Skip to content

Audit Log Processing

Snowflake compliance history is logged, by default, in Okera audit logs. The Okera audit log writer asynchronously processes Snowflake's external audit logs. The Snowflake audit logs are stored with other Okera audit logs in the location specified by the OKERA_STAGING_DIR configuration parameter.

To stop this logging, change the advanced property okera.policy_sync.audit_logs in the Snowflake connection definition to false.

The frequency at which Okera synchronizes the audit logs is defined by the AUDIT_LOGS_SYNC_FREQUENCY_MINS configuration parameter, which defaults to 30 minutes and must be less than 180 minutes (3 hours). Valid values range from 1 minute to 180 minutes (3 hours). If you specify a value larger than 180 minutes, Okera defaults to 180 minutes.