Difference between data stored in SQL versus the Audit Archive

Netwrix Auditor SQL Databases
6.5 and older
Copy Article URL Copied

When Netwrix Auditor performs data collections, data is stored in two locations.  Data is stored in a SQL database and on disk in the Audit Archive location.

Data stored in the SQL database is strictly used only for reporting and is not intended for long term storage.  Especially in cases where a very large amount of data is collected for a particular audited system and you don’t run reports for large time spans.  For example if you run monthly reports and have no need to re-run those reports more than once then 30 days worth of data in your database is sufficient and also saves space.  Data stored in SQL is also not compressed so that it is easily retrieved for reporting purposes.

On the other hand the data stored in the audit archive consists of compressed flat files and is intended for long term storage.  When you have a compliance or internal requirement to store audit data for a long period of time this is where you would do that.  If at any time you need to report on archived data that is no longer in the SQL database this is possible as most audited system have a database import tool that can be used to accomplish this.

Originally KB1797 

Go Up