Description

Ensure logfiles.retention_days on PostgreSQL flexible servers is set to an appropriate value.

Rationale

Configuring logfiles.retention_days determines the duration in days that Azure Database for PostgreSQL retains log files. Query and error logs can be used to identify, troubleshoot, and repair configuration errors and sub-optimal performance.

Impact

Configuring this setting will result in logs being retained for the specified number of days. If this is configured on a high traffic server, the log may grow quickly to occupy a large amount of disk space. In this case you may want to set this to a lower number.

Audit

From Azure Portal

From Azure Home select the Portal Menu.
Go to Azure Database for PostgreSQL flexible servers.
For each database, under Settings, click Server parameters.
In the filter bar, type logfiles.retention_days.
Ensure that the VALUE is between 4 and 7 (inclusive).

From Azure CLI

Ensure logfiles.retention_days value is greater than 3:

az postgres flexible-server parameter show --resource-group <resourceGroup> --server-name <serverName> --name logfiles.retention_days

From Powershell

Ensure logfiles.retention_days value is greater than 3:

Get-AzPostgreSqlFlexibleServerConfiguration -ResourceGroupName <resourceGroup> -ServerName <serverName> -Name logfiles.retention_days

Default Value

By default logfiles.retention_days is set to 3.

Rationale​

Impact​

Audit​

From Azure Portal​

From Azure CLI​

From Powershell​

Default Value​

References​