Imperva Cyber Community

Dear All,

I am currently working on configuring the audit archive, as the audit logs were previously being stored on the gateways due to the external storage being unavailable.

Since the external storage was not configured earlier, the gateways are now reaching 100% capacity (please find the attached reference).

I would like to seek guidance on configuring the audit archive so that audit logs older than two months are archived, while keeping the most recent one month of logs on the gateway.

Additionally, I would like to confirm whether it is feasible to archive audit data based on a condition that only logs older than two months are archived. If this is possible, please also advise on how the purge process can be configured for the same duration.

Thank you for your support.

#AllImperva
#DatabaseActivityMonitoring

------------------------------
Mohammad Arif Khan
Engineer

------------------------------

In Imperva DAM, audit archiving is schedule-based, not condition-based.
So, archiving only logs older than 2 months is not supported.

Recommendation:

1.Configure archive: Setup → Settings → Archive Settings

2.Run archive job: Daily

3.Configure purge: Admin → Maintenance → Audit Data Purge → 3/4 weeks as per storage capacity

Last 30 days → kept on Gateway

Older logs → archived and purged

For 2+ months retention, keep data on external storage, not Gateway.

------------------------------
Somnath Shinde
Engineer

Original Message:
Sent: 03-10-2026 13:55
From: Mohammad Arif Khan
Subject: IMPERVA DAM : Audit Archive

Dear All,

I am currently working on configuring the audit archive, as the audit logs were previously being stored on the gateways due to the external storage being unavailable.

Since the external storage was not configured earlier, the gateways are now reaching 100% capacity (please find the attached reference).

I would like to seek guidance on configuring the audit archive so that audit logs older than two months are archived, while keeping the most recent one month of logs on the gateway.

Additionally, I would like to confirm whether it is feasible to archive audit data based on a condition that only logs older than two months are archived. If this is possible, please also advise on how the purge process can be configured for the same duration.

Thank you for your support.

#AllImperva
#DatabaseActivityMonitoring

------------------------------
Mohammad Arif Khan
Engineer

------------------------------

Dear Somnath Shinde,

Thank you, and I appreciate your response and clarification.

Could you please also advise on the below scenario:

• Currently, the gateways retain 3 months of historical data.
• If I execute the archive task, it will archive all available data.
• If a purge policy is then configured to remove data older than 1 month from the gateways, it would effectively delete 2 months of older data.

My concern is regarding the subsequent archive cycle-will it re-archive the 1-month-old data that was not purged, or will it only process newly generated data?

Could you please help clarify how this process works and suggest the best approach?

Thank you for your support.

In Imperva DAM, audit archiving is schedule-based, not condition-based.
So, archiving only logs older than 2 months is not supported.

Recommendation:

1.Configure archive: Setup → Settings → Archive Settings

2.Run archive job: Daily

3.Configure purge: Admin → Maintenance → Audit Data Purge → 3/4 weeks as per storage capacity

Last 30 days → kept on Gateway

Older logs → archived and purged

For 2+ months retention, keep data on external storage, not Gateway.

------------------------------
Somnath Shinde
Engineer

Original Message:
Sent: 03-10-2026 13:55
From: Mohammad Arif Khan
Subject: IMPERVA DAM : Audit Archive

Dear All,

I am currently working on configuring the audit archive, as the audit logs were previously being stored on the gateways due to the external storage being unavailable.

Since the external storage was not configured earlier, the gateways are now reaching 100% capacity (please find the attached reference).

I would like to seek guidance on configuring the audit archive so that audit logs older than two months are archived, while keeping the most recent one month of logs on the gateway.

Additionally, I would like to confirm whether it is feasible to archive audit data based on a condition that only logs older than two months are archived. If this is possible, please also advise on how the purge process can be configured for the same duration.

Thank you for your support.

#AllImperva
#DatabaseActivityMonitoring

------------------------------
Mohammad Arif Khan
Engineer

------------------------------