Audit Log Processing¶
Snowflake compliance history is logged, by default, in Okera audit logs. The Okera audit log writer asynchronously processes Snowflake's external audit logs. The Snowflake audit logs are stored with other Okera audit logs in the location specified by the OKERA_STAGING_DIR
configuration parameter.
To stop this logging, change the advanced property okera.policy_sync.audit_logs
in the Snowflake connection definition to false
.
The frequency at which Okera synchronizes the audit logs is defined by the AUDIT_LOGS_SYNC_FREQUENCY_MINS
configuration parameter, which defaults to 30 minutes and must be less than 180 minutes (3 hours). Valid values range from 1 minute to 180 minutes (3 hours). If you specify a value larger than 180 minutes, Okera defaults to 180 minutes.