Bug ID 705274: Policy Audit Log should be cleaned by data size as well as number of rows

Last Modified: May 07, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP ASM(all modules)

Known Affected Versions:
12.1.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1, 12.1.1 HF1, 12.1.1 HF2, 12.1.2, 12.1.2 HF1, 12.1.2 HF2, 12.1.3, 12.1.3.1, 12.1.3.2, 12.1.3.3, 12.1.3.4, 12.1.3.5, 12.1.3.6, 12.1.3.7, 12.1.4, 12.1.4.1, 13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1, 13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5, 13.1.0.6, 13.1.0.7, 13.1.0.8, 13.1.1, 13.1.1.1, 13.1.1.2, 13.1.1.3, 13.1.1.4, 13.1.1.5, 14.0.0, 14.0.0.1, 14.0.0.2, 14.0.0.3, 14.0.0.4

Fixed In:
14.1.0

Opened: Feb 04, 2018
Severity: 3-Major

Symptoms

When the Policy Audit Log row count is less than the maximum, but each row is very large, the total size causes errors in synchronization to the secondary blade of a chassis.

Impact

Errors in synchronization to the secondary blade of a chassis.

Conditions

-- The Policy Audit Log row count is less than the maximum. -- Each row contains a lot of data.

Workaround

As a workaround, you can delete records from the Policy Audit Log (PL_CONFIG_LOG) using the following sql command: -------------------------------------------- CREATE TEMPORARY TABLE PROTECTED_CONFIG_LOG (config_log_id int); INSERT INTO PROTECTED_CONFIG_LOG SELECT MAX(config_log_id) AS max_config_log_id FROM PLC.PL_CONFIG_LOG config_log2 WHERE config_log2.is_policy_version_event = 1 GROUP BY policy_id; DELETE FROM PLC.PL_CONFIG_LOG where length(description) > 20000 and config_log_id not in (SELECT config_log_id from PROTECTED_CONFIG_LOG); ---------------------------------------------

Fix Information

Now, in addition to cleaning the Policy Audit Log when the number of rows is greater than the maximum allowed, the table is also cleaned when its total size is greater than the maximum allowed.

Behavior Change