Skip to Content.
Sympa Menu

grouper-users - [grouper-users] Keeping change logs and audit logs from using too much space

Subject: Grouper Users - Open Discussion List

List archive

[grouper-users] Keeping change logs and audit logs from using too much space

Chronological Thread 
  • From: Dominique Petitpierre <>
  • To: "" <>
  • Subject: [grouper-users] Keeping change logs and audit logs from using too much space
  • Date: Fri, 06 May 2011 17:48:30 +0200
  • Organization: University of Geneva


in an installation of Grouper 1.6.3, I am worrying about the space
taken in the database by the change logs and audit logs. The tables
grouper_change_log_entry and grouper_audit_entry and their indexes
are by far the largest consumers of space in the database.

Here are a few questions:

- How does one disable change logs completely? The property
changeLog.enabled=false in the file does not seem
to be sufficient: e.g. when a member is added to a group via the
Grouper UI or the Grouper shell then an entry is anyway inserted in
the table grouper_change_log_entry_temp.

Here is an extract of the config files:

grep '^changeLog.*enable' \
tomcat/webapps/grouper/WEB-INF/classes/ \
grouper/conf/ \

= false
grouper/conf/ = false

= 0 1 0,11,15 * * ?

= false

- Is it safe to disable the change logs?

+ In particular, are the audit logs independent of the change logs?

+ Also, beside the custom consumers that could be configured
according to the description in,
is there some core functionality that depends on the change logs?

+ Why are change logs enabled by default?

- When change logs are enabled, is there a default mechanism that
periodically delete old entries in the table
grouper_change_log_entry? Something like what happens with the
table grouper_loader_log
(e.g. loaderRunOneJob("MAINTENANCE_cleanLogs") in, and the
property loader.retain.db.logs.days in

+ Is there a way to know that all configured consumers have
processed a change log entry (and thus it is deletable)?

- Does ldappc or ldappcng provide a consumer for change logs?
There is a hint about it in the section about consumers in, as comments:
#changeLog.consumer.ldappc.class =
#changeLog.consumer.ldappc.quartzCron =

- Is there a tool to keep audit log size from growing forever?
(The page
mentions one that is not available yet).

+ Would a simple sql request, deleting audit entries older than
a given age, be enough?

+ On sites that do trim the audit logs, what kind of policies are
used to decide which entries are deleted? (i.e. more complex than
just age).

+ Is there a way to disable auditing selectively (e.g. for
some GrouperLoader groups or batches)?

Any pointers for documents about these topics are welcome!

Best regards,
Dominique Petitpierre

Mr Dominique Petitpierre, user=Dominique.Petitpierre
Division Informatique, University of Geneva, Switzerland

Archive powered by MHonArc 2.6.16.

Top of Page