Audit Log Processing¶
Snowflake compliance history is logged, by default, in Okera audit logs. The Okera audit log writer asynchronously processes Snowflake's external audit logs. The Snowflake audit logs are stored with other Okera audit logs in the location specified by the
OKERA_STAGING_DIR configuration parameter.
To stop this logging, change the advanced property
okera.policy_sync.audit_logs in the Snowflake connection definition to
The frequency at which Okera synchronizes the audit logs is defined by the
AUDIT_LOGS_SYNC_FREQUENCY_MINS configuration parameter, which defaults to 30 minutes and must be less than 180 minutes (3 hours). Valid values range from 1 minute to 180 minutes (3 hours). If you specify a value larger than 180 minutes, Okera defaults to 180 minutes.