iCompaas Support

Profile Applicability:

• Level 1
  

Description:
 The log_retention_days parameter defines the number of days that PostgreSQL logs are retained. Ensuring that this parameter is set to a value greater than 3 days ensures that logs are available for troubleshooting, auditing, and performance analysis over a sufficient period.

Rationale:
 Logging is essential for identifying, troubleshooting, and analyzing database performance and security events. By keeping logs for a longer duration, you can track performance trends, detect anomalies, and comply with various auditing and security standards.

Impact:

• Pros:
  

  • Logs are available for extended periods, aiding in diagnostics and security auditing.
    

  • Helps in meeting regulatory and internal compliance requirements for log retention.
    

• Cons:
  

  • Retaining logs for a longer period consumes additional storage space.
    

  • On high-traffic servers, the log files may grow quickly, potentially impacting disk space.
    

Default Value:

The default value for log_retention_days is set to 3 days.

Pre-requisites:
 Ensure that log management solutions are in place to handle the growing log file sizes and that proper monitoring is established for log file retention.

Remediation

Test Plan:

Using Azure Portal:

1. Log in to Azure Portal: https://portal.azure.com.
   

2. Navigate to Azure Database for PostgreSQL Servers.
   

3. Select the desired server.
   

4. Under Settings, click on Server parameters.
   

5. Ensure that the log_retention_days parameter is set to a value greater than 3.
   

Using Azure CLI:
1.  Run the following command to check the log_retention_days value:

az postgres server configuration show --resource-group <resource-group-name> --server-name <server-name> --name log_retention_days

• The output should show a value greater than 3.
  

Implementation Plan:

Using Azure Portal:

1. Go to Azure Database for PostgreSQL Servers.
   

2. Select the PostgreSQL server and go to Server parameters.
   

3. Set the log_retention_days parameter to a value greater than 3 (preferably between 4 and 7).
   

4. Save the changes.
   

Using Azure CLI:
1.  To update log_retention_days, run the following command:

az postgres server configuration set --resource-group <resource-group-name> --server-name <server-name> --name log_retention_days --value <value-greater-than-3>

Backout Plan:

Using Azure Portal:

1. Navigate to Azure Database for PostgreSQL Servers.
   

2. Under Settings, click on Server parameters.
   

3. Set the log_retention_days parameter back to 3 if necessary.
   

Using Azure CLI:
 1. To revert the changes and set log_retention_days to 3, run:

az postgres server configuration set --resource-group <resource-group-name> --server-name <server-name> --name log_retention_days --value 3

References:

• Azure PostgreSQL Configuration Parameters
  

• Azure PostgreSQL Log Management