NOTE: If you already tried to move any of Netwrix Auditor Storages (Long-Term Archive and/or Short-Term Archive) manually or upgraded from Netwrix Auditor 8.0, contact Netwrix Technical support for special instructions.
If you have a clean install of Netwrix Auditor 9.0 or newer, follow the steps below:
- Navigate to all your Monitoring Plans –> Edit –> Edit Data Source, and disable the Monitor this data source and collect activity data option.
- Stop product services. Navigate to Start –> Run and type “services.msc”; locate and stop the following services:
- Netwrix Auditor Archive Service
- Netwrix Auditor User Activity Audit Service
- Netwrix Auditor for Windows Server Audit Service
- Netwrix Auditor for File Servers Audit Service
- Netwrix Auditor Data Collection Service
- Open Windows Task Manager, switch to the Processes tab and wait until the following processes have completed:
|Event Log Manager||
- Navigate to the current Long-Term Archive location. Check the path: navigate to Settings –> Long-Term Archive. (By default, Netwrix Auditor stores data at “C:\ProgramData\Netwrix Auditor\Data”.)
- Copy audit data to a new Long-Term Archive location.
- In Netwrix Auditor, navigate to Settings -> Long-Term Archive and specify the new path to a local or shared folder to write your audit data.
- Start the services and tasks you have stopped.
- Re-enable each data source disabled at the step 1.