into the database. Privilege Manager administrators must setup schedules for this task, as needed, to purge old or excessive data from Application Control policies.

Purge Maintenance - Audit Events

This task will remove audit event records older than the specified time period.

This task is not enabled by default, so events remain until purged. We recommend using SysLog connector to send events for long term storage.

Audit Events are typically viewed via the Change History tab of the item in question.

Parameters: Purge events older than [default setting = 30 day(s)]

The Audit events mainly pertain to and are used in Change History tracking. This task should not need to be scheduled.

Purge Maintenance - Completed File Upload Sessions

This task will remove completed file upload sessions older than the specified time period. This task becomes unnecessary since completed file uploads are purged automatically.

Parameters: Purge completed sessions older than [default setting = 1 day(s)]

For versions 10.5 and later, the need to run this task should be significantly reduced since they are now cleaned up as file uploads complete.

Purge Maintenance - Files Undiscovered

Run this task to delete file resources which have not been discovered by File Inventory, and no agent can be identified to collect information for the files.

Parameters: Delete Files that have been undiscoverable for longer than [default setting = 1 week(s)]

This task clears up files with the name "New Loaded Resource" that are older than X days. This can be a helpful task to schedule to remove undiscoverable files from the Event Discovery results (for example, temp files that an installer creates and then deletes).

Purge Maintenance - Incomplete File Upload Sessions

This task will remove incomplete file upload sessions older than the specified time period. This task is only used on as as-needed basis to clear incomplete items on a weekly or monthly basis.

Parameters: Purge incomplete sessions older than [default setting = 2 day(s)]

For versions 10.5 and later, the need to run this task should be significantly reduced since they are now cleaned up as file uploads complete.

Purge Maintenance - Message History

This server task will remove all Message History data that is older than the time period specified. Message History data tracks all events received by the Privilege Manager Server and is used for informational purposes.

Parameters: Delete Message History older than [default setting = 30 day(s)]

This task clears the [Ams.Resource].[MessageHistory] table. Use this task to purge that table, if it is excessively large.

Purge Maintenance - Excessively Correlated Change History

This task is no longer required.

Purge Maintenance - Orphaned Local Users and Groups

This task will delete local users and groups that reference a computer as their parent domain (which will block deletes), but are not part of that computers users and groups.

Purge Old Computers

Remove old computers and gauge data for old computers. Remove any agents that have not communicated with the server in a set number of days (default 90), resulting in a critical Agent state.