You can stream log files from a log source server group (infrastructure and workload servers) to a central Log Data Lake infrastructure node and back them up for long-term retention to meet audit, compliance, and forensic requirements.
This approach provides a centralized and scalable method for retaining backup job activity, success/failure events, and operational logs. By streaming logs to a central repository, you avoid the complexity and storage overhead of extending local log retention for months or years on individual client computers.
Use Cases
This solution supports the following use cases:
-
Long-term retention driven by regulatory compliance requirements
-
Centralized analytics of backup job activity across the log source server group
-
Forensic investigations requiring historical log data
Compliance Mapping
Supports Audit requirements, SOX evidence retention, ISO 27001 logging controls, and regulatory investigations.
Log Streaming to a Central Repository
-
Identify the servers in your log source server group that will stream logs.
-
Configure log streaming on each source server to send logs to the Log Data Lake infrastructure node.
For detailed configuration steps, see Streaming Log Files Between Client Computers.
Backing Up the Log Data Lake
-
Create a File System backup subclient on the Log Data Lake infrastructure node.
-
Configure the subclient to back up the %LogFiles% content path.
-
Apply retention settings based on your compliance requirements.
For information about configuring file system backups, see Getting Started with UNIX, Windows, and Macintosh File Systems.