Create data policies#
To create a data retention policy:
Go to Data configuration (
) > Policies.Select + (Create retention policy).
Then in the Create retention policy panel that opens, fill out the following fields:
Note
Required fields are marked with an asterisk (*).
General#
Field name |
Description |
|---|---|
Name* |
Set the name for this policy |
Policy description |
Set a description for this policy |
Enabled |
Select to enable this policy. |
Schedule#
Field name |
Default |
Description |
|---|---|---|
Execution schedule |
|
Set how frequently this policy should run. |
Scope#
You can set one scope per policy.
Field name |
Description |
|---|---|
Delete after* |
Enter a number. Depends on Period and Starting from fields. |
Period* |
Sets the length of time that the Delete after field would indicate. Select a period of time:
|
Starting from* |
Sets the object event from which this policy’s scope would be calculated against. Select one of the following:
|
Sources* |
Select at least one source. This policy will only affect objects belonging to these sources. |
Actions#
Set an action for the policy to perform when run.
You can set one Delete entities and one Delete observables action per policy.
Warning
Actions set here are irreversible once performed by the policy.
Delete entities#
In the Entity types* field, select one or more entity types to target with the policy.
When a policy with a set Delete entities action runs, it deletes all entities:
that have the set Entity types
that are within the set Scope
When entities are deleted by a policy, it does not delete its related observables and may leave them orphaned (with no parent entity):
Delete observables#
Caution
Delete observables actions are skipped by default from 2.12.0 onwards because of performance issues.
(Not recommended) To enable Delete observables actions, see Update platform_settings.py.
In the Observable types* field, select one or more observable types to target with the policy.
When a policy with a set Delete observables action runs, it deletes all observables:
that have the set Observable types
that are within the set Scope
entities that are directly related to the observable
related observables that have the target observable as their only relation
|
|
|
The retention policy deletes the targeted observable. It also deletes the entity that is directly related to the observable, as well as any other observables that are directly related to the entity. |
The retention policy deletes the targeted observable. It also deletes directly related observables, unless they are related to other observables or entities. |
The retention policy deletes the targeted observable. It does not delete directly related observables, if they are related to other observables or entities. |
Exceptions#
Set exceptions for this policy:
Field name |
Description |
|---|---|
Exclude data in static datasets |
Select to exclude objects that are part of at least one static dataset (a dataset without Dynamic enabled). |
Exclude data in user tasks |
Select to exclude objects that are
included in at least one user task ( |
Exclude data in workspace public dashboards |
Select to exclude objects that are pinned to the dashboards of at least one Listed or public workspace. |
Exclude master entities in entity rules |
Select to exclude entities that are set as Master entities in entity rules that perform a Merge similar operation. |
Exclude draft entities |
(Not available) |
Exclude entities with these tags |
Select one or more tags. Entities with these tags are not targeted by this policy. |
Save the policy#
Once done, you can:
Save and run now: Select to save the policy and immediately run it.
Save: Saves the policy.