I have a policy requirement that logs are stored and accessible for 6 months. after 6 months the oldest logs can be deleted.
how do i do this?
I found the indices tap under system but there i can just define how many log entries before the index is deleted.
I think its possible because i saw a post somewhere where someone suggested… i think the syntax was something like p1w for 1 week im not really sure. but i have no clue where to set it and what the syntax would be for 6 months.
Any help would be greatly appreciated