You can configure automatic deletion based on time for
the logs that the Panorama management server and Log Collectors
collect from firewalls, as well as the logs and reports that Panorama
and the Log Collectors generate locally. This is useful in deployments
where periodically deleting monitored information is desired or
necessary. For example, deleting user information after a certain
period might be mandatory in your organization for legal reasons.
You configure separate expiration periods for:
—Panorama evaluates logs as it receives
them, and deletes logs that exceed the configured expiration period.
Panorama synchronizes expiration periods
across high availability (HA) pairs. Because only the active HA
peer generates logs, the passive peer has no logs or reports to
delete unless failover occurs and it starts generating logs.
if you don’t set expiration periods, when a log quota reaches the
maximum size, Panorama starts overwriting the oldest log entries
with the new log entries.