Deleting events from the event database

You may find that you want to delete all or some events from the event database. Delete all events so you can reanalyze those events that you have already analyzed, or so that you can start again with a "clean" database. Delete a range of events for a time period for which you no longer want to generate reports.

To delete all events

  1. In the CyberSafe Log Analyst scope pane, right-click the CyberSafe Log Analyst node and choose Utilities from the shortcut menu.

  2. In the Database Utilities dialog box, click Purge.

  3. After the database has been purged, a dialog box appears asking if you want to copy the logs back to the Pending folder so that you can reanalyze them. To reanalyze the event logs, click Yes.

To delete a range of events

  1. In the CyberSafe Log Analyst scope pane, right-click the CyberSafe Log Analyst node and choose Utilities from the shortcut menu. The Database Utilities dialog box appears.

  2. In the From field, enter the date and time of the first event you want to delete from the database. To display a calendar from which to select the date, click the arrow in the Date field.

  3. In the To field, enter the date and time of the last event you want to delete from the database. To display a calendar from which to select the date, click the arrow in the Date field.

  4. Click Delete Range. A message appears when the events have been deleted.

Related topics

Specifying event database settings
Compressing the event database