Configuration: Managing archiving in Cayosoft Guardian

This article describes how to set up archiving in Cayosoft Guardian.

Cayosoft Guardian supports archiving older change history records and alerts to a separate database. Archiving allows controlling active database size, keeping performance at the expected level while preserving records for a long-term period. In addition, Cayosoft Guardian supports configuration where multiple services collect data, and data collected by one service can be easily accessed via the web portal of another service. For example, Cayosoft Guardian can be installed in multiple locations, providing a consolidated view of all changes in a central location.

A retention job executes retention rules and, by default, moves change records to an archive database according to the rules. Learn more in: Managing retention rules in Cayosoft Guardian.

Configuring a default archive database

A default archive database is a database that is used to archive older records deleted from the active configuration database.

To create a new archive database or to connect to an existing database with data collected by Cayosoft Guardian:

1. Open the Cayosoft Guardian web portal.
2. Expand the Settings node.
3. Click Archive Databases.
4. Click New and specify connection settings to create a new database or to connect to an existing database.

Once the database is added, you can perform the following actions:

• Make Default Archive – Designates this database as the target for new archived records. Only one default archive can exist at a time. When a new default is assigned, the previous default becomes a read-only archive.
• Show data on Archive pages – Includes this archive’s data when searching in the Archive > Change History section.
• Hide data on Archive pages – Excludes this archive’s data from search results.
• Upgrade - Upgrades the selected archive database schema to match the version of the currently installed Cayosoft Guardian service.
• Check Health - Validates the connection and internal consistency of the selected archive database.

IMPORTANT: If you create a new database and mark it as the Default Archive, the previous default archive automatically becomes read-only. New archived records will be written to the new default database.

Managing Retention Rules for Archive Databases

Cayosoft Guardian includes Retention Rules for Archive Databases. These rules allow administrators to automatically delete obsolete records—such as change history, change alerts, and threat alerts—after a defined retention period.

NOTE: If retention rules for archives are enabled, Cayosoft Guardian will begin deleting records from the selected archive database. Ensure your archive backup strategy is aligned before enabling this setting.

To configure a Retention Rule for Change History Archive:

1. Open the Cayosoft Guardian web portal.
2. Navigate to Configuration > Retention Rules.
3. Select a rule for:
   • Retention rule for Change History default archive
   • Retention rule for change alerts in archives
   • Retention rule for threat alerts in archives
4. In the rule properties, ensure the Path is set to system/archiveDatabases/default/changeRecords.
5. Check or uncheck Disabled depending on whether you want to activate the rule.
6. In Retention Settings:
   1. Select Retention policy by time.
   2. Enter the desired number of days under Retain records for the specified number of days (e.g., 365).
   3. Specify the Order By field.
   4. Set Retention action to Remove.

7. Click Save.

   TIP: You can use the Filter field to narrow down what records the rule applies to (optional).

NOTE: These rules currently apply only to the default archive. Custom archives are not supported at this time.

Connecting a read-only archive database

A read-only archive database is a database connected to Cayosoft Guardian. Change records and alerts existing in a read-only archive database can be accessed via the Archive node. An active database used by one Cayosoft Guardian installation can be connected to another Cayosoft Guardian installation as a read-only archive database.

To connect to an existing database with data collected by Cayosoft Guardian:

1. Open the Cayosoft Guardian web portal.
2. Expand the Settings node.
3. Click Archive Databases.
4. Click New.

5. Specify connection settings to create a new database or to connect to an existing database.

   TIP: If the archive you’re connecting is a LocalDB archive on the Cayosoft Guardian host, the SQL Server name is typically (LocalDb)\CayoInstance.

NOTE: An active database from one Cayosoft Guardian installation can be connected as a read-only archive in another installation.

Searching across multiple Archive databases

When multiple archive databases exist (including the default archive and one or more read-only archives), Cayosoft Guardian searches only those archives marked with Show data on Archive pages.

• Archived data - regardless of source database - is only visible under Archive > Change History (not in the main Change History view).
• To include a database in search results, ensure “Show data on Archive pages” is enabled for that database.
• You can enable or disable this option at any time to control which archives are included in searches.

TIP: If you have three archives - A (default), B, and C- and only B and C are marked to Show data on Archive pages, then searches in Archive > Change History will return results from B and C only. Archive A (the default) will not be searched unless it is also marked to show data.

Upgrading archive databases

Cayosoft Guardian does not upgrade archive databases automatically; in case of service upgrade, it is recommended to upgrade archive databases manually.

To upgrade an archive database:

1. Open the Cayosoft Guardian web portal.
2. Expand the Settings node.
3. Click Archive Databases.
4. Select a database to be upgraded and click Upgrade.

Searching in archives

To search in archived change records or alerts:

1. Open the Cayosoft Guardian web portal.
2. Expand the Archive node.
3. Click the Change History node.
4. Use quick search and filters to search for change history records.