iCompaas Support

Description:

The PostgreSQL server parameter logfiles.retention_days (log_retention_days) in Azure Database for PostgreSQL defines how long PostgreSQL server logs are retained before being automatically deleted. Ensuring this value is set to greater than 3 days ensures adequate retention of logs for auditing, troubleshooting, and forensic analysis.

Rationale:

• Ensures sufficient retention of logs to support security investigations.

• Helps meet regulatory requirements for log retention (GDPR, SOC 2, HIPAA, PCI-DSS, etc.).

• Allows forensic teams to review connection, authentication, and error patterns over several days.

• Protects against accidental loss of critical operational data.

Impact:

• Enhanced auditability and visibility into database activity.

• Sufficient historical logs for troubleshooting long-running incidents.

• Supports compliance and security frameworks requiring multi-day log retention.

• If not combined with proper storage monitoring, log storage could grow unexpectedly.

• Higher log retention may slightly increase cost if logs are exported to Log Analytics.

Default Value:

• For Azure Database for PostgreSQL Flexible Server, the default value for logfiles.retention_days is 3 days.

Pre-requisites:

• Global Administrator or Security Administrator permissions.

• Must be Azure Database for PostgreSQL – Flexible Server (or Single Server if the parameter is supported).

Test Plan:

1. Sign in to the Azure Portal at https://portal.azure.com

2. Search for and open Azure Database for PostgreSQL (Flexible Server)

3. Select the target PostgreSQL server

4. From the left menu, select Server parameters

5. Search for the parameter logfiles.retention_days

6. Verify the parameter value is set to greater than 3 (for example, 4 or higher)

7. If logfiles.retention_days is set to 3 or less, follow the implementation steps

Implementation Steps:

1. Sign in to the Azure Portal at https://portal.azure.com

2. Search for your Azure Database for PostgreSQL server (Single or Flexible).

3. On the left-hand menu, under the Settings section, select server parameters.

4. Search for the parameter logfiles.retention_days

5. Set the value to greater than 3 (for example, 4 or higher)

6. Click Save to apply the change

Backout Plan:

1. Sign in to the Azure Portal at https://portal.azure.com

2. Search for and open Azure Database for PostgreSQL – Flexible Server

3. Select the target PostgreSQL server

4. From the left menu, select Server parameters

5. Search for the parameter logfiles.retention_days

6. Change the value back to the previous or default setting (for example, 3)

7. Click Save to apply the change

Reference:

• https://learn.microsoft.com/en-us/azure/postgresql/flexible-server/how-to-configure-server-logs?tabs=portal-enable-capture-of-logs%2Cportal-disable-capture-of-logs%2Cportal-list-captured-logs%2Cportal-download-captured-logs